← Back to Logara

Privacy Policy

Last updated: 26 March 2026

Logara Technologies (“Logara”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform at logara-ai.com and related services.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and organisation details. If you sign up as a sales representative, we also collect payment details for commission payouts.

Client Data

When you connect a healthcare practice to Logara, we collect business information including practice name, address, phone number, and vertical type. We do not collect patient data or protected health information (PHI).

Google Integrations

If you connect Google Search Console or Google Analytics 4, we request read-only access to:

  • Google Search Console: Search queries, clicks, impressions, average position, and indexing status. Scope: webmasters.readonly
  • Google Analytics 4: Sessions, page views, active users, bounce rate, and session duration. Scope: analytics.readonly

We store an encrypted refresh token to maintain the connection. Access tokens are short-lived (60 minutes) and never stored. We cannot modify your Google data — access is strictly read-only.

Call Data

Our AI receptionist processes inbound phone calls. We store call metadata (timestamp, duration, caller number) and AI-generated call summaries. Call recordings are stored by our telephony provider (Twilio) and are accessible only to the connected practice.

Review Data

If you connect Google Business Profile, we access publicly visible reviews to generate AI-assisted responses. Review replies are only posted with your explicit approval.

2. How We Use Your Data

  • Generate SEO audit reports and rank tracking dashboards
  • Produce AI-written blog content and programmatic pages for your practice
  • Monitor and respond to Google reviews on your behalf
  • Provide call analytics and lead summaries via WhatsApp
  • Calculate and pay sales representative commissions
  • Improve our AI models and service quality (aggregated, anonymised data only)

3. Data Storage & Security

  • Database: Supabase (PostgreSQL) with row-level security enforcing multi-tenant isolation. Each practice’s data is accessible only to authorised users.
  • Encryption: TLS 1.3 in transit. Sensitive credentials (API keys, refresh tokens) are encrypted at rest.
  • Hosting: Vercel (frontend) and Railway (backend API), both with SOC 2 compliance.
  • Access control: Role-based access (owner, admin, member) with mandatory authentication on all endpoints.

4. Data Sharing

We do not sell your data. We share data only with:

  • Service providers: Twilio (telephony), Stripe (payments), OpenAI (AI content generation), DataForSEO (search data) — each bound by their own privacy policies and data processing agreements.
  • Legal requirements: If required by law, regulation, or legal process.

5. Your Rights

  • Disconnect integrations: Revoke Google access at any time from your dashboard or at myaccount.google.com/permissions.
  • Export your data: Request a full export of your data by contacting us.
  • Delete your account: Request account deletion and we will remove all associated data within 30 days.
  • Access & rectification: View and update your data from your dashboard at any time.

6. Data Retention

We retain your data for as long as your account is active. After account deletion or disconnection, we remove your data within 30 days, except where retention is required by law (e.g., financial records for tax compliance).

7. Cookies

We use essential cookies for authentication and session management. We use Google Analytics (GA4) for anonymised usage analytics. No third-party advertising cookies are used.

8. International Transfers

Your data may be processed in the United Kingdom, European Economic Area, or United States. We rely on standard contractual clauses and adequacy frameworks for cross-border transfers.

9. GDPR & UK Data Protection

If you are in the UK or EEA, you have additional rights under the UK GDPR / EU GDPR including the right to lodge a complaint with the Information Commissioner’s Office (ICO) or your local supervisory authority. Our lawful basis for processing is legitimate interest (providing the service you signed up for) and consent (for optional integrations like Google).

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or an in-app notification. The “last updated” date at the top reflects the most recent revision.

11. Contact

For privacy-related enquiries, contact us at:

Logara Technologies
Email: privacy@logara-ai.com
Website: logara-ai.com