Privacy policy.
# Privacy Policy for Ilana Protocol Intelligence
**Effective Date:** December 1, 2025
**Last Updated:** December 1, 2025
## 1. Introduction
Ilana Protocol Intelligence ("we," "our," or "Ilana") provides AI-powered clinical trial protocol analysis and compliance checking through a Microsoft Word add-in. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our services.
**By using Ilana Protocol Intelligence, you agree to the collection and use of information in accordance with this policy.**
## 2. Information We Collect
### 2.1 Protocol Content
When you use Ilana to analyze protocol text:
- **Selected Text**: Text you select in Microsoft Word for analysis
- **Document Context**: Surrounding context needed for accurate analysis
- **Analysis Results**: Suggestions, compliance issues, and recommendations generated by our AI
**Important**: We do NOT store complete protocol documents. Only the text segments you actively submit for analysis are processed.
### 2.2 Usage Data
We automatically collect:
- **Request Metadata**: Timestamps, analysis types requested, suggestion categories
- **Performance Metrics**: Response times, error rates, cache hit rates
- **User Interactions**: Accepts, rejects, and dismissals of suggestions (anonymized)
### 2.3 Technical Data
- **Session Identifiers**: Temporary session IDs for request correlation (not linked to personal identity)
- **Error Logs**: Stack traces and error messages for debugging (scrubbed of sensitive content)
### 2.4 Information We Do NOT Collect
- Personal health information (PHI)
- Personally identifiable information (PII) of trial participants
- Complete protocol documents
- Microsoft account credentials
- Email addresses or contact information (unless you contact support)
## 3. How We Use Your Information
### 3.1 Primary Purposes
- **Protocol Analysis**: Process your text using AI models to identify compliance issues and generate suggestions
- **Service Improvement**: Analyze usage patterns to improve suggestion quality and system performance
- **Compliance Monitoring**: Ensure regulatory alignment with ICH-GCP E6/E9 guidelines
### 3.2 Feedback-Based Learning
- Anonymized user feedback (accept/reject/dismiss) is used to adjust suggestion confidence scores
- No protocol content is stored in feedback data—only category and action metadata
- Feedback data is aggregated and cannot be traced to specific users or organizations
### 3.3 Caching
- Analysis results are temporarily cached (15 minutes) to improve performance for repeated queries
- Cached data is stored in-memory only and is never persisted to disk
- Cache is automatically purged when the service restarts
## 4. Third-Party Services
### 4.1 Azure OpenAI (Microsoft)
- **Purpose**: Natural language processing for suggestion generation
- **Data Shared**: Selected protocol text and analysis context
- **Data Retention**: Microsoft does NOT store protocol content sent to Azure OpenAI API for model training ([Azure OpenAI Data Privacy](https://learn.microsoft.com/en-us/legal/cognitive-services/openai/data-privacy))
- **Location**: United States (East US region)
### 4.2 Pinecone Vector Database
- **Purpose**: Semantic search for regulatory knowledge base
- **Data Shared**: Embeddings (numerical representations) of protocol text—NOT raw text
- **Data Retention**: Embeddings are stored for the duration of your subscription
- **Location**: United States (Azure East US 2)
### 4.3 HuggingFace Inference API
- **Purpose**: PubMedBERT model for biomedical entity recognition
- **Data Shared**: Selected protocol text segments
- **Data Retention**: HuggingFace does NOT store inference requests ([HuggingFace Privacy](https://huggingface.co/privacy))
- **Location**: United States (AWS US-East-1)
### 4.4 Render (Hosting Provider)
- **Purpose**: Backend service hosting
- **Data Shared**: All data processed by Ilana passes through Render infrastructure
- **Data Retention**: Logs retained for 7 days, then automatically deleted
- **Location**: United States
## 5. Data Storage and Retention
### 5.1 Operational Data
- **Analysis Requests**: NOT stored permanently
- **In-Memory Cache**: Retained for 15 minutes, then purged
- **Error Logs**: Retained for 30 days for debugging, then deleted
- **Feedback Statistics**: Anonymized category-level metrics retained indefinitely
### 5.2 No Long-Term Protocol Storage
We do NOT maintain a database of protocol documents or analysis history. Each analysis request is processed independently and ephemerally.
## 6. Data Security
### 6.1 Encryption
- **In Transit**: All data transmitted via HTTPS/TLS 1.3
- **At Rest**: Not applicable—no persistent storage of protocol content
- **API Keys**: Stored in environment variables, never in code or logs
### 6.2 Access Controls
- Production backend hosted on Render with role-based access control (RBAC)
- Azure OpenAI API keys rotated every 90 days
- Logs scrubbed of sensitive content before retention
### 6.3 Compliance
- **HIPAA**: Ilana does NOT process or store PHI. Users are responsible for de-identifying protocol text containing participant data
- **GDPR**: No personal data is collected from EU residents using the service
- **SOC 2**: Hosting provider (Render) is SOC 2 Type II certified
## 7. Your Rights and Choices
### 7.1 Data Access
Since we do not store protocol content or personal information, there is no data to access or download.
### 7.2 Data Deletion
- **Cached Data**: Automatically purged after 15 minutes
- **Feedback Data**: Contact support@ilanaimmersive.com to request deletion of aggregated feedback statistics
### 7.3 Opt-Out
- **Telemetry**: Set `TELEMETRY_ENABLED=false` in your deployment (enterprise deployments only)
- **Feedback Learning**: Contact support to exclude your usage from feedback-based learning
## 8. Children's Privacy
Ilana Protocol Intelligence is intended for professional use by clinical researchers and regulatory professionals. We do not knowingly collect information from individuals under 18 years of age.
## 9. International Data Transfers
All data processing occurs in United States data centers. By using Ilana, you consent to the transfer and processing of data in the U.S.
**For EU Users**: Standard Contractual Clauses (SCCs) are in place with Azure OpenAI and other U.S.-based processors to comply with GDPR Article 46.
## 10. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated via:
- In-app notification in the Word add-in
- Email to registered enterprise customers
- Updated "Last Updated" date at the top of this document
Continued use of Ilana after changes constitutes acceptance of the updated policy.
## 11. Contact Information
**Ilana Immersive**
501 Union St Ste 545 PMB 696328, Nashville, Tennessee 37219-1876
Email: support@ilanaimmersive.com
Privacy Officer: privacy@ilanaimmersive.com
For data protection inquiries or to exercise your rights, contact us at privacy@ilanaimmersive.com.
## 12. Regulatory Disclosures
### 12.1 AI-Generated Content
Ilana uses large language models (LLMs) to generate protocol suggestions. All AI-generated content should be reviewed by qualified clinical research professionals before use. Ilana is a decision-support tool, not a substitute for human judgment.
### 12.2 Liability
Ilana provides compliance suggestions based on ICH-GCP E6/E9 guidelines but does NOT constitute legal or regulatory advice. Users are responsible for verifying all suggestions before submission to regulatory authorities.
### 12.3 No Medical Device Classification
Ilana Protocol Intelligence is a document editing tool and is NOT classified as a medical device under FDA 21 CFR Part 11 or EU MDR. It does not directly impact patient safety or clinical outcomes.
## 13. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect about you
- Request deletion of your personal information
- Opt-out of sale of personal information (**Note**: We do NOT sell personal information)
- Request disclosure of categories and specific pieces of personal information collected
To exercise these rights, contact privacy@ilanaimmersive.com.
## 14. GDPR Compliance (EU Users)
If you are located in the European Economic Area (EEA):
- **Legal Basis**: Processing is based on legitimate interests (service provision) and consent
- **Data Controller**: Ilana Immersive, LLC is the data controller
- **Data Transfers**: Data may be processed in the US under Standard Contractual Clauses (SCCs)
- **Right to Complaint**: You may file a complaint with your local data protection authority
- **Data Protection Officer**: privacy@ilanaimmersive.com
---
**Document Version**: 2.0
**Applicable Jurisdictions**: United States, European Union, United Kingdom
**Governing Law**: Tennessee, United States