Privacy Policy

Effective Date: January 12, 2026

1. Information We Collect

When you use Standing.io, we collect information you provide directly, including:

  • Account information (name, email address, password)
  • Clinic information (clinic name, medical director, state)
  • Clinical protocol data (medication selections, dosing parameters, indications, contraindications)
  • Payment information (processed securely through our payment provider)

2. How We Use Your Information

We use your information to:

  • Create and manage your account
  • Generate and format your protocol book documents
  • Process payments and deliver services
  • Communicate with you about your account and orders
  • Improve our services and develop new features

3. Clinical Data

Standing.io is a document formatting tool. All clinical content (medication selections, dosages, indications, contraindications) is provided by you, the medical director. We do not modify clinical content. Clinical data is processed by AI models solely for formatting purposes and is not used to train AI models.

4. Data Storage & Security

Your data is stored securely using Supabase (PostgreSQL) with row-level security policies. We use industry-standard encryption for data in transit (TLS) and at rest. Access to your clinical data is restricted to your authenticated account and authorized administrators.

5. Third-Party Services

We use the following third-party services to operate Standing.io:

  • Supabase for database and authentication
  • OpenAI for document formatting (clinical data is sent to format protocols)
  • Vercel for application hosting
  • Stripe for payment processing (when applicable)

6. Data Retention

We retain your account and protocol data for as long as your account is active. You may request deletion of your account and associated data by contacting us. Upon deletion, your data will be permanently removed within 30 days.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your protocol book data
  • Withdraw consent for data processing

8. Contact

For privacy inquiries or to exercise your data rights, contact us at privacy@standing.io.