Privacy Policy

We collect the following categories of information when you use mockMD: Account Information • Email address, name, and authentication credentials (managed via Supabase Auth) • Subscription plan and billing details Session Data • Voice recordings and transcripts from practice sessions • AI-generated feedback, scores, and grading results • Session duration, timestamps, and completion status Usage Data • Pages visited, features used, and interaction patterns • Device type, browser information, and IP address • Performance metrics and error logs We do not collect sensitive personal health information. The medical scenarios discussed during sessions are fictional simulations and do not reflect your actual health status.

We use the information we collect to: Deliver the Service • Process your voice input and generate AI patient responses • Provide grading, feedback, and performance analytics • Manage your account, subscription, and session history Improve the Service • Analyse usage patterns to improve platform performance and reliability • Refine AI models and clinical scenarios for better educational outcomes • Identify and fix technical issues Communicate with You • Send account-related notifications (billing, subscription changes) • Provide important service updates and policy changes We do not sell your personal information to third parties. We do not use your session data for purposes unrelated to the Service without your consent.

To deliver the Service, we share limited data with the following third-party providers: OpenAI • Voice audio and session context are processed through OpenAI's Realtime API for AI patient responses • Subject to OpenAI's data usage policies Supabase • Authentication and user account management • Database hosting for session records and user data Paystack • Payment processing for subscriptions • Receives billing information necessary to process payments • Subject to Paystack's privacy policy and PCI DSS compliance Vercel • Application hosting and content delivery • May process request metadata (IP address, user agent) We require all third-party providers to handle your data in accordance with applicable data protection laws. We do not share your data with third parties for advertising or marketing purposes.

We retain your data according to the following policies: Account Data • Retained for the duration of your active account • Deleted within 30 days of account deletion request Session History • Starter plan: 30 days of session history • Pro and Max plans: unlimited session history • Session recordings are processed in real-time and not permanently stored in raw audio format Transcripts & Grades • Retained in accordance with your plan's session history limits • Available for review and export during your active subscription Billing Records • Retained as required by applicable tax and financial regulations After account deletion, we may retain anonymised, aggregated data that cannot be linked back to you for the purpose of improving the Service.

We implement industry-standard security measures to protect your information: • All data is transmitted over encrypted connections (HTTPS/TLS) • API keys and credentials are stored as environment variables, never exposed to clients • Ephemeral tokens are used for voice sessions, expiring automatically after use • Authentication is managed through Supabase Auth with secure session handling • Database access is restricted and monitored While we take reasonable precautions to protect your data, no system is completely secure. We cannot guarantee absolute security and encourage you to use strong, unique passwords for your account.

mockMD uses cookies and similar technologies for: Essential Cookies • Authentication and session management • Security and fraud prevention • These cookies are necessary for the Service to function and cannot be disabled Analytics Cookies (Optional) • Understanding how users interact with the platform • Measuring feature adoption and performance • These can be managed through our Cookie Settings (accessible from the footer of any page) We do not use advertising cookies or cross-site tracking technologies. You can manage your cookie preferences at any time through the Cookie Settings option in the footer.

Depending on your jurisdiction, you may have the following rights regarding your personal data: Access — Request a copy of the personal data we hold about you Correction — Request correction of inaccurate or incomplete data Deletion — Request deletion of your personal data and account Data Portability — Request your data in a structured, machine-readable format Restriction — Request restriction of processing in certain circumstances Objection — Object to processing based on legitimate interests To exercise any of these rights, please contact us at the email address provided below. We will respond to verified requests within 30 days.

mockMD is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete that information promptly. If you believe a child under 18 has provided us with personal information, please contact us immediately.

Our third-party service providers may process your data in countries outside your country of residence, including the United States. When data is transferred internationally, we ensure appropriate safeguards are in place, including: • Standard contractual clauses approved by relevant regulatory authorities • Reliance on the data protection frameworks of our service providers • Technical measures such as encryption in transit and at rest By using the Service, you acknowledge and consent to the transfer and processing of your data in these jurisdictions.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes: • We will update the "Last updated" date at the top of this page • We will notify registered users via email for significant changes • Changes take effect upon posting unless otherwise stated We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: Email: support@mockmd.co We aim to respond to all enquiries within 5 business days.