Privacy Policy
How Nalvera stores, uses, and protects the imaging data you upload. Effective 8 June 2026.
Version 1.2 · Effective date: 11 June 2026
Summary: We store your imaging data to run AI models (segmentation, classification, image generation, and other inference tasks). On every tier, your data is used solely to deliver the AI result. It is never used for research or model improvement unless you explicitly opt in, per individual job, on the results page. Paid memberships and credit top-ups are handled by our payment processor, Stripe. You can delete your data at any time. We use essential cookies only: no tracking, advertising, or third-party fonts.
1. Who We Are (Data Controller)
The data controller for Nalvera is Nalvera BV.
Contact: dpo@nalvera.ai
(Data Protection Officer).
Nalvera is a research-focused platform that runs peer-reviewed AI models on medical
imaging data, including segmentation, classification, and image generation. The service is
funded through paid memberships and credit top-ups, which sustain its research, education,
and operational costs.
2. What Personal Data We Collect
Account data
- Email address: used for login, verification, and notifications
- Password: stored as a one-way Argon2 hash; never readable
- Country, role, sector: collected for research usage analysis; not sold or shared
- Registration date, login history: used for account security and audit
- Membership tier and expiry: determines your monthly quota
Imaging data
- Uploaded imaging files (NIfTI or DICOM): medical imaging data you submit for AI processing
- AI outputs: segmentations, classifications, generated images, or analysis results produced by our models
- Job metadata: filename, model used, processing time, submission date
Technical data
- Session tokens: hashed in the database; used to keep you logged in (expire after 1 day)
- Server logs: IP address and request logs retained for security; auto-deleted after 90 days
Billing data
- Membership & credit balance: your current tier, monthly quota, and top-up credit balance
- Transaction history & invoices: records of payments for memberships and credit top-ups
- Payment details: processed directly by Stripe. We never see or store full card numbers; Stripe returns only a token and limited metadata (e.g. card brand, last four digits, billing country).
Legal basis: Contract performance (Art. 6(1)(b) GDPR) to provide paid features;
Legal obligation (Art. 6(1)(c) GDPR) to retain invoices for accounting and tax purposes.
3. How We Use Your Imaging Data
The same rule applies to every tier: no secondary use of your data without your explicit, per-job opt-in.
By submitting data you confirm that you hold the rights to the imaging data and that it contains no human subject data or personal health information.
All accounts (Guest and paid memberships)
Your uploaded data and AI outputs are not used for any secondary purpose
by default. Your data is processed solely to deliver the requested AI result and is not
retained for model training, benchmarking, or publication.
Legal basis: Contract performance (Art. 6(1)(b) GDPR).
Optional per-job research opt-in
On the results page you can flag an individual job as available for research. The opt-in
is never pre-selected, applies only to that job, and covers no other upload, past or
future. Only for jobs you explicitly flag, you grant Nalvera BV (the Nalvera operator) a
worldwide, royalty-free, non-exclusive licence to:
- Store, copy, process, analyse, modify, and create derivative works from the flagged job's scans and AI outputs
- Use that data for internal research, product development, AI model training and improvement, benchmarking, validation, and publication support
- Use that data to operate and sustain the Nalvera service, which is funded through paid memberships and credit top-ups
Files of an opted-in job may be retained for these purposes even after you delete the
job. You can withdraw your consent at any time by contacting us (Section 10); withdrawal
does not affect processing already carried out.
Legal basis: Consent (Art. 6(1)(a) GDPR).
Your responsibility
- You confirm you hold the legal right to upload and share this imaging data
- You confirm the data does not contain human subject data or protected health information
- You confirm uploading this data does not violate any third-party rights, institutional policies, or applicable regulations
- You understand that data from jobs you explicitly opt in to research will be used as described above
4. Data Retention
- Account data: Retained while your account is active. Deleted within 30 days of account deletion.
- Billing records & invoices: Retained for the period required by Belgian accounting and tax law (currently 7 years), even after account deletion. This legal obligation applies to these records only.
- Uploaded scans & outputs: Stored until you delete the job or your account. You can delete individual jobs at any time from the My Results page. Jobs you opted in to research may retain their files after deletion (see Section 3).
- Server logs: Maximum 90 days, then automatically purged.
- Session tokens: Expire after 1 day; purged automatically on expiry.
- Verification & reset codes: Expire after 24 hours / 1 hour respectively.
5. Your Rights Under GDPR
As an EU data subject you have the following rights. Submit requests to dpo@nalvera.ai.
Right of access (Art. 15)
Request a copy of all personal data we hold about you.
Right to rectification (Art. 16)
Correct inaccurate personal data.
Right to erasure (Art. 17)
Delete your account and all associated data. Use the platform's delete functions or email us.
Right to restrict processing (Art. 18)
Request we stop processing your data in specific ways while a dispute is resolved.
Right to data portability (Art. 20)
Receive your personal data in a machine-readable format.
Right to object (Art. 21)
Object to processing based on legitimate interest.
Right to withdraw consent
Withdraw consent at any time: for cookie use via the consent widget below, or for a per-job research opt-in by contacting us.
Right to lodge a complaint
6. Cookies & Similar Technologies
Under the ePrivacy Directive (as implemented in Belgian law) and GDPR,
we must inform you about all cookies and obtain your consent for non-essential ones.
| Name |
Type |
Purpose |
Duration |
Category |
nalvera_session |
HTTP Cookie |
Keeps you authenticated after login. Without this cookie you cannot use the platform. No tracking or analytics function. |
Browser session; the underlying token expires after 1 day |
Strictly Necessary |
nalvera_cookie_consent |
localStorage |
Records your cookie consent preference so the consent banner is not displayed on every visit. |
12 months |
Functional |
Strictly necessary cookies do not require your consent under Art. 5(3) of the
ePrivacy Directive. We set nalvera_session only when you log in and only store a
cryptographic hash in the database; the plaintext token is never stored server-side.
7. Third-Party Services & Data Transfers
- Payment processing (Stripe): memberships and credit top-ups are processed by Stripe Payments Europe, Ltd. Stripe receives the billing data needed to take payment and prevent fraud. See Stripe's Privacy Policy.
- Email (SMTP): transactional emails (verification codes, password resets, job notifications) are sent via an SMTP server configured by the platform administrator. Email addresses are not shared with third-party marketing services.
- No third-party fonts: fonts are served from your OS (system font stack); no requests to Google Fonts or any CDN.
- No tracking third parties: we do not use Google Analytics, Meta Pixel, advertising networks, or any tracking-based third-party services.
Imaging data and account data are hosted on servers within the European Economic Area (EEA).
The only routine transfer outside the EEA is billing data sent to Stripe, which may be processed in the US
under the EU-US Data Privacy Framework and Standard Contractual Clauses.
No imaging data is transferred outside the EEA.
8. Security Measures
- Passwords hashed with Argon2 (memory-hard, state-of-the-art)
- Session tokens are SHA-256 hashed in the database
- Account lockout after 5 failed login attempts (15-minute lockout)
- Password reset tokens expire after 1 hour and are single-use only
- All file access is gated by user ownership checks
- Security headers:
X-Content-Type-Options, X-Frame-Options, Referrer-Policy
- HTTPS enforced in production
9. Changes to This Policy
We may update this policy to reflect changes in law, our practices, or our services.
Material changes will be communicated via email (if you have notifications enabled)
and by updating the "Effective date" at the top. Continued use of the platform
after notification constitutes acceptance of the updated policy.
10. Contact & Complaints
For all privacy-related queries, requests to exercise your rights, or to report a concern:
← Back to platform