This notice explains how we process personal data when you use the clinical report generator. It applies under the UK GDPR and the Data Protection Act 2018.
Controller: ReporaPro (contact: contact@reporapro.com).
This service is designed for use by registered healthcare professionals only. When you (a healthcare professional) enter clinical data into this form, you are the data controller for that patient data. We act as a data processor, processing data on your behalf to generate clinical reports and DSM-5 summaries.
We use third-party processors (OpenAI) to provide AI services. All personal data is pseudonymised before being sent to external AI services.
When you enter clinical assessment data into the web form, it contains personal data and special category data (health information) relating to your patients. This includes patient identifiers (first name, age, pronouns), family background, developmental history, clinical observations, and assessment findings.
We process only the data you enter into the form fields. All personal identifiers (names) are automatically pseudonymised before any data is sent to external AI services, and real names are restored only in the final output returned to you.
Form data is temporarily stored in your browser's local storage to enable report generation. This data remains on your device and is not transmitted until you click "Generate Report" or "Generate DSM-5".
This service processes personal data for the following purposes:
As a registered healthcare professional, you are responsible for ensuring you have an appropriate lawful basis for processing the patient data you enter. This service is a tool to assist you in your clinical work and does not replace your professional obligations regarding patient confidentiality and data protection.
We use trusted sub-processors to provide this service:
Where data is transferred outside the UK, we rely on appropriate safeguards such as the UK IDTA/SCCs. Copies of relevant transfer mechanisms and the OpenAI data retention addendum are available on request.
Only information required to produce the report should be entered. We encourage pseudonymisation (e.g., first name only) where possible. The system automatically pseudonymises all client names before transmission to external services.
We do not retain form data or generated outputs on our servers. All data processing occurs in-memory during the report generation process. Once the report is delivered to you, all server-side data is immediately deleted. Form data stored in your browser's local storage remains on your device and can be cleared at any time through your browser settings.
This schedule explains how long we keep data processed by the clinical report generator and how deletion works. Retention periods are designed for data minimisation and to support UK GDPR compliance.
| Data category | Retention period | Rationale | Deletion method |
|---|---|---|---|
| Form data submitted for processing | Immediate deletion after processing | Data is processed in memory only and deleted immediately after the report is generated and returned to you. No form data is stored on disk. | Automatic deletion from memory buffers immediately after processing completes. |
| Generated report text and DOCX files | Immediate deletion after delivery | Reports are generated and returned to you immediately. Once delivered, all data is deleted. No copies are retained on our servers. | Automatic deletion from memory immediately after the report is sent to your browser. |
| Audit logs (metadata only, no patient data) | 30–90 days | Security monitoring, compliance, and troubleshooting. Contains only metadata (timestamps, IP addresses, event types) - no patient names, clinical notes, or report content. | Automated log rotation and deletion. |
| Support communications | Up to 12 months | Customer support history and dispute resolution. | Periodic review and deletion. |
| Browser local storage (client-side only) | Until cleared by user or browser cache cleared | Form data is stored locally on the user's device to enable report generation. This data never leaves the user's device and can be cleared at any time through browser settings. | User-controlled through browser settings or automatic browser cache clearing. |
We follow the principle of data minimisation: we only process data for as long as necessary to provide the service. Once your report is generated and delivered, all form data and generated outputs are immediately deleted. No patient data is retained on our servers after processing.
Note on OpenAI data retention: We have a data retention addendum in place with OpenAI that governs data retention periods for data processed by their AI services. This addendum ensures compliance with our data minimisation principles and UK GDPR requirements. Details of the addendum are available on request.
We maintain audit logs for security and compliance purposes. These logs contain only metadata (timestamps, IP addresses, event types) and do not include any patient names, clinical notes, or report content. Audit logs are retained for 30–90 days and then automatically deleted.
We may adjust retention periods for security, legal, or operational reasons. Material changes will be reflected on this page.
You can request access, rectification, erasure, restriction, objection, and data portability where applicable. Contact: contact@reporapro.com. You can complain to the ICO at ico.org.uk.
We protect data with encryption in transit, access controls, and least‑privilege administration. We maintain incident response procedures and will notify you of personal data breaches when legally required.
Where children's data is processed, we apply heightened safeguards and expect users to have a lawful basis to provide such information.
Questions about this notice or our data practices: contact@reporapro.com.