Last updated: April 9, 2026

Privacy Policy

Effective date: April 9, 2026

Plain-language summary

  • Signed-in users’ intake responses are stored so your trial matches persist between sessions. Your condition, age, location, and clinical context are saved to our secure database and used only for matching — never for advertising or sold to third parties. See Section 2 for details.
  • An account is required to run matching and save results. We store your email, account preferences, and intake responses in Supabase.
  • We do not sell your data and do not share it with advertisers or data brokers.
  • Location data is optional. If you use “Find Trials Nearby,” precise GPS is never required — a city or ZIP code works and is not retained after your session.

1. Who we are

ClinicalMatchMate (“we,” “our,” or “us”) operates the website at clinicalmatchmate.com and related services (the “Platform”). Our Platform helps patients and caregivers discover and understand clinical trials that may match their condition, preferences, and location.

Questions about this policy should be directed to privacy@clinicalmatchmate.com.

2. Information we collect

2a. Information you provide directly

  • Contact and account information: If you create an account or submit a contact form, we collect your name and email address. Account data is stored in Supabase, our database provider.
  • Intake responses: When you complete the intake form as a signed-in user, the following information is stored securely in our Supabase database so your trial matches persist between sessions: condition, age, location (city or ZIP), geographic coordinates (if provided), travel willingness, remote trial preference, phase tolerance, follow-up question and answer, prior treatment history, and AI-extracted ICD-10 codes derived from your clinical context. This data is used solely to generate and persist your trial matches. It is processed by Google Gemini (for ICD-10 extraction and embeddings) and Anthropic Claude (for match reasoning). It is not used for advertising, profiling, or sold to third parties. You may request deletion at any time by emailing privacy@clinicalmatchmate.com.
  • Feedback submissions: If you submit feedback, we collect the content of that feedback and, if you choose to provide it, your email address.

2b. Information collected automatically

  • Usage data: Standard server logs, including IP address, browser type, referring page, and pages visited. We use this for security and performance monitoring only.
  • Session data: If you are logged in, we maintain an authenticated session cookie managed by Supabase. This does not contain health information.

2c. Location data

The “Find Trials Nearby” feature may request your approximate location (city or ZIP code). Precise GPS location is optional and, if provided, is used only to calculate trial distances within your current session. Location data is not stored after your request is fulfilled.

3. How we use your information

We use the information we collect to:

  • Generate and display clinical trial matches based on your inputs
  • Respond to contact form submissions and feedback
  • Authenticate your account and maintain session security
  • Monitor and improve Platform performance and reliability
  • Comply with legal obligations

We do not use your health-related responses to build profiles, train AI models, or target advertising.

4. How we share your information

We do not sell, rent, or trade your personal information. We may share data with:

  • Supabase: Our database and authentication provider. Account data is stored on Supabase servers. See Supabase’s Privacy Policy.
  • Resend: Used to deliver contact form submissions by email. Message content is transmitted through Resend’s infrastructure.
  • AI providers: Your intake responses are sent to Google Gemini (for ICD-10 code extraction and generating vector embeddings used in trial retrieval) and Anthropic Claude (for plain-language match reasoning). These providers process your data to perform matching and are subject to their respective data handling practices: Google Privacy Policy and Anthropic Privacy Policy.
  • Legal requirements: If required by law, regulation, or valid legal process, we may disclose information to the appropriate authorities.

5. Data retention

  • Intake responses: Retained for as long as your account is active. Deleting your account removes your intake responses from our systems. You may also request deletion of your intake data independently by emailing privacy@clinicalmatchmate.com.
  • Account data: Retained as long as your account is active. You may delete your account at any time by emailing privacy@clinicalmatchmate.com.
  • Contact form submissions: Retained for up to 12 months for follow-up and quality purposes, then deleted.
  • Server logs: Retained for up to 90 days for security monitoring.

6. Security

We use industry-standard practices to protect your data, including TLS encryption in transit, secure authentication via Supabase, and access controls. No method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

7. Your rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal data. To exercise these rights, contact us at privacy@clinicalmatchmate.com. We will respond within 30 days.

8. Children

The Platform is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us immediately.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will indicate the effective date at the top of the page. Continued use of the Platform after changes constitutes acceptance of the updated policy.

10. Contact us

For privacy-related inquiries, email privacy@clinicalmatchmate.com or use our contact page.