Privacy Policy

Overview

PhonaLab is committed to protecting your privacy and minimizing the handling of sensitive data. This Privacy Policy explains how information is processed when you use our voice analysis services.

Key principle: PhonaLab is designed with privacy-by-design and data minimization at its core. We do not store patient audio recordings, analysis results, or protected health information (PHI).

What We Collect

Account Information

When you create an account, we collect and store:

  • Email address (used for authentication and communication)
  • Name (optional, for personalization)
  • Account creation date
  • User preferences (optional report customizations, interface settings)

Usage Analytics

To improve the service and understand how tools are used, we collect:

  • Which tools you use (Voice Analyzer, Pitch Visualizer, etc.)
  • Frequency of tool usage
  • Timestamps of analyses
  • General technical information (browser type, device type, errors encountered)

Important: Usage logs do NOT include patient names, audio content, or analysis results. We only track that "User X used Tool Y at Time Z."

Transient Processing Data

During analysis, the following data is processed in real-time but NOT stored:

  • Audio recordings uploaded for analysis (deleted immediately after processing)
  • Analysis results (provided to you in reports, not saved on our servers)
  • Optional patient labels you enter (used only for PDF generation, not stored)

What We DON'T Collect or Store

PhonaLab does NOT collect, store, or retain:

  • Patient names or identifiers
  • Audio recordings (deleted immediately after analysis)
  • Acoustic analysis results (not saved after you download your report)
  • Protected Health Information (PHI)
  • Payment or billing information (service is 100% free)
  • Social security numbers, dates of birth, or medical record numbers

How We Use Your Data

Data is used solely to:

  • Provide voice analysis services and generate reports
  • Maintain and secure your account
  • Improve tool accuracy and reliability
  • Understand which tools are most valuable to users
  • Send important service updates (with your consent)
  • Respond to support requests

We do NOT:

  • Sell, rent, or share your data with third parties
  • Use your data for marketing purposes
  • Share usage data with advertisers
  • Train AI models on your patient data (we don't have access to it)

Data Storage & Retention

What We Store

  • Account data: Retained as long as your account is active
  • Usage logs: Retained for analytics purposes (anonymized after 12 months)
  • User preferences: Retained to personalize your experience

What We Don't Store

  • Audio files: Deleted immediately after analysis completes
  • Analysis results: Not stored after you download your report
  • Patient identifiers: Never collected or stored

Account Deletion

If you delete your account, we will permanently remove your account information and usage logs within 30 days. Anonymized analytics may be retained for statistical purposes.

Data Security

We implement industry-standard security measures:

  • Encrypted connections (HTTPS/TLS) for all data transmission
  • Secure authentication via magic links (no passwords to be compromised)
  • Restricted system access with role-based permissions
  • Regular security audits and updates
  • Infrastructure hosted on secure, reputable providers (Vercel, Supabase, Render.com)

Privacy by design: Our architecture minimizes security risk by not storing sensitive data in the first place. Data that doesn't exist can't be breached.

Healthcare & HIPAA Considerations

Important Notice for Healthcare Professionals:

PhonaLab is designed to support privacy-sensitive clinical workflows by minimizing the handling and storage of protected health information (PHI). However, PhonaLab does NOT claim HIPAA compliance or certification.

Your responsibilities as a healthcare professional:

  • Ensure your use of PhonaLab complies with HIPAA and applicable regulations
  • Obtain appropriate patient consent before uploading recordings
  • Avoid entering unnecessary patient identifying information in optional fields
  • Maintain the confidentiality of downloaded reports containing PHI
  • Use secure networks and devices when accessing PhonaLab

How PhonaLab minimizes PHI exposure:

  • No permanent storage of audio recordings
  • No storage of patient identifiers or analysis results
  • Optional fields for patient labels (you control what you enter)
  • Data processed transiently and deleted after analysis

Third-Party Services

PhonaLab uses the following trusted third-party services:

  • Supabase: Authentication and database (account information only, no patient data)
  • Vercel: Web hosting and content delivery
  • Render.com: API hosting for voice analysis processing
  • Cloudflare: DNS and security services

These services process data only as necessary to provide PhonaLab's functionality and are bound by their own privacy policies.

Cookies and Tracking

PhonaLab uses minimal cookies and tracking:

  • Essential cookies: Required for authentication and core functionality (cannot be disabled)
  • Analytics cookies: Anonymous usage statistics to improve the service (you can opt out)

We do NOT use advertising cookies or share data with ad networks.

Your Rights

You have the right to:

  • Access and review your account information
  • Update or correct your account details
  • Delete your account and associated data
  • Export your account information (available upon request)
  • Opt out of non-essential analytics
  • Request information about what data we have about you

To exercise these rights, contact us at phonalab@gmail.com.

Children's Privacy

PhonaLab is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Significant changes will be communicated via email to registered users. Continued use of PhonaLab after changes constitutes acceptance of the updated policy.

International Users

PhonaLab is accessible worldwide and uses secure, industry-standard infrastructure providers located primarily in the United States and Europe. Your data is processed in accordance with the security standards of these providers.

Contact Us

For privacy-related questions, concerns, or requests, please contact:

Email: phonalab@gmail.com

Developer: Dr. Jorge C. Lucero, University of Brasília

Last updated: January 16, 2026

Effective date: January 16, 2026