Privacy Policy

Last updated: 30 January 2026

1. Introduction

CliniQ+ ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered psychiatry education platform.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using CliniQ+, you consent to the data practices described in this policy.

2. Data Controller

CliniQ+ is the data controller for the personal data processed through this platform. For any data protection queries, please contact us at:

Email: privacy@cliniqplus.com

3. Data We Collect

We collect and process the following categories of personal data:

Account Information

Email address (required for authentication)
Display name (if provided during sign-up)
Profile picture URL (if provided during sign-up)

Exercise Data

AI-generated exercise content (fictional clinical scenarios)
Exercise selections and preferences
Custom reflective questions you create
Exercise creation timestamps

Reflection Data

Your written reflections and notes
AI mentor conversation history
Reflection timestamps

Technical Data

IP address (for security and analytics)
Browser type and version
Device information
Usage patterns and session data

4. AI-Generated Content

CliniQ+ uses artificial intelligence to generate exercise content and reflection responses. You acknowledge and agree that:

AI-generated content may contain inaccuracies, errors, or biases
AI responses are not reviewed by medical professionals before delivery
AI cannot replicate the nuance and complexity of real clinical practice
You should critically evaluate all AI-generated content
We do not guarantee the accuracy, completeness, or appropriateness of AI content

5. Third-Party Services

We use the following categories of third-party services to operate CliniQ+:

🔐

Database & Authentication Provider

Stores your account data, exercises, and reflections. Data is hosted in EU/UK compliant infrastructure.

🤖

AI Service Provider

Generates exercise content and AI mentor responses. Your exercise preferences and reflections are sent to this provider for processing. The provider's data processing terms apply.

🌐

Hosting Provider

Hosts and serves the application. May process IP addresses and technical data for CDN and security purposes.

6. International Data Transfers

Some of our third-party service providers (Google, Vercel) may process data outside the UK/EEA. Where this occurs, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the UK ICO
Adequacy decisions where applicable
Provider certifications and compliance frameworks

7. Data Retention

We retain your data as follows:

Account Data: Retained while your account is active and for 30 days after deletion request
Exercise Data: Retained until you delete the exercise or your account
Reflection Data: Retained with the associated exercise
Technical Logs: Retained for up to 90 days for security purposes

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right of Access

Request a copy of your personal data

Right to Rectification

Request correction of inaccurate data

Right to Erasure

Request deletion of your data

Right to Data Portability

Export your data in a machine-readable format

Right to Restrict Processing

Limit how we use your data

Right to Object

Object to certain types of processing

To exercise your rights: Use the "Export My Data" button in Settings, or contact us at privacy@cliniqplus.com. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your data:

Encryption in transit and at rest
Access controls to ensure users can only access their own data
Secure authentication protocols
Regular security audits and vulnerability assessments
Input validation and sanitization

10. Important: No Real Patient Data

CliniQ+ is for educational purposes only. All clinical scenarios are AI-generated and fictional. You must never enter real patient information (Protected Health Information/PHI) into the platform. We do not process, store, or transmit PHI. If you accidentally enter real patient data, delete the exercise immediately and contact us.

11. Cookies

We use essential cookies for:

Authentication session management
Theme preference (light/dark mode)

We do not use tracking cookies or third-party advertising cookies.

12. Children's Privacy

CliniQ+ is intended for medical professionals and students aged 18 and over. We do not knowingly collect data from children under 18. If you believe a child has provided us with personal data, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date and, where appropriate, through in-app notifications. Your continued use of CliniQ+ after changes constitutes acceptance of the updated policy.

14. Contact Us

For privacy-related questions or to exercise your rights, contact us at:

Email: privacy@cliniqplus.com

Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.