Art. 7, I
Consent
For optional personalization features such as vocabulary, shared templates, and anonymous benchmarks.
Compliance · Law 13.709/2018
LGPD, without asterisks.
We are controller for operational data and processor for clinical data. The two layers have distinct legal bases, and we document each one.
Data Protection Officer
Dr. Rafael Ueno Sales
Certified DPO · EXIN DPO · IAPP CIPM
Applied legal bases
Four bases, each documented in a specific impact record.
Art. 7, V
Contract performance
To operate the platform and deliver the service contracted by the radiologist or institution.
Art. 11, II, a
Health protection
For sensitive data processing by healthcare professionals under their responsibility.
Art. 7, IX
Legitimate interest
For security, fraud prevention, and quality improvements, always with a documented proportionality test.
Data lifecycle.
- 01
Collection
Data arrives through PACS/RIS integration or direct upload by the radiologist, already linked to a report in progress.
- 02
Processing
Transcription and structuring occur in Brazilian infrastructure, isolated by institution.
- 03
Storage
Reports are retained under the client's policy. Audio is discarded after structuring unless the contract says otherwise.
- 04
Disposal
After cancellation, clients can export data in open format. After the transition window, data is removed from backups and replicas.
Your rights
Eight rights. One entry point.
We respond within 15 calendar days and ask only for the minimum documentation needed to authenticate the data subject.
- 01Confirm whether processing exists
- 02Access your data
- 03Correct incomplete, inaccurate, or outdated data
- 04Anonymize, block, or delete unnecessary data
- 05Receive portability in structured format
- 06Revoke consent at any time
- 07Obtain information about sharing
- 08Petition the ANPD directly