Privacy Policy
Last Updated: June 1, 2026
This Privacy Policy describes how FlaskTrack ("FlaskTrack", "we", "our", or "us") collects, uses, stores, processes, and protects information when you use our laboratory management platform and related services.
FlaskTrack is operated by Santurce Software LLC.
Contents
- Information We Collect
- Customer Data
- How Information Is Used
- AI and Machine Learning
- Information Sharing
- Subprocessors
- Data Retention
- Security Measures
- Customer Rights
- International Processing
- Children's Privacy
- Cookies
- Third-Party Services
- Changes To This Policy
- Contact Information
1. Information We Collect
We collect information necessary to operate, secure, support, and improve the Service.
Account Information
- Name
- Email address
- Password hash
- Organization membership information
- User preferences
- Role assignments
Organization Information
- Organization name
- Billing information
- User directory information
- Subscription details
Laboratory Information
- Protocols
- Workflows
- Samples
- Batch records
- Compliance records
- Research notes
- Laboratory documentation
- Uploaded files
- Generated reports
- Audit records
Technical Information
- IP addresses
- Browser information
- Device information
- Session information
- Authentication logs
- Error reports
- Security events
Billing Information
Payment processing is performed through third-party payment providers such as Stripe.
FlaskTrack does not store complete credit card numbers.
2. Customer Data
Customer Data includes information entered, uploaded, generated, or stored within the Service.
Customer Data may include:
- Research records
- Laboratory records
- Experimental data
- Protocols
- Workflow definitions
- Sample records
- Batch records
- Compliance evidence
- Uploaded documents
- Scientific notes
- Reports
FlaskTrack acts as a service provider and processor of Customer Data and does not claim ownership of such information.
3. How Information Is Used
Information collected through the Service may be used for:
- Providing the Service
- User authentication
- Authorization and permissions
- Technical support
- Account administration
- Billing management
- Platform security
- Fraud prevention
- Regulatory obligations
- Service reliability improvements
- Disaster recovery operations
Information is not used for advertising networks, behavioral profiling, or data brokerage activities.
4. AI and Machine Learning
FlaskTrack does not use customer data, laboratory records, uploaded documents, protocols, workflows, reports, personal information, or organizational data for training:
- Large language models
- Machine learning models
- Artificial intelligence systems
- Foundation models
- Generative AI systems
Customer information is not sold, licensed, syndicated, shared, or repurposed for AI training purposes.
If AI-assisted functionality is provided, submitted information is processed solely to generate the requested output.
5. Information Sharing
We do not sell, rent, lease, broker, or commercially distribute customer information.
Information may be shared only when necessary to:
- Operate the Service
- Provide customer support
- Comply with legal obligations
- Investigate abuse or fraud
- Protect platform security
6. Subprocessors
FlaskTrack may utilize carefully selected subprocessors to operate the Service.
| Provider | Purpose |
|---|---|
| DigitalOcean | Hosting, databases, storage, networking |
| Stripe | Payment processing |
| Email Providers | Transactional email delivery |
Additional subprocessors may be added as operational requirements evolve.
7. Data Retention
Customer data remains available while accounts remain active.
Deleted records may remain in encrypted backups for a limited retention period before permanent removal.
Account information may be retained where necessary to satisfy legal, accounting, security, or contractual obligations.
8. Security Measures
FlaskTrack employs administrative, technical, and organizational safeguards designed to protect customer information.
- TLS encryption in transit
- Password hashing
- Role-based access controls
- Audit logging
- Authentication controls
- Infrastructure monitoring
- Access restrictions
- Backup systems
No technology platform can guarantee absolute security.
9. Customer Rights
Subject to applicable law, customers may have rights to:
- Access information
- Correct information
- Export information
- Delete information
- Restrict processing
- Object to certain processing activities
Requests may be submitted using the contact information below.
10. International Processing
Information may be processed in jurisdictions where FlaskTrack or its service providers operate infrastructure.
By using the Service, you consent to such processing as necessary to provide the Service.
11. Children's Privacy
FlaskTrack is not intended for use by children under thirteen years of age.
We do not knowingly collect personal information from children.
12. Cookies
FlaskTrack uses essential cookies required for authentication, session management, security, and user preferences.
FlaskTrack does not use advertising cookies or third-party tracking networks.
13. Third-Party Services
The Service may contain integrations or dependencies involving third-party providers.
Use of third-party services may also be governed by those providers' privacy policies and terms.
14. Changes To This Policy
We may update this Privacy Policy periodically.
Updated versions will be posted to this page with a revised effective date.
15. Contact Information
Santurce Software LLC
privacy@santurcesoftware.com
Questions regarding privacy practices, security controls, or information requests may be directed to the address above.