Privacy Policy

1. Introduction

PharmaDiagrams ("we", "us", or "our") is operated by Bartlomiej Baran Ventures Limited, a company registered in Dublin, Ireland. We are committed to protecting your privacy and handling your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website at www.pharmadiagrams.com and our application at app.pharmadiagrams.com (collectively, the "Service").

2. Data Controller

The data controller responsible for your personal data is:

3. Personal Data We Collect

We collect the following personal data when you register for and use our Service:

Account Information

• Email address - Used for account creation, authentication, and service communications
• Name - Used to personalize your experience and identify you within collaborative features

Usage and Analytics Data (Application Only)

When you use our application at app.pharmadiagrams.com, we collect the following data to improve our Service:

• Feature usage data - Which features you use and how you interact with the application
• Session information - Page views, navigation patterns, and time spent in the application
• Device and browser information - Browser type, operating system, screen resolution, and device type
• IP address - Used for approximate geolocation and security purposes

Error and Performance Data (Application Only)

To maintain and improve service reliability, we collect:

• Error reports - Technical information about errors and crashes, including stack traces
• Performance metrics - Page load times and application performance data
• Browser console data - Error messages that help us diagnose issues

We take care to minimize personally identifiable information in error reports through automated scrubbing and redaction.

Website Analytics (Landing Page Only)

On our marketing website at www.pharmadiagrams.com, we use Plausible Analytics, a privacy-focused analytics service that does not use cookies and does not collect personal data.

4. Legal Basis for Processing

Under the GDPR, we process your personal data based on the following legal grounds:

• Contract performance - Processing your email and name is necessary to provide you with the Service you requested
• Legitimate interests - We may process data for security, fraud prevention, and improving our Service
• Consent - Where required, we will obtain your explicit consent before processing

5. How We Use Your Data

We use your personal data for the following purposes:

• To create and manage your account
• To provide access to the PharmaDiagrams editor and dashboard
• To enable collaboration features (check-in/out editing, review workflows)
• To send important service updates and notifications
• To respond to your inquiries and provide support
• To maintain audit trails for compliance purposes (Enterprise tier)

6. Data Storage and Security

Your personal data is stored securely using industry-standard encryption and security measures. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with the Service. You may request deletion of your data at any time (see Section 8). When you delete your account, your personal data will be removed within 30 days, except where we are required to retain it for legal or regulatory purposes.

8. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

• Right of access - You can request a copy of your personal data
• Right to rectification - You can request correction of inaccurate data
• Right to erasure - You can request deletion of your personal data
• Right to restriction - You can request limited processing of your data
• Right to data portability - You can request your data in a machine-readable format
• Right to object - You can object to processing based on legitimate interests
• Right to withdraw consent - Where processing is based on consent, you can withdraw it at any time

How to exercise your rights: You can download or delete your data directly from your dashboard at app.pharmadiagrams.com, or by contacting us at contact@pharmadiagrams.com.

9. Cookies and Analytics

Landing Page (www.pharmadiagrams.com)

On our marketing website, we use Plausible Analytics, a privacy-focused analytics service that does not use cookies and does not collect personal data. Plausible is compliant with GDPR, CCPA, and PECR. No consent banner is required as no personal data is processed for analytics purposes.

Application (app.pharmadiagrams.com)

In our application, we use the following tools:

• PostHog - Product analytics to understand how users interact with features, identify usability issues, and improve the application. PostHog may use cookies to track sessions across page loads.
• Sentry - Error monitoring to detect, diagnose, and fix bugs and performance issues. Sentry collects error data, stack traces, and browser information when errors occur.

The legal basis for this processing is our legitimate interest in maintaining and improving the quality, security, and reliability of our Service (Article 6(1)(f) GDPR). We have conducted a balancing test and determined that this processing does not override your rights and freedoms, as:

• The data is used solely for service improvement and bug fixing
• We implement data minimization and PII scrubbing
• You can opt out of analytics tracking (see below)
• We do not sell or share this data for advertising purposes

Your Choices

You can opt out of analytics tracking by enabling "Do Not Track" in your browser settings or by contacting us at contact@pharmadiagrams.com.

Essential Cookies

We use essential cookies strictly necessary for the operation of the Service, such as session authentication. These cookies do not require consent under GDPR as they are essential for the service to function.

10. Third-Party Data Sharing

We do not sell, rent, or trade your personal data to third parties. We share your data only with trusted service providers who assist in operating our Service, each bound by data processing agreements (DPAs) that ensure GDPR compliance.

Our Data Processors

We may also share your data when required by law or to protect our legal rights.

11. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

12. Children's Privacy

Our Service is not intended for children under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

14. Complaints

If you have concerns about how we handle your personal data, please contact us first at contact@pharmadiagrams.com. You also have the right to lodge a complaint with a supervisory authority, such as the Data Protection Commission (DPC) in Ireland.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: