Privacy Policy

We use your data exclusively to provide and improve the Kinmetry service:

• Display your health records, metric trends, and medication schedule within your account.
• Send your report text or health context to our AI provider to generate report summaries, metric explanations, and assistant responses.
• Send uploaded files to our OCR service to extract structured data from lab reports.
• Generate clinical health summaries you choose to share with a physician.
• Send you transactional emails (e.g. password reset). We do not send marketing emails without explicit consent.
• Detect and prevent fraudulent or abusive use of the service.

We do not sell, rent, or share your personal health data with any third party for commercial purposes.

The information you upload to Kinmetry — including lab report files, extracted biomarker values, medication records, and any AI conversation containing health context — constitutes "special category" personal data under Article 9 of the EU General Data Protection Regulation (GDPR) and equivalent laws in other jurisdictions. We treat this data with the highest level of protection.

• Uploaded lab report files (PDF, images)
• Extracted biomarker values, reference ranges, and status flags
• Medication names, dosages, frequencies, and administration logs
• Health context included in AI Health Assistant conversations
• Optional profile data you voluntarily provide (date of birth, biological sex, blood type)

To provide core functionality, Kinmetry passes a minimum necessary subset of your data to the following sub-processors:

• OCR Service — receives the file you upload in order to extract text. The file is not retained after processing.
• AI Provider — receives relevant health context (metric values, report summaries) to generate responses. Mainland China users: DeepSeek (China), servers located in China, subject to Chinese data protection law (PIPL). All other users: OpenAI (United States), governed by OpenAI's Data Processing Addendum and EU Standard Contractual Clauses. Data is never used for model training by either provider.
• Cloudflare R2 — stores uploaded report files. Files are encrypted at rest. Cloudflare does not access file contents.
• Google OAuth (optional) — if you choose to sign in with Google, we receive your name, email, and profile picture from Google.

All sub-processors are contractually bound to process data only on our behalf and in accordance with applicable data protection law.

• Your data is stored in a PostgreSQL database hosted in a secure cloud environment.
• Uploaded report files are stored in Cloudflare R2 object storage with server-side encryption.
• All data in transit between your browser and our servers is encrypted via TLS 1.2 or higher.
• Passwords are hashed with bcrypt and never stored in plain text.
• Access to production systems is restricted to authorised personnel via key-based authentication.

While we implement industry-standard safeguards, no system is completely immune to security risks. We encourage you to use a strong, unique password and to contact us immediately if you suspect unauthorised access to your account.

Depending on your location, you may have the following rights regarding your personal data. We honour these rights for all users regardless of jurisdiction:

• Right of access — you may request a copy of all personal data we hold about you.
• Right to rectification — you may correct inaccurate or incomplete data at any time in Settings.
• Right to erasure — you may permanently delete your account and all associated data from Settings → Privacy & Security.
• Right to data portability — you may request an export of your health data in a structured, machine-readable format.
• Right to object — you may object to any processing of your data that you believe is not justified.
• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, use the controls in Settings or contact us at [email protected]. We will respond within 30 days.

We retain your data for as long as your account is active. When you delete your account, all personal data — including health records, uploaded files, and conversation history — is permanently erased within 30 days. Anonymised, aggregated usage statistics (which cannot be linked back to you) may be retained for service improvement.

Kinmetry is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16 without verified parental consent. If you believe a child's data has been submitted without consent, please contact us and we will delete it promptly.

Your data may be transferred to and processed in countries outside your country of residence, including the United States, where our infrastructure providers operate. When transferring data from the European Economic Area (EEA), we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure an adequate level of protection.

Kinmetry uses only essential session cookies necessary to keep you signed in. We do not use advertising cookies, tracking pixels, or fingerprinting technologies. No cookie consent banner is required because we use no non-essential cookies.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via a prominent notice in the application at least 14 days before the change takes effect. Your continued use of Kinmetry after the effective date constitutes your acceptance of the updated policy.

Kinmetry is the data controller for personal data processed under this policy. If you have questions, concerns, or requests relating to your privacy, please contact us:

• Email: [email protected]
• Response time: within 30 days

If you are located in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.