Privacy Policy

PrimusReview ("we", "us", "our") is a software service that provides AI-assisted ABPI Code compliance review for promotional materials in the UK pharmaceutical industry. For data protection purposes, we act as the data controller for information you provide when using this service. You can contact us at dthompson221198@gmail.com with any questions about how we handle your data.

We collect the following categories of personal data: Account data: your email address and password when you create an account. Usage data: the number of reviews you have run, your subscription status, and the date your account was created. Document data: the content of promotional materials you upload or paste for review. Technical data: standard server logs including IP address, browser type, and pages visited.

We use your data to provide the review service, manage your account, improve the service, and comply with legal obligations. Document content you submit is sent to the Anthropic API to generate a compliance analysis. We do not use your document content to train AI models.

Under UK GDPR, we process your data on the following legal bases: Contract: processing your account data and document submissions is necessary to deliver the service. Legitimate interests: processing technical and usage data to maintain security and improve the product. Legal obligation: retaining records where required by applicable law.

Supabase: database and authentication infrastructure. Anthropic: AI model provider. Document content you submit is sent to Anthropic's API for processing. Stripe: payment processing. Vercel: hosting and content delivery. Resend: transactional email.

We retain your data for as long as your account is active. If you delete your account, your account data and review history will be deleted within 30 days. Server logs are retained for up to 90 days.

Under UK GDPR, you have the right to access, rectify, erase, restrict, and port your personal data. You also have the right to object to processing. To exercise any of these rights, contact us at dthompson221198@gmail.com. You have the right to lodge a complaint with the ICO at ico.org.uk.

We use a single session cookie to keep you logged in. This cookie is strictly necessary for the service to function and does not track you across other websites. We do not use advertising or analytics cookies.

We implement appropriate technical and organisational measures to protect your data, including encrypted connections (HTTPS), secure credential storage, and role-based access controls.

For any questions, data requests, or complaints regarding this privacy policy, contact us at dthompson221198@gmail.com.