Privacy Policy
Last updated: July 7, 2026
1. Who we are
This policy explains what data we process and how we protect it when you use DiagNotes, a desktop app for temporary notes, saved term suggestions, and definition lookup.
2. Where your notes are stored
Normal account-based use requires an internet connection to sign in and validate access. A local trial mode, when available, may have different access behavior. Definition lookup and other API-backed features also require an internet connection.
Temporary notes in the main workspace are handled on your own device during the session. DiagNotes does not provide a note save, export, or load workflow. Deleted content may appear in a temporary session trash area for immediate recovery, but that trash is not persistent storage and is cleared when the app closes.
Your personal dictionary and saved terms may remain available so the app can show predictive suggestions from terms you choose to save.
DiagNotes does not require patient identifiers for its normal, intended use. Use terminology search for generic medical terms or short generic phrases, not patient names, record numbers, contact details, dates of birth, or case narratives.
3. Data we process
- Account data: email address and credentials required to authenticate you.
- Technical usage data: minimal information required to operate the service, such as activity logs with sensitive data sanitized.
- Terms and queries: saved terms and terms submitted for suggestions or definition lookup. Terminology lookup is local-first; unresolved lookups may be processed through the DiagNotes API to return terminology and definitions. Temporary note text is not intended to be preserved as a record.
- Payment data: handled by Paddle; we do not store full card details.
4. How we use data
We use data to authenticate your account, provide and improve the service, respond to support requests, process payment-related requests, and comply with legal obligations. We do not sell your personal data.
5. External providers
We work with providers that process data on our behalf, such as Paddle for payment processing. These providers process data according to their own policies and the agreements we maintain with them.
6. Public website
This public website shows product information, download status, support, and legal pages. It does not manage authenticated subscriptions, show entitlement status, or change account data.
7. Retention
We keep account data while your account is active and for as long as necessary to comply with legal obligations. Technical logs are retained for limited periods.
8. Security
We apply reasonable measures to protect your information, including sensitive data sanitization in logs and secure credential handling. No system is completely infallible.
9. Your rights
Depending on your jurisdiction, you may have the right to access, correct, delete, or object to certain processing of your personal data. To exercise those rights, email support@diagnotes.org.
10. Changes to this policy
We may update this policy. We will publish the current version on this page with its update date.
11. Contact
For privacy questions, email support@diagnotes.org.