ToxSOAP | Instant Medical Toxicology SOAP Note Generator for Poison Center Calls Privacy Policy

1. Who we are

**Medical Toxicology LLC** ("we," "us," "our") operates ToxSoap from Arizona, United States. **Contact:** privacy@medicaltoxic.com

2. What information ToxSoap processes

### 2.1 No accounts - ToxSoap does **not** require registration. - We do **not** create user accounts or user profiles. ### 2.2 Information you enter into the app (SOAP-note inputs) To generate a SOAP note, you may choose to enter information such as: - **Caller / facility details:** caller name, caller title, callback number, healthcare facility name, unit/location - **Patient details:** patient name, date of birth, gender, weight - **Exposure/event details:** intent of exposure, route of exposure, substances involved (known/unknown), acuity, narrative of event/exposure, time of ingestion/exposure (TOI), time of arrival to healthcare facility - **Clinical details:** vital signs (date/time, HR, BP, RR, temperature, SpO₂), ECG findings, symptoms/signs, neurological exam status - **Medical background:** past medical history (known/unknown), home medications - **Labs/levels:** whether substance levels are available, lab results and related clinical data Depending on what you enter, this may include **personal data** and potentially **sensitive health data**. > **Important:** ToxSoap is intended for **de-identified use** whenever possible. Please avoid entering direct patient identifiers unless you determine it is necessary and appropriate for your workflow and legal obligations.

3. How we use your inputs (and what we do not do)

### Purpose of processing We process the information you enter **only to generate the SOAP note output you request**. ### We do not save your form content to our database ToxSoap is designed so that information entered into the form is: - processed **in real time / during your session**, and - **not saved to our database**, **not archived**, and **not reused** by us after the note is generated (other than being displayed to you in your browser). ### Your handling of the generated note If you copy, download, print, screenshot, or paste the generated note into another system (e.g., an EHR), that content is governed by the privacy and security practices of **the system where you store it** and your organization's policies.

4. Cookies and tracking

We do **not** use cookies or similar technologies for: - advertising - cross-site tracking - behavioral profiling - third-party marketing pixels If we ever add analytics/cookies in the future, we will update this policy and (where required) provide appropriate notice and choice controls.

5. Technical data for security and reliability

Like most web services, our infrastructure may automatically process limited technical data to deliver the Service and keep it secure (for example: **IP address**, browser type, timestamps, and request metadata). We use this technical data only for: - security and abuse prevention - troubleshooting and reliability **Retention:** technical/security logs are retained for up to **30 days** (or less where feasible), unless longer retention is required to investigate security incidents or comply with legal obligations.

6. Sharing and service providers

We do not sell personal data. We may use trusted **service providers** (for example, web hosting/infrastructure and email/support providers) to operate ToxSoap. These providers may process limited information only to provide services to us and are required to protect it. We may disclose information if we believe it is necessary to: - comply with law or valid legal process, or - protect the rights, safety, and security of users, our company, or the Service (e.g., investigating abuse).

7. International users and data transfers

Medical Toxicology LLC is based in the **United States**. If you access ToxSoap from outside the U.S., technical data and support communications may be processed in the U.S. or other countries where our providers operate. Where GDPR applies and international transfer safeguards are required, we use appropriate measures (such as contractual protections) as applicable.

8. Legal bases for processing (GDPR)

Where GDPR applies, our processing is typically based on: - **Performance of a contract** (to provide the Service you request), and/or - **Legitimate interests** (to secure and operate the Service, prevent abuse, and troubleshoot). Because ToxSoap is designed not to retain your clinical form inputs, some GDPR rights requests may result in "no stored data available" for those inputs.

9. Data retention (summary)

- **Clinical form inputs:** not saved to our database as part of normal operation. - **Technical/security logs:** up to **30 days** (unless needed longer for security/legal reasons). - **Support communications:** up to **12 months** after resolution (or longer if needed for legal/security recordkeeping).

10. Your privacy rights

Depending on your location, you may have rights to request access, correction, deletion, or restriction of certain personal data we hold (most commonly related to **support communications** and limited technical logs). **How to make a request:** email **privacy@medicaltoxic.com** with enough detail to help us locate the relevant information. For security, we may need to verify your identity. Under GDPR, we generally respond within **one month** (unless an extension is permitted by law).

11. Security

We use reasonable technical and organizational safeguards appropriate to the Service, including encrypted connections (HTTPS). No system is 100% secure, but ToxSoap is designed to reduce risk by **avoiding storage of clinical form inputs** in our database.

12. Children

ToxSoap is intended for professional use and is **not directed to children**.

13. Changes to this Privacy Policy

We may update this policy from time to time. The latest version will be posted on this page and the "Last updated" date will be updated.

14. Contact

**Medical Toxicology LLC** Arizona, USA **Website:** https://medicaltoxic.com **Email:** info@medicaltoxic.com

ToxSOAP Privacy Policy