johan
/
inou
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
inou/portal/templates/privacy.tmpl

247 lines
11 KiB
Cheetah
Raw Blame History

{{define "privacy"}}
<style>
.privacy-container {
max-width: 1200px;
margin: 0 auto;
padding: 48px 24px 80px;
}
.privacy-card {
background: var(--bg-card);
border: 1px solid var(--border);
border-radius: 8px;
padding: 48px;
margin-bottom: 24px;
}
.privacy-card h1 {
font-size: 2.5rem;
font-weight: 700;
color: var(--text);
margin-bottom: 16px;
}
.privacy-card .intro {
font-size: 1.15rem;
font-weight: 300;
color: var(--text-muted);
line-height: 1.8;
margin-bottom: 0;
}
.privacy-card h2 {
font-size: 1.4rem;
font-weight: 600;
color: var(--text);
margin-top: 0;
margin-bottom: 24px;
}
.privacy-card h3 {
font-size: 1.1rem;
font-weight: 600;
color: var(--text);
margin-top: 24px;
margin-bottom: 8px;
}
.privacy-card h3:first-child { margin-top: 0; }
.privacy-card p {
font-size: 1rem;
font-weight: 300;
color: var(--text-muted);
line-height: 1.8;
margin-bottom: 16px;
}
.privacy-card p:last-child { margin-bottom: 0; }
.privacy-card strong {
font-weight: 600;
color: var(--text);
}
.privacy-card a {
color: var(--accent);
}
.inou-brand {
font-weight: 700;
color: var(--accent);
}
/* Footer */
.privacy-footer {
padding: 16px 0;
border-top: 1px solid var(--border);
display: flex;
justify-content: space-between;
align-items: center;
}
.privacy-footer-left {
font-size: 0.9rem;
color: var(--text-muted);
display: flex;
gap: 16px;
align-items: center;
}
.privacy-footer-left a {
color: var(--text-muted);
text-decoration: none;
}
.privacy-footer-left a:hover { color: var(--accent); }
.privacy-footer-right { font-size: 1rem; }
.privacy-footer-right .inou {
font-weight: 700;
color: var(--accent);
}
.privacy-footer-right .health {
font-weight: 400;
color: var(--text-muted);
}
/* Mobile */
@media (max-width: 768px) {
.privacy-container { padding: 24px 16px 48px; }
.privacy-card { padding: 32px 24px; }
.privacy-card h1 { font-size: 2rem; }
.privacy-card .intro { font-size: 1.05rem; }
.privacy-card h2 { font-size: 1.25rem; }
.privacy-card h3 { font-size: 1rem; }
.privacy-card p { font-size: 0.95rem; }
}
@media (max-width: 480px) {
.privacy-container { padding: 16px 12px 32px; }
.privacy-card { padding: 24px 16px; }
.privacy-card h1 { font-size: 1.75rem; }
.privacy-card .intro { font-size: 1rem; }
.privacy-card h2 { font-size: 1.15rem; }
.privacy-card p { font-size: 0.9rem; }
.privacy-footer { flex-direction: column; gap: 12px; text-align: center; }
.privacy-footer-left { flex-direction: column; gap: 8px; }
}
</style>
<div class="privacy-container">
<div class="privacy-card">
<h1>Your data. Your rules.</h1>
<p class="intro">We built <span class="inou-brand">inou</span> because health data is personal. Not personal like "preferences" — personal like your body, your history, your family. So we made privacy the foundation, not an afterthought.</p>
</div>
<div class="privacy-card">
<h2>What we collect</h2>
<h3>Account information.</h3>
<p>Name, email address, date of birth, and sex. Date of birth and sex help provide accurate medical context — an MRI interpretation differs significantly between a 6-year-old and a 16-year-old.</p>
<h3>Medical files you upload.</h3>
<p>DICOM images (MRI, CT, X-ray), lab results, genetic data, and any other health information you choose to share — photos, measurements, symptoms, or anything else you want to track or discuss with your AI.</p>
<h3>Security logs.</h3>
<p>IP addresses, for security purposes only. We do not collect physical addresses or phone numbers. Payment is handled by third-party processors — we never see your card details.</p>
</div>
<div class="privacy-card">
<h2>How we use it</h2>
<p>Your data is used solely to store and display your medical information. We do not perform AI analysis — you connect your own AI tools to access your data. We do not use your data to train AI models or for any purpose beyond providing the service.</p>
</div>
<div class="privacy-card">
<h2>Legal basis for processing</h2>
<p>We process your data based on your explicit consent, given when you create your account and upload health information. For account management and security (such as login sessions and IP logging), we rely on legitimate interest in operating a secure service. You may withdraw consent at any time by deleting your account — we will stop all processing immediately.</p>
<p>Genetic and genomic data is classified as special category data under GDPR Article 9. By uploading genetic data to <span class="inou-brand">inou</span>, you provide explicit consent for us to store and display it. We process this data solely to show it back to you and to transmit it to services you authorize. We do not analyze, profile, or make decisions based on your genetic information.</p>
</div>
<div class="privacy-card">
<h2>What we promise</h2>
<h3>We never share your data.</h3>
<p>Not with advertisers. Not with partners. Not with anyone. We will comply with lawful requests from authorities (such as court orders or subpoenas), but nothing else. In the event of a company acquisition, your data would not be sold — it would either transfer under the same privacy terms or be deleted.</p>
<h3>We never train AI on your data.</h3>
<p>Your scans, your labs, your DNA — none of it feeds any model. Period.</p>
<h3>We never sell your data.</h3>
<p>There is no business model that involves your information. You are the customer, not the product.</p>
<h3>We never track you.</h3>
<p>No Google Analytics. No Meta pixels. No tracking scripts. We have no idea what you click, where you came from, or where you go next.</p>
<h3>We never look at your data.</h3>
<p>Access requires your explicit request, is restricted to senior staff, and is logged in both your audit trail and ours.</p>
<h3>One cookie.</h3>
<p>We use one cookie to keep you logged in. Your language preference is stored in your account. No tracking, no analytics, no third parties.</p>
</div>
<div class="privacy-card">
<h2>How we protect it</h2>
<h3>HIPAA-grade security.</h3>
<p>HIPAA is the US law that governs how medical records must be protected. We follow those same standards.</p>
<h3>FIPS 140-3 encryption.</h3>
<p>FIPS 140-3 is the US government standard for cryptographic security. Your files are encrypted using FIPS 140-3 validated cryptography — tested, audited, and certified by independent labs.</p>
<h3>Security incident notification.</h3>
<p>If a security breach occurs that affects your personal data, we will notify you by email within 72 hours of becoming aware of the incident. That notification will tell you what happened, which data was affected, what we did to contain it, and what steps you can take to protect yourself. We will also notify relevant data protection authorities as required by GDPR, FADP, and applicable law.</p>
<h3>Independent infrastructure.</h3>
<p>We don't run on Big Tech clouds. No Google. No Amazon. No Microsoft. Data is stored on servers in the United States. If you access <span class="inou-brand">inou</span> from outside the US, your data crosses international borders. We apply the same security and privacy protections regardless of your location.</p>
</div>
<div class="privacy-card">
<h2>What you control</h2>
<h3>See everything.</h3>
<p>Request a full export of everything we store — in a format you can actually use.</p>
<h3>Fix anything.</h3>
<p>Found a mistake? You can correct it yourself, or ask us to help.</p>
<h3>Delete everything.</h3>
<p>One click. All your data — files, metadata, everything — permanently destroyed. No questions, no delays, no recovery. Backups exist solely to protect the service as a whole in case of disaster. Backup copies are overwritten within 30 days of deletion. We do not offer restores of individual accounts or deleted data.</p>
<h3>Take it with you.</h3>
<p>Want to move to another service? We'll export your data in standard formats. You're never locked in.</p>
<h3>Change your mind.</h3>
<p>Gave us permission for something? Revoke it anytime. We stop immediately.</p>
</div>
<div class="privacy-card">
<h2>About your AI</h2>
<p>When you connect your AI to <span class="inou-brand">inou</span>, your data travels through an encrypted bridge directly to your AI session.</p>
<p><strong>What we control:</strong> keeping your data encrypted, secure, and private on our side.</p>
<p><strong>What we can't control:</strong> what happens once your AI processes it. Each AI provider has their own privacy policy. We encourage you to read it.</p>
<p>We chose this architecture so your data is never copied, never stored by the AI, and never used for training — but ultimately, your choice of AI is your choice.</p>
</div>
<div class="privacy-card">
<h2>Not a medical device</h2>
<p><span class="inou-brand">inou</span> is a personal health data viewer. It is not a medical device and is not intended for clinical diagnosis, treatment, cure, or prevention of any disease or medical condition. The platform stores and displays your health data — it does not analyze, interpret, or act on it. Always consult a qualified healthcare professional for medical decisions.</p>
</div>
<div class="privacy-card">
<h2>Children's privacy</h2>
<p><span class="inou-brand">inou</span> is not available to users under 18 years of age — unless authorized by a parent or guardian. Minors cannot create accounts independently. A parent or guardian must set up access and remains responsible for the account. Parents or guardians retain full control and can revoke access at any time. Minors cannot share their information with third parties.</p>
</div>
<div class="privacy-card">
<h2>The legal stuff</h2>
<p>We comply with <strong>FADP</strong> (Swiss data protection), <strong>GDPR</strong> (European data protection), and <strong>HIPAA</strong> (US medical privacy) standards. Regardless of where you live, you get our highest level of protection.</p>
<p>We may update this policy. Registered users will be notified by email of material changes. Continued use after changes constitutes acceptance.</p>
<p>Regardless of your jurisdiction, you may request access to your data, correction of inaccuracies, or complete deletion of your account. We will respond within 30 days.</p>
<p>Data Protection Officer: <a href="mailto:privacy@inou.com">privacy@inou.com</a></p>
<p>This policy was last updated on March 10, 2026.</p>
</div>
{{template "footer"}}
</div>
{{end}}
Reference in New Issue View Git Blame Copy Permalink