Path-iQ Intelligence · For academic and research use only · Not a medical device
Home / Legal / Data Safety
Data Disclosures

Data Safety summary

Last updated: October 2025 · Aligned with Google Play Data Safety

Jump to section
  1. Highlights
  2. Data collected
  3. Data shared
  4. Security practices
  5. Purposes
  6. Your choices
This is a plain-English summary of the data the Path-iQ mobile apps collect, share, and protect. It mirrors the Google Play Data Safety section and the Apple App Privacy nutrition labels. For the full legal description, see our Privacy Policy.

01Highlights

  • No advertising. Path-iQ contains zero advertising SDKs and shows no ads.
  • No cross-app tracking. We do not use IDFA, Google Advertising ID, or third-party trackers.
  • No selling of personal data. We never sell personal data.
  • Encryption in transit and at rest. AES-256 at rest, TLS 1.2+ in transit.
  • Account & data deletion supported. You can request deletion at any time. See Account & Data Deletion.
  • Healthcare-grade infrastructure. Architected for HIPAA, GDPR, and KSA PDPL alignment with data residency options.

02Data the apps collect

The Path-iQ apps collect the following data categories. Each row maps to a Google Play Data Safety category for clarity.

Personal info — Name, email
Collected. Required for account creation and authentication. Linked to your account.
Personal info — User ID
Collected. Internal user identifier, used for access control and audit logging. Linked to your account.
Personal info — Professional credentials
Collected where role requires verification (pathologist license, etc.). Linked to your account.
Health & fitness — Health info
Processed on behalf of our customers. Whole-slide images, patient identifiers, and clinical metadata. The originating lab is the controller.
Photos and videos — Photos
Collected only when you choose to attach an image (e.g. slide label) to a case. Linked to the case workspace.
Files and docs — Files
Collected when you attach a document to a case. Linked to the case workspace.
App activity — App interactions
Collected for audit and clinical safety. Every view, annotation, AI invocation, and sign-out is logged.
App info & performance — Crash logs
Collected. Used to diagnose issues and improve the app.
App info & performance — Diagnostics
Collected. Performance metrics and error diagnostics.
Device or other IDs
Collected. App-installation UUID and push notification token. We do not use advertising IDs.
Location — Approximate
Derived from IP for security analytics. Not collected from device GPS.
Contacts
Not collected.
Calendar
Not collected.
Messages — SMS, email content
Not collected.
Audio — Voice / recordings
Not collected.
Web browsing
Not collected.

03Data shared with third parties

Data is shared with third parties only as service providers under Data Processing Agreements, never for advertising or marketing.

Cloud infrastructure provider
Compute, storage, KMS. Hosts encrypted case and account data under DPA. Region selected by customer.
Push notification services
Apple Push Notification service (APNs) and Firebase Cloud Messaging (FCM) used to deliver notification payloads. Payloads do not contain PHI.
Crash and performance monitoring
A monitoring service receives crash stacks and performance metrics. No PHI included.
Customer support tooling
Tickets and conversations are stored in support tooling under DPA.
Payment processor
For enterprise billing, our payment processor handles card data. Path-iQ does not store full card numbers.

An up-to-date sub-processor list is available to active customers on request.

04Security practices

  • Encryption at rest. AES-256.
  • Encryption in transit. TLS 1.2 or higher.
  • Access controls. Role-based at the lab, hospital, and pathologist levels. MFA available.
  • Audit logging. Every action is logged, tamper-evident, and exportable.
  • Device-side protections. Mobile cache encrypted; biometric unlock supported via the device secure enclave.
  • Incident response. Documented process with notification timelines.
  • Data deletion. Users can request deletion through the app or by email.

05Purposes

Data is used to:

  • Provide and operate the Services (app functionality, account management).
  • Maintain clinical workflows and audit trails.
  • Authenticate users and protect against unauthorised access.
  • Deliver notifications you have opted in to receive.
  • Diagnose errors, monitor performance, and improve the apps.
  • Provide support and respond to feedback.
  • Meet legal and regulatory obligations.

We do not use data for advertising, profiling for advertising, or behavioural marketing.

06Your choices

  • Permissions. Camera, photo library, and notifications can be allowed or denied in your device settings. The app explains why each permission is requested at the point of use.
  • Notifications. Configure or disable notifications in Settings → Notifications inside the app, or in your device settings.
  • Account deletion. Available via Account & Data Deletion.
  • Data subject rights. See our Privacy Policy — Your rights.
Privacy Policy Delete account Support All policies

© 2025 Path-iQ. All rights reserved.