Privacy
This notice covers the clindesk.ai website and the surrounding services a ClinDesk customer touches, the subscription checkout, the license-verification call the Mac app makes, and the encrypted push relay that forwards notifications to the ClinDesk Companion phone app.
The ClinDesk Mac application itself processes patient data on your own Mac. Patient names, phone numbers, message contents, and generated replies never leave your Mac in readable form. When the Mac sends a notification to your paired phone, it first encrypts the full payload with a key only your Mac and your phone hold, then hands the ciphertext to our relay, neither we nor Apple can decrypt it.
Who we are
The controller responsible for this website is ClinDesk LLC, 30 N Gould St, STE R, Sheridan, WY 82801, USA. Contact: emin@clindesk.ai.
What data we process
We keep this lean. There are no sign-up forms, no accounts, no tracking cookies. Data is processed only in the situations below:
1. When you load a page
Our hosting provider, Cloudflare, Inc., automatically receives technical data needed to serve the page: your IP address, user agent, the URL requested, timestamp, and basic HTTP headers. This is standard for any website and is kept only for short-term operational and security purposes.
2. Analytics
We use Cloudflare Web Analytics to understand which pages are visited and how the site performs. It is cookie-less and does not use cross-site identifiers. It collects anonymised page-view and performance metrics (e.g. page path, country, device type, Core Web Vitals).
You can read Cloudflare's documentation on this product at cloudflare.com/web-analytics.
3. When you email us
If you email us (for example to request beta access), we receive your email address and whatever you choose to include in your message. We use this only to reply to you. Email is delivered via Google Workspace (our email provider).
4. When you subscribe to ClinDesk
Subscription checkout and billing are operated by Paddle.com Market Limited as our merchant of record. When you purchase, Paddle collects and processes your email address, billing address, payment details, and tax information. We do not see your card details, Paddle handles the payment flow end-to-end and is PCI-DSS Level 1 certified.
We receive back from Paddle only what we need to keep your subscription working: your email, subscription status (active, past due, canceled), and the license key generated at checkout. See Paddle's own privacy notice at paddle.com/legal/privacy for full details.
5. When your Mac app verifies its license
The ClinDesk Mac app periodically contacts our license server at
api.clindesk.ai with your license key to confirm the
subscription is active. The server returns a signed receipt containing
your subscription status and the email address on the subscription. The
server sees your IP address at the time of the call. No patient data is
sent or received. This service runs on Cloudflare Workers.
6. When the Mac app sends you an encrypted notification
If you pair the ClinDesk Companion app on your iPhone or Android phone
with your Mac, your Mac encrypts each notification with a key that only
your two devices share, then posts the ciphertext to our push relay at
api.clindesk.ai. The relay forwards it to Apple Push
Notification service (APNs) on iPhone, or Firebase Cloud Messaging
(FCM) on Android, for delivery to your phone. Neither we, Apple, nor
Google can decrypt the payload. The relay briefly sees your device push
token (so APNs or FCM knows where to deliver) and the ciphertext size,
and then forgets the message.
Cookies
We do not set cookies on this website.
Legal bases
Under the EU GDPR and applicable US state privacy laws, we rely on:
- Legitimate interest, to serve the site, keep it secure, and understand aggregate, non-identifying usage (analytics).
- Performance of a (pre-)contract or your request, when you email us about the product.
Recipients and transfers
We share personal data with the following processors and sub-processors, only as needed to operate ClinDesk:
- Cloudflare, Inc. (USA), hosts the marketing site and Web Analytics, the license-verification and push-relay worker at
api.clindesk.ai, and serves Mac app downloads from R2. - Paddle.com Market Limited (UK, with US and EU entities), merchant of record for subscriptions; handles checkout, payment, tax, invoicing, and the customer billing portal.
- Apple Inc. (USA), delivers encrypted push notifications from your Mac to your paired iPhone via APNs. Receives ciphertext only.
- Google LLC (USA), delivers encrypted push notifications from your Mac to your paired Android phone via Firebase Cloud Messaging (FCM), receiving ciphertext only, and provides Google Workspace email delivery when you write to us.
These transfers outside the EU/EEA are covered by the providers' standard safeguards (e.g. standard contractual clauses, adequacy mechanisms where applicable).
Retention
- Server logs: short-term, as managed by Cloudflare.
- Analytics: aggregated, retained by Cloudflare according to their policy.
- Emails you send us: kept as long as needed to handle your enquiry, and then archived or deleted.
Your rights
You can ask us to access, correct, or delete personal data we hold about you, restrict or object to processing, and, where applicable, receive it in a portable form. You can also lodge a complaint with a supervisory authority (in the EU, your local data protection authority). To exercise any of these rights, email emin@clindesk.ai.
Automated decision-making
We do not use your personal data for automated individual decisions, including profiling, that produce legal effects concerning you or similarly significantly affect you. The clinical signals the Mac app generates (intake summaries, urgency flags) are heuristics shown to a clinician, who makes every decision; they are not used for any decision about you as a website visitor or subscriber.
Data breaches
In the unlikely event of a personal-data breach, we will notify the relevant supervisory authority and (where required by law) you directly, within the timeframes set by the EU GDPR (typically 72 hours for the authority where applicable) and any applicable US state laws. Because the Mac app processes patient data only on your own device, a breach of our services would not, by design, expose patient names, conversations, or summaries.
For clinics under the GDPR
If you are a clinic in the EU/EEA or UK and your supervisory authority requires a Data Processing Agreement, write to us at emin@clindesk.ai and we'll provide one. Note that, by design, ClinDesk does not transmit patient data to us, it is processed on your own Mac. The personal data we do process on your behalf (license email, subscription status, anonymized push-relay traffic) is described above.
No sale of personal data
We do not sell your personal data, do not share it for cross-context behavioural advertising, and do not provide it to data brokers.
Security
The site is served over HTTPS. We do not collect sensitive data through the site.
Children
This website is aimed at medical professionals and is not directed at children.
Changes
We may update this notice as the site evolves. The "last updated" date above reflects the most recent change.