Skip to main content
Candour

Privacy Policy

Last updated: 1 March 2026

1. Introduction

Candour ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our healthcare training platform at candourmed.com and any related services (collectively, the "Service").

2. Information We Collect

2.1 Information You Provide

  • Account registration details (name, email address, professional role)
  • Profile information (professional background, qualifications, career stage)
  • Content you create (interview narratives, CV data, voice recordings, reflections)
  • Payment and billing information (processed securely via Stripe)
  • Communications with us (support requests, feedback)

2.2 Information Collected Automatically

  • Device and browser information
  • IP address and approximate location
  • Usage data (pages visited, features used, session duration)
  • Cookies and similar tracking technologies

3. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Personalise your learning experience using AI-powered features
  • Process payments and manage your subscription
  • Send transactional emails (account verification, password resets, session reminders)
  • Provide customer support
  • Monitor and analyse usage trends to improve the platform
  • Detect and prevent fraud or abuse

4. AI-Powered Features

Our Service uses AI (powered by Anthropic's Claude) to provide personalised coaching, content generation, and feedback. Content you provide to AI features (such as Muse narrative builder or Vox interview coach) is processed to generate responses but is not used to train third-party AI models. Your data remains private to your account.

5. Data Sharing

We do not sell your personal data. We may share information with:

  • Service providers — hosting (Vercel, Render), payments (Stripe), email (Resend), error monitoring (Sentry)
  • AI providers — Anthropic, solely to power AI features within the Service
  • Legal obligations — when required by law, regulation, or legal process

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS), secure password hashing (bcrypt), and access controls. Payment information is handled entirely by Stripe and never stored on our servers.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. You may request deletion of your account and associated data at any time by contacting us at support@candourmed.com.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Export your data in a portable format

To exercise any of these rights, contact us at support@candourmed.com.

9. Cookies

We use essential cookies for authentication, session management, and theme preferences. We use analytics cookies (via Sentry) to understand how users interact with the platform. You can control cookie preferences through your browser settings.

10. Children's Privacy

The Service is intended for healthcare professionals and is not directed at individuals under the age of 18. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at: support@candourmed.com