Privacy

Last updated: 2026-05-22

What we collect

VitalSync stores the bloodwork PDFs you upload, the structured lab results extracted from them, your account profile (name, date of birth, email, optional provider credentials), AI-generated interpretations and insights, messages exchanged with healthcare providers connected to you, and conversation history from the Chat feature.

How we store it

All personal health information (PHI) — names, dates of birth, lab values, message bodies, AI interpretations — is encrypted at the application layer with AES-256-GCM before being written to the database. PDF files themselves are discarded immediately after parsing; only the extracted structured data and cleaned text are retained.

Who can see it

Only you. Healthcare providers can only see your data after you explicitly accept their connection request. Admin users can view encrypted PHI only through a controlled “Reveal PHI” action that requires a documented reason and is audit-logged.

How to request your data or delete your account

Contact support@gt3healthlabs.com. Admins can also initiate a data export or account erasure through the admin compliance tools.