MedSelect.ai

Privacy Policy

Privacy Policy

Effective: May 2026 · Document: PP-1.0 · Canonical English form.

1. Who we are

MedSelect is operated by the founder team at medselect.ai. The data controller for personal data processed via this site is the MedSelect operations entity, reachable at [email protected].

2. What we collect on the marketing site

The marketing surface at medselect.ai sets no tracking cookies. No Google Analytics, no Meta Pixel, no third-party ad tags. We do not measure visitors. The cookie banner you may see is informational.

3. What we collect on the platform

When you log into app.medselect.ai (operator portal) or klinik.medselect.ai (physician portal), we process:
  • Account: email, display name, password hash (bcrypt cost 12), optional TOTP secret pointer.
  • Session: an authjs.session-token cookie, hard-expiring after the inactivity window.
  • Audit log: an append-only record of consequential actions you take.
  • Tenant + physician data: the operational data you enter, scoped to your tenant.

4. Legal basis

Under KVKK Madde 5/2 and GDPR Article 6(1)(b/f), we process this data on the basis of (a) the contract between the physician/clinic and MedSelect, and (b) our legitimate interest in running an auditable, KVKK-compliant operations platform.

5. Where data lives

All production data is hosted in the EU (Frankfurt, Hetzner). Email delivery flows through Amazon SES in eu-west-1 (Ireland). We do not transfer personal data to processors outside the EU.

6. Retention

  • User accounts: until the user requests erasure or the engagement ends.
  • Audit log: retained for the lifetime of the platform (legal compliance).
  • Email suppression list: retained as long as needed to honor the bounce/complaint.
  • Magic-link tokens: 15-minute TTL; consumed tokens GC'd after 30 days.
  • Backups: 14 daily snapshots.

7. Your rights (KVKK Madde 11 / GDPR Articles 15–21)

You can:
  • Access — download all your data at /api/account/data-export while signed in.
  • Rectification — edit your account at /admin/account/password.
  • Erasure — destructive flow at /admin/account/delete (soft-deletes account, anonymizes audit entries).
  • Object / restrict — write to [email protected].
  • Complain — to your local data protection authority (in Türkiye: KVKK Kurulu).

8. Security

Append-only audit log with daily SHA-256 integrity chain. Email + password + optional TOTP authentication (no third-party identity providers). Hard bounces and complaints land on an automatic suppression list. Server SSH is key-only with Fail2ban + UFW rate-limit. Daily DB backups, 14-day rolling retention.

9. Changes

We will update this page if substantive changes occur. The PP-N.N version label in the date line is bumped on each change.

10. Contact

Data controller: MedSelect operations entity. Contact: [email protected].
    MedSelect — Privacy Policy · MedSelect