Privacy Policy

1. Information We Collect

ForTheWards ("we," "us," or "our") collects and processes personal information to provide our simulation-based medical education platform. This includes:

• Account information (name, email, institutional affiliation)
• Learning activity data (scenario attempts, transcripts, feedback)
• Technical data (IP address, browser type, device information)
• Communication records (support tickets, feedback submissions)

2. How We Use Your Information

We use collected information for:

• Providing and improving our educational services
• Generating personalized AI feedback on your performance
• Enabling instructors and administrators to track learning progress
• Complying with legal and regulatory requirements

3. HIPAA Compliance

ForTheWards is designed for educational simulations only. Our platform does not collect, store, or process actual patient health information (PHI). All scenarios are fictional and for training purposes only.

While our platform itself does not handle PHI, we implement HIPAA-level security standards including:

• Encryption at rest and in transit (TLS 1.3, AES-256)
• Role-based access controls (RBAC)
• Audit logging of all data access
• Business Associate Agreements (BAAs) with all vendors

4. Data Sharing and Third Parties

We share your data only as necessary to provide our services:

• Your Institution: Instructors and administrators at your institution can view your learning progress
• Service Providers: Supabase (database), Vercel (hosting), Google Gemini (AI feedback)
• Legal Requirements: When required by law or to protect rights and safety

For detailed vendor information and Business Associate Agreements, please contact privacy@forthewards.com.

5. Your Rights

You have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your data (subject to institutional requirements)
• Opt out of non-essential communications
• File a complaint with a supervisory authority

To exercise these rights, contact us at privacy@forthewards.com.

6. Data Security

We implement industry-standard security measures including encryption, access controls, and regular security audits. However, no system is 100% secure. We encourage users to maintain strong passwords and report any security concerns immediately.

7. Children's Privacy

Our platform is designed for medical professionals and students in professional training programs. We do not knowingly collect information from individuals under 18 years of age.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes via email and by updating the "Last Updated" date at the top of this page.

9. Contact Us

For questions about this Privacy Policy or our data practices, please contact: