Privacy & data

How your dog's data is handled.

Dogs aren't covered by HIPAA. We treat your dog's data with HIPAA-equivalent technical controls anyway — encryption at rest, role-based access, MFA on every vet and admin seat, audit logs on every record read or write, and immutable backups. It's the price of credibility with our vet partners and the only way the eventual human-oncology pivot doesn't require a re-platform.

What we collect

  • About your dog: breed, age, weight, comorbidities, diagnosis, treatment, symptoms.
  • About you (the owner): name, email, address (zip + state for trial matching), payment.
  • Documents you upload: biopsy PDFs, bloodwork, imaging, genomic reports.

Sharing

You — the owner — choose which vet sees which sections. Vet access is by email magic link and token. Revoke at any time. Multi-vet households (referring DVM + specialty oncologist) are first-class.

Research opt-in

At signup and again on every meaningful lifecycle event, we ask whether your dog's de-identified data may flow into the cohort analytics that power the comparator and translational research. This is a true opt-in — toggling it off removes your dog from analytics immediately. Identifiers (name, microchip, exact dates) are auto-redacted; only the clinical and outcome features remain.

Bereavement

When you mark your dog as passed, all transactional and marketing emails pause immediately. The record archives to read-only. We do not run reactivation pings or grief funnels. If you ask us to delete everything, we delete within 24 hours — no retention dance, no friction.

Where the data lives

  • Application database: managed Postgres on Railway (US-East). TLS 1.3 only.
  • Document storage: S3-compatible (R2). Server-side encryption with a per-tenant key.
  • DICOM imaging: separate bucket with longer retention (10-year default) and versioning.
  • Model inference: SciRouter routes to RunPod (GPU) and Railway (CPU) — no third-party model APIs handle your dog's data without an explicit consent flag.

Per-state veterinary record laws

Thirty-five states have explicit veterinary record confidentiality statutes. We default to the most protective standard across launch states — California (explicit owner consent for any third-party share), Florida, Kentucky. If you're in a launch state and want the specific statute that applies to your record, see the state-specific addendum.

Children's privacy

We do not knowingly collect data from anyone under 13. The portal is intended for adults responsible for the dog's care.

EU / UK GDPR notice

We will not knowingly accept signups from EU/UK residents until our country-specific GDPR rollout (data-residency, data-protection officer, formal SCCs). If you're reading this from the EU/UK and would like to be notified at GDPR launch, email eu@oncology.scirouter.ai.

Contact

Privacy questions: privacy@oncology.scirouter.ai. Deletion requests: delete@oncology.scirouter.ai (24-hour SLA, no friction).

Last updated: April 26, 2026 · Working draft for early access. The fully reviewed policy ships before public open and requires explicit re-acceptance from active users.