Introduction
Welcome to SymptomDx. We provide specialized clinical decision support protocols and diagnostic guidelines designed for healthcare professionals. As an organization based in Toronto, Canada, we adhere to rigorous standards regarding the collection, use, and protection of your Personal Information. This Policy explains our data practices and your rights under applicable global data protection laws.
Privacy Highlights
| Data Category | Primary Purpose | Key Partners |
|---|---|---|
| Contact Details | Account management and critical updates | Postmark, Resend |
| Account Credentials | Secure authentication and access control | Supabase |
| Payment Info | Subscription billing and fraud prevention | Stripe |
About Us & Jurisdiction
SymptomDx is operated by SymptomDx Clinical Solutions Inc., a company incorporated in the province of Ontario, Canada. Under the GDPR, we act as the "Data Controller" for the information processed through our services. Under the CCPA, we are defined as a "Business."
Contact Our Privacy Officer
If you have questions regarding this Policy or wish to exercise your statutory data rights, please contact our designated Privacy Officer:
SymptomDx Privacy Officer
Important Notice: Patient Data
SymptomDx is a clinical decision support platform for practitioners. We do not collect, store, or process Protected Health Information (PHI). Do not enter identifiable patient data into any search field or interactive module within the application.
Analytics & Cookies
We use Google Analytics 4 to understand how visitors use SymptomDx (which pages are viewed, traffic sources, device categories, and aggregate engagement). Analytics help us prioritize content and improve the platform; they do not collect Protected Health Information.
Google Analytics is loaded with Google Consent Mode v2. On your first visit you are presented with a consent banner. Until you Accept, no analytics cookies or identifiers are set and Google only receives cookieless, anonymized pings. Declining does not break any functionality of the site — every clinical tool, search, and protocol continues to work normally.
If you Accept, Google Analytics sets the following cookies on your device:
_ga— distinguishes unique visitors (valid for up to 2 years)._ga_<container-id>— persists session state for our specific GA4 property (valid for up to 2 years).
You can change your decision at any time using the link below or in the site footer. Clearing your browser's site data will also reset your choice. We do not use cookies for advertising or personalization.
Data Security & Sovereignty
We maintain technical and organizational safeguards to prevent unauthorized access or disclosure. While our primary operations are in Canada, we utilize global infrastructure providers (such as Vercel and Supabase) that comply with SOC2 and other international security standards. All data transfers are protected via industry-standard TLS/SSL encryption.