Accessibility

Language
Theme
Back to home

Legal

Privacy Policy

This policy explains what WhatsTheDx collects, how we use it, and the choices you have.

1. Overview

WhatsTheDx is operated by PreTectal LLC. We provide a daily clinical reasoning game and related Pro features for healthcare students and professionals.

This Privacy Policy describes how we collect, use, disclose, retain, and protect personal information when you use WhatsTheDx. It applies to the website, account features, gameplay, subscriptions, support communications, and related services.

2. Information we collect

  • Account information: email address, authentication identifiers, display name if provided, and account settings.
  • Gameplay information: specialty selections, clues revealed, guesses, session status, completion status, streaks, history, and performance statistics.
  • Subscription information: selected specialty, plan type, subscription status, customer identifiers, checkout events, and billing portal events. Stripe processes payment details; we do not store full payment card numbers.
  • Device and usage information: IP address, browser type, device type, pages viewed, referrers, timestamps, diagnostics, and standard server logs.
  • Communications: messages you send us, support requests, feedback, and related metadata.

3. Clinical and patient information

WhatsTheDx cases are educational scenarios. Your guesses and game activity are not medical records and are not intended to contain real patient information.

Do not enter patient names, contact information, medical record numbers, dates of birth, images, or other protected health information into WhatsTheDx, support messages, or feedback.

4. How we use information

  • Operate, secure, and maintain WhatsTheDx.
  • Create and authenticate accounts.
  • Save gameplay state, history, streaks, and performance analytics.
  • Process purchases, renewals, cancellations, and subscription access.
  • Send transactional messages such as account, security, billing, and service notices.
  • Respond to support requests and feedback.
  • Debug errors, prevent abuse, improve reliability, and develop new features.
  • Comply with legal, tax, accounting, security, and regulatory obligations.

5. How information is shared

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

We may share information with service providers that help us operate WhatsTheDx, including:

  • Supabase for authentication, database, storage, and related backend services.
  • Stripe for checkout, payment processing, billing records, and subscription management.
  • Vercel for hosting, deployment, delivery, and technical logs.
  • Other vendors that provide email, security, analytics, support, or infrastructure services.

We may also disclose information if required by law, to protect rights and safety, to prevent fraud or abuse, or in connection with a merger, financing, acquisition, reorganization, or sale of assets.

6. Cookies and local storage

We use cookies and similar browser storage for authentication, security, theme preferences, account state, and core app functionality. We may also use limited analytics or logs to understand service performance and diagnose issues.

You can control cookies through your browser settings, but blocking necessary cookies may prevent account login, gameplay persistence, or subscription access from working correctly. Read our Cookie Notice for more detail.

7. Data retention

We keep personal information for as long as needed to provide the service, maintain your account, comply with legal obligations, resolve disputes, enforce agreements, and protect the service.

If you request account deletion, we will delete or de-identify personal information within a reasonable period unless we need to retain certain records for legal, billing, security, fraud prevention, backup, or accounting purposes.

8. Your privacy rights

Depending on where you live, you may have rights to access, know, correct, delete, or export your personal information. You may also have rights to opt out of certain uses, limit certain sensitive-information uses, or avoid discriminatory treatment for exercising privacy rights.

To make a privacy request, email contact@whatsthedx.com. You can also review our Delete User Data page. We may need to verify your identity before completing a request.

9. Security and international processing

We use reasonable technical and organizational measures designed to protect personal information. No internet service is completely secure, so we cannot guarantee absolute security.

WhatsTheDx is operated from the United States. If you access the service from another location, your information may be processed in the United States and other places where our providers operate.

10. Children

WhatsTheDx is intended for users who are 18 or older. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us so we can take appropriate action.

11. Changes and contact

We may update this Privacy Policy from time to time. When we do, we will update the date on this page and provide additional notice if required.

Questions or requests about this policy can be sent to contact@whatsthedx.com.