Data protection & regulatory notice
How Decode processes personal and health-related data.
Last updated: May 2026. This notice explains how Decode by FemHealth.Science processes personal and health-related data. It is not legal advice.
1. Who is responsible?
Controller: FemHealth.Science, operator of Decode.
Contact: privacy@femhealth.science
2. Regulatory positioning (not a medical device)
Decode is designed and marketed as an educational information tool. It:
- Does not diagnose disease, predict clinical outcomes, or recommend treatment.
- Does not replace the judgment of a licensed clinician.
- Extracts values from your uploaded report and adds general women’s-health context for learning and visit preparation.
Intended status: Decode is not placed on the market as a medical device and is not CE/UKCA marked. We do not claim compliance with EU MDR 2017/745, UK MDR 2002, or FDA device regulations. If product scope changes (e.g. automated diagnosis, treatment pathways, or integration into clinical decision workflows), regulatory classification must be reassessed before launch.
Your responsibility: Do not use Decode for emergency triage or sole decision-making. Seek clinical care for urgent symptoms.
3. Health data and identifiers
Lab reports can contain health data and personal identifiers. Decode asks you to review the text before upload and provides a Remove common identifiers helper for pasted text and text-based PDFs. This lowers privacy risk, but the remaining lab values may still be personal health data under GDPR.
Decode currently supports English uploads only. Screenshots, photos, and scanned PDFs are paused in the web app until identifiers can be redacted before extraction.
4. What data is processed?
| Data | Where it goes | Stored by Decode? |
|---|---|---|
| Lab report text you upload or paste | Sent to our serverless API, then to our AI extraction provider for extraction (and optionally summary generation) | No. Not written to our database. Processed in memory for the request. |
| Extracted markers (name, value, unit, range) | Returned to your browser; may be sent to our AI provider for a short GP-style summary | No server-side history. Session lives in your browser until you leave. |
| Optional life-stage context (age, cycle day, life stage, free-text notes) | Browser localStorage; if you are signed in, synced to our EU database for cross-device convenience | Yes. Only when you use a signed-in account and save context. |
| Account email | Our EU database. Used to identify your account. | Yes. While your account exists. |
| Pro wishlist opt-in (optional, beta only) | Our EU database. Only if you tick the box at sign-up. | Yes. So we can email you when paid features launch. |
| Issue reports (“Report an issue”) | Our EU database: issue category, description, report label, optional email | Yes. We do not store numeric lab values in issue reports. |
5. Lawful basis (GDPR)
- Account email (Art. 6(1)(b)): contract performance. No billing during beta. If paid plans launch, billing-related processing will only apply to users who choose to upgrade.
- Lab report & health-related processing (Art. 9(2)(a)): explicit consent. You confirm before Decode sends report text for AI extraction. You can choose not to upload a report, and you can ask us to delete account data at any time.
- Pro wishlist (Art. 6(1)(a)): consent. Stored only if you tick the box at sign-up. Withdraw by emailing privacy@femhealth.science.
- Issue reports (Art. 6(1)(f)): legitimate interest in improving extraction quality.
6. Service providers
We use trusted service providers to run Decode: secure hosting, a database for accounts and optional saved context, AI extraction, and payments if paid plans launch. During a decode, report text is sent to our AI extraction provider so the lab markers can be read.
For transparency, our current key providers are Anthropic for AI extraction, Supabase for account data, Vercel for hosting, and Stripe for payments if you choose a paid plan. Payments are not active during beta, and card details never touch Decode servers.
7. Retention
- Lab sessions: not retained on servers after processing.
- Account records: until you request deletion or the account is no longer needed.
- Issue reports: retained for quality review; contact us to request erasure.
8. Your rights and deletion requests
You can ask to access, correct, delete, restrict, or export your data. Email privacy@femhealth.science from the email address used for your Decode account, or include enough information for us to verify the request.
If you request deletion, we delete account data we control within 30 days of verification, including your account email, saved optional context, beta wishlist opt-in, and identifiable issue-report contact details. We do not have a server-side lab-report history to delete because full report text is not stored after processing.
You may lodge a complaint with your EU/EEA supervisory authority.
9. Security measures
- HTTPS everywhere; API rate limiting; origin checks on extraction endpoints.
- No advertising trackers; no sale of personal data.
- Minimise what we store, especially health data.