Privacy Policy

1. Data Controller

EKG Cases, operated by Dr. José Alencar, is the controller of personal data collected through this platform.

• Legal Name: José de Alencar Neto
• Contact email: privacy@ekgcases.com
• Website: ekgcases.com

2. Personal Data Collected

We collect the following types of personal data:

2.1. Registration Data

• Full name
• Email address
• Password (stored in encrypted form)
• Mini bio (optional)

2.2. Usage Data

• EKG interpretation history
• Scores and performance
• Configuration preferences (hospital type)
• Access date and time

2.3. Payment Data

• Subscription information
• Transaction history

Note: Credit card data is processed directly by Stripe and is NOT stored on our servers.

2.4. Technical Data

• IP address
• Browser and device type
• Operating system
• Cookies and session identifiers

3. Purposes of Data Processing

We use your personal data for the following purposes:

4. Data Sharing

Your data may be shared with:

All partners are contractually obligated to protect your data according to adequate security standards.

5. International Data Transfer

Some of our partners are located outside Brazil. International data transfers are conducted based on:

• Approved standard contractual clauses
• Recognized privacy certifications
• Countries with adequate levels of data protection

6. Data Retention

Your personal data is retained for the following periods:

• Account data: While the account is active + 5 years after deletion
• Usage data (interpretations): While the account is active
• Payment data: 5 years (tax obligation)
• Access logs: 6 months

7. Your Rights

Under applicable data protection laws, you have the following rights:

• Confirmation and access: Know if we process your data and access it
• Correction: Correct incomplete, inaccurate, or outdated data
• Anonymization or blocking: Of unnecessary or excessive data
• Portability: Receive your data in a structured format
• Deletion: Request deletion of data processed with consent
• Information: Know with whom we share your data
• Revocation: Revoke consent at any time
• Opposition: Object to processing in certain circumstances

To exercise any of these rights, contact us at: privacy@ekgcases.com

8. Data Security

We implement technical and organizational measures to protect your data:

• Encryption in transit (HTTPS/TLS)
• Encryption at rest for sensitive data
• Passwords stored with bcrypt hash
• Secure authentication with JWT tokens
• Unauthorized access monitoring
• Regular backups
• Restricted data access (principle of least privilege)

9. Cookies

We use cookies for:

• Essential cookies: Authentication and session security
• Preference cookies: Remember your settings

We do not use advertising tracking cookies or third-party marketing cookies.

10. Minors

The Platform is not intended for minors under 18 years of age. We do not intentionally collect data from minors. If you believe a minor has provided us with personal data, contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated by email or through a notice on the Platform.

We recommend reviewing this page regularly to stay informed of any changes.

12. Contact and Data Protection Officer

For questions related to privacy and data protection:

• Email: privacy@ekgcases.com
• Website: ekgcases.com

You may also file a complaint with applicable data protection authorities if you believe your rights have not been respected.