1. What Data We Collect

We may collect and process the following categories of data:

Personal Information

• Name
• Email address
• Professional affiliation
• Job title (if provided)

Account & Usage Data

• Account registration details
• Login activity
• Usage patterns within the EasyHTA platform
• Time spent on features
• Parameters entered into tools
• Platform interaction logs

Payment Information

Payments for subscriptions and services are processed by Stripe, Inc. We do not store full credit card details on our servers.

We may receive from Stripe:

• Confirmation of payment
• Billing status
• Partial billing information (e.g., last four digits of card, country)

Stripe processes payment data in accordance with its own Privacy Policy.

Technical Data

• IP address
• Browser type and version
• Device type
• Operating system
• Cookies and similar tracking technologies

We do not collect special categories of personal data (such as identifiable health data). Users are responsible for ensuring that uploaded data does not contain personally identifiable patient information.

2. How We Collect Your Data

We collect data when you:

• Register for an account
• Start a 7-day free trial
• Subscribe to a paid monthly or annual plan
• Use Survival Studio or other EasyHTA tools
• Contact us via email or forms
• Subscribe to updates
• Interact with our website through cookies

We may also collect limited professional contact information through:

• Public professional directories
• Networking activities

3. How We Use Your Data

We process your data to:

• Create and manage your account
• Provide access to Survival Studio and other EasyHTA tools
• Process subscription payments via Stripe
• Monitor billing and subscription status
• Improve platform functionality and performance
• Ensure platform security and prevent fraud
• Provide customer support
• Send service-related communications
• Send marketing communications (only where consent has been given)

We rely on the following legal bases under the General Data Protection Regulation (GDPR):

• Performance of a contract
• Legitimate interests (product improvement and security)
• Consent (for marketing communications)
• Legal obligations

4. Payment Processing (Stripe)

All payments are securely processed by Stripe, Inc., a third-party payment service provider.

When you make a payment, your payment information is transmitted directly to Stripe and handled in accordance with Stripe’s security standards and Privacy Policy.

EasyHTA does not store or process full credit card numbers.

You can review Stripe’s Privacy Policy at:
https://stripe.com/privacy

5. Data Storage and Security

EasyHTA stores data securely using reputable cloud infrastructure providers, including AWS services.

Security measures include:

• Encrypted data transmission (HTTPS/TLS)
• Secure authentication systems
• Role-based access control
• Encrypted storage where appropriate
• System monitoring and logging

We implement appropriate technical and organisational safeguards to protect your data against unauthorised access, misuse, loss, or alteration.

6. Data Retention

We retain personal data:

• For the duration of your active account
• For as long as required for subscription billing and legal compliance
• For up to 2 years after account inactivity unless deletion is requested

Upon expiration of retention periods, data is securely deleted or anonymised.

You may request account deletion at any time.

7. Data Sharing

We do not sell your personal data.

We may share data with:

• Stripe (payment processing)
• Cloud infrastructure providers
• Analytics providers
• Professional advisors where legally required

All third-party processors are required to maintain appropriate data protection standards. required to maintain appropriate data protection standards.

8. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including Standard Contractual Clauses where required.

9. Marketing Communications

If you have opted in, we may send you information about:

• Product updates
• Feature releases
• Events
• Service announcements

You may withdraw consent at any time via the unsubscribe link or by contacting us directly.

10. Your Data Protection Rights

Under applicable data protection laws, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request erasure
• Restrict processing
• Object to processing
• Request data portability

We will respond to requests within one month.

To exercise your rights, contact:
zach@easyhta.com

You also have the right to lodge a complaint with your local data protection authority.

11. Cookies

We use cookies to:

• Keep you signed in
• Improve user experience
• Analyse platform usage
• Monitor performance

You may manage cookies via your browser settings.

12. AI-Assisted Features

Certain platform functionalities may use AI-assisted processing to improve usability. Such processing is conducted within secure system environments and does not involve the sale of personal data.

13. Links to Other Websites

Our website may contain links to external websites. This Privacy Policy applies only to EasyHTA services.

14. Changes to This Policy

We review this Privacy Policy regularly and post updates on this page.

15. Contact Us

If you have any questions about this Privacy Policy or your personal data, please contact:

EasyHTA Oy
Email: zach@easyhta.com