Skip to content

Privacy Policy

Last updated: April 24, 2026

Summary

OpenMyScan runs entirely in your browser. Your medical scan files are never uploaded to any server we control. We do not operate servers that process, store, or analyze your medical images.

What we don't collect

  • Your DICOM files, MRI scans, CT scans, or any medical imaging data
  • Patient names, IDs, dates of birth, or other identifiers stored in DICOM metadata
  • The contents of any files you drop into the viewer
  • Third-party advertising trackers or behavioral analytics

What we do collect

To operate the site, OpenMyScan and our infrastructure providers may collect:

  • Basic server logs — IP address, user agent, and requested URL, retained by our hosting provider (Vercel) for standard operational purposes. These are not linked to your identity or your scan data.
  • Anonymous page analytics — aggregate page-view counts via Vercel Analytics. No cookies, no user identifiers, no cross-site tracking.
  • Pro license information — if you purchase Pro, your email address and order details are processed by Lemon Squeezy (our payment provider). We store a hashed license identifier to validate your Pro access. We do not store your payment card details; those are handled directly by Lemon Squeezy.

How the viewer works

When you drop a scan folder into OpenMyScan, the files are read directly from your device into your browser's memory using the File System Access API. They are not transmitted to OpenMyScan's servers or any third party. When you close the browser tab, the files are released from memory.

You can verify this behavior yourself by disconnecting from the internet after the page loads — the viewer will continue to work.

Pro license and checkout

Pro purchases are processed by Lemon Squeezy. When you buy Pro, Lemon Squeezy receives your email address, billing information, and payment details according to their own privacy policy. We receive a webhook notification that a purchase completed, which includes your email and a license key. We use the license key to activate Pro in your browser.

GDPR, HIPAA, and regional privacy laws

OpenMyScan is designed to minimize data collection by default. Because we do not receive, process, or store your medical imaging files on our servers, most privacy regulations that apply to medical data (including HIPAA in the US and GDPR health-data provisions in the EU) simply do not apply to the file contents — we never see them.

For the limited data we do collect (server logs, anonymous analytics, Pro license records), GDPR rights apply if you are in the EU or UK. You can request access, correction, or deletion of this data by emailing legal@openmyscan.com.

Children's privacy

OpenMyScan is a general-purpose viewer. Parents and guardians may use it to view pediatric scans on behalf of their children. We do not knowingly collect personal data from children under 13. If you believe a child has submitted personal data, contact us at legal@openmyscan.com.

Changes to this policy

We may update this policy. The "Last updated" date at the top of this page will reflect the most recent change. Material changes will be flagged on the homepage or via email to Pro customers.

Contact

Privacy questions: legal@openmyscan.com

OpenMyScan is a viewer for images you already own. It is not a diagnostic tool, is not FDA- or CE-cleared, and does not replace professional medical advice.