Privacy Policy

1. Data Controller

SymptomChecker.be, contact@symptomchecker.be

2. Data Collected

• User account: email, name (optional), country, alert preferences.
• Symptom assessments: anonymised questionnaire responses (no personally identifiable data).
• Technical data: browser, language. No IP address is collected or stored by our servers. Collected only for aggregated statistics.

3. Legal Bases (GDPR)

• Consent (Art. 6.1.a): user account, email alerts.
• Legitimate interest (Art. 6.1.f): site security, anonymous aggregated statistics.
• Public health (Art. 9.2.i): aggregated epidemiological data.

4. Your Rights

Under GDPR, you have the following rights:

• Right of access to your data
• Right of rectification
• Right to erasure ("right to be forgotten")
• Right to data portability (JSON/CSV export)
• Right to object to processing

To exercise these rights: contact@symptomchecker.be

5. Cookies

We only use cookies essential to site functionality (authentication, language preferences). No advertising or third-party tracking cookies are used.

6. Hosting & Sub-processors

• Vercel Inc. (hosting): USA, EU transfer via Standard Contractual Clauses
• Supabase Inc. (database): data stored in Europe (eu-central-1)

7. Retention Period

• User accounts: until deletion by the user
• Symptom assessments: maximum 2 years
• Security logs: 90 days

8. Complaints

You can lodge a complaint with the Data Protection Authority (APD/GBA) in Belgium.