Privacy Policy

Effective date: January 26, 2026

1. Overview

This Privacy Policy explains how SynqRx collects, uses, and protects information when you use our services. We are committed to protecting personal health information (PHI) and complying with applicable privacy laws.

2. Information we collect

We collect account information (such as email and pharmacy details), patient data entered by authorized users, and technical data needed to operate and secure the service.

3. How we use information

Information is used to provide the service, maintain security, support users, and improve features. We do not sell PHI or customer data.

4. Data storage and residency

Patient data is stored in Canada. We use reputable service providers and apply safeguards to protect information in transit and at rest. If a cross-border subprocessor is required, we will disclose this and ensure appropriate contractual safeguards.

5. Access controls and security

Access is restricted to authorized users. We use encryption, authentication controls, and audit logging to reduce risk of unauthorized access or disclosure.

6. Retention and deletion

Patient records are retained for at least 10 years from the last date of service. We support secure archival and purge only after retention requirements are met. See our Information Practices for details.

7. Access and correction

Access to PHI and corrections are managed by the customer (your pharmacy) in accordance with applicable health privacy laws. We assist customers in fulfilling these requests.

8. Third-party services

We use third-party providers for hosting, payments, and analytics. These providers are contractually required to protect information and use it only to deliver services.

  • Supabase (Canada region) — database, authentication, and storage
  • Vercel — application hosting (no PHI stored)
  • Stripe — billing and payment processing
  • Cloudflare Turnstile — bot protection

9. Breach notification

In the event of a privacy or security incident, we will notify customers without undue delay and support required regulatory notifications.

10. Contact

Questions or requests related to privacy can be sent to info@m1labs.io.