At OncoBot, we respect your privacy and are committed to protecting your personal and health-related data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our medical oncology AI assistant. We understand the sensitive nature of health information and maintain strict confidentiality standards. For information about how we handle AI-generated content, see our AI Terms of Use.
Our Commitment to Privacy
OncoBot is designed with privacy at its core. We collect only the data necessary to provide and improve our clinical trial search services. We never sell your data to third parties, and we never use your health information for advertising.
Information We Collect
1. Usage Analytics
We use privacy-focused analytics to understand how our service is used:
Page views and navigation patterns (which pages you visit)
Search queries for clinical trials (not linked to your identity)
Interaction events (buttons clicked, features used)
Device information (browser type, operating system, screen size)
General location (country and state only, never precise location)
We DO NOT collect: Your name or email (unless you provide it), IP addresses, precise location data, or any cross-site tracking information.
2. Clinical Trial Interactions
To improve our matching and recommendation system, we track:
Which clinical trials you view (anonymized)
Trial match scores and ranking positions
When you click contact information or external links
When you expand eligibility criteria
Search filters and keywords used
3. Optional Health Profile
If you choose to create a health profile for personalized trial matching:
What we store: General cancer type and region, disease stage category, treatment history (surgery, chemo, radiation, immunotherapy), performance status, general molecular marker status
What we DON'T store: Your name, contact information, specific medical record numbers, detailed clinical notes, or physician information
Your control: You can skip the profile entirely, abandon it at any point, delete your profile data at any time, or update information when your situation changes
4. Account Information
If you create an account:
Email address for authentication
Authentication tokens for secure access
Account preferences and settings
5. Performance Metrics
We monitor technical performance to ensure a smooth experience:
Core Web Vitals (page load speed, interactivity, visual stability)
Search response times and API performance
Error occurrences (not personal details)
How We Use Your Information
To provide medical oncology information and clinical trial matching
To improve the accuracy and relevance of search results
To understand which features are most helpful
To fix technical issues and optimize performance
To personalize recommendations (only if you create a health profile)
Analytics Technologies We Use
We use privacy-respecting analytics services:
Plausible Analytics: GDPR-compliant, cookie-free analytics that doesn't track individual users
PostHog: Product analytics configured for privacy protection, respects Do Not Track settings
Vercel Analytics: Performance monitoring with no personal data collection
Data Sharing and Third Parties
We may share your information only in these limited circumstances:
Service Providers: With secure hosting services and AI providers who help us operate the platform (they cannot use your data for their own purposes)
Medical Databases: We access public databases like ClinicalTrials.gov to provide up-to-date trial information
Legal Requirements: When required by law or to protect rights and safety
We never: Sell your data, share individual user behavior, use your data for advertising, create personal profiles for marketing, or track you across other websites.
Data Security
We implement stringent security measures:
All data transmitted using HTTPS encryption
Health profiles encrypted at rest
Regular security audits
Access controls and monitoring
Secure authentication requirements
Your Privacy Rights
You have complete control over your data:
Access all information we have about you
Request correction or deletion of your data
Export your health profile in a portable format
Opt-out of analytics tracking
Use our service completely anonymously
Delete your account and all associated data
To exercise any of these rights, contact us at hi@onco.bot
Consent Management
OncoBot uses a progressive consent system that gives you granular control over how your data is used. You can manage your consent preferences directly in the app through the Settings menu.
Core Permissions (Required for Service)
These permissions are essential for OncoBot to function and provide personalized trial matching:
Eligibility Checks: Use your health information to check trial eligibility
Trial Matching: Match you with relevant clinical trials based on your profile
Contact Sharing: Share your contact information with trial sites and sponsors when you express interest
Data Sharing: Share your health data with research partners for matching purposes
Optional Permissions
These enhance your experience but are not required:
Marketing Communications: Receive updates about new trials and OncoBot features
Analytics: Help us improve our service through usage data collection
Research Insights: Contribute anonymized data for cancer research insights
Managing Your Consent
You can update your consent preferences at any time through the Privacy tab in Settings. Disabling core permissions will limit OncoBot's ability to provide personalized recommendations, but you can still use the general search features. Your consent choices are remembered and can be changed whenever your preferences change.
Data Retention
Analytics data: Aggregated after 30 days, deleted after 1 year
Health profiles: Deleted 90 days after last activity
Session data: Cleared when you close your browser
Search history: Not stored beyond current session
Error logs: Retained for 30 days for debugging
Do Not Track
We respect your browser's "Do Not Track" setting. When enabled, we will not collect any analytics data about your usage.
Children's Privacy
OncoBot is designed for healthcare professionals and adult patients. We do not knowingly collect information from anyone under 18. If you believe a child has provided us with personal information, please contact us immediately.
International Users
Data may be processed in the United States. We comply with applicable international privacy laws including GDPR (EU users) and CCPA (California users).
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at: