Privacy Policy

CareEHR is operated by Petrichor Labs, a Canadian company.

What we collect

When you sign in via ConsentKeys, we store a pseudonymous identifier, display name, and email address. These are ConsentKeys-generated pseudonyms, not your real identity.

When you upload documents, they are stored encrypted at rest in our cloud infrastructure. We do not read, analyze, or share your documents.

Who can see your data

Only family members you explicitly invite can see documents in a care profile. Provider links give time-limited, read-only access to doctors — and every access is logged.

We (Petrichor Labs) do not access your health documents unless required to investigate a technical issue you report, or as required by law.

Data storage

All documents are encrypted at rest (AES-256). All data is transmitted over TLS. Our infrastructure is hosted in Canada where possible.

Your rights

Under PIPEDA (Canada's federal privacy law), you have the right to access, correct, and delete your personal information. Contact us at privacy@petrichorlabs.ca to exercise these rights.

Contact

Petrichor Labs · Canada · privacy@petrichorlabs.ca

Last updated: March 2026