Privacy Policy

When you create an account and use OrthoImplants, we collect:

• Account information: username, email address, and display name (provided during invitation-based signup).
• Authentication data: hashed passwords (never stored in plain text) and session tokens.
• Login activity: timestamps and basic metadata associated with login events.
• Submissions: technique guide PDFs and associated metadata you submit through the Service.

We use collected information to:

• Authenticate your identity and manage your account.
• Operate, maintain, and improve the Service.
• Process and review technique guide submissions.
• Monitor login activity for security purposes.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

OrthoImplants uses a single HTTP-only session cookie for authentication. This cookie contains a JSON Web Token (JWT) used to verify your identity. It is essential for the Service to function and cannot be opted out of while using the Service.

We may also use browser session storage to cache non-sensitive data for performance purposes. No third-party tracking cookies are used.

We use the following third-party services to operate OrthoImplants. Each has its own privacy policy:

• Supabase — database and file storage (privacy policy).
• Algolia — search functionality (privacy policy).
• Anthropic — AI-assisted data extraction from technique guides (privacy policy).
• Google Cloud — AI-assisted data extraction (privacy policy).
• HuggingFace — semantic search embeddings (privacy policy).

Account information is retained for as long as your account is active. Login activity records are retained for security audit purposes. If you wish to delete your account and associated data, contact us at the email below.

OrthoImplants does not use third-party analytics services, advertising trackers, or behavioral tracking tools. We do not track your browsing activity across other websites.

We take reasonable measures to protect your information, including:

• Passwords are hashed using bcrypt before storage.
• Session tokens are signed and verified using industry-standard JWT.
• All connections are encrypted via HTTPS.
• Session cookies are HTTP-only and use the Secure flag in production.

OrthoImplants is intended for use by medical professionals and is not directed at individuals under 18 years of age. We do not knowingly collect information from children.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.

For questions about this Privacy Policy or to request data deletion, contact us at admin@orthoimplants.net.