Privacy Policy
Last updated on 15 Jan 2026
Overview
Valinor (“we,” “us,” or “our”) is a patient-directed application designed to help individuals connect their healthcare providers and view their medical information in one place. This Privacy Policy explains how we collect, use, and protect information when you use Valinor.
Valinor is currently in development and uses test and sandbox environments for validation.
Information We Collect
Information You Provide
Account information (e.g., email address)
Information you choose to upload (e.g., FHIR files)
Information Accessed With Your Authorization
When you connect a healthcare provider using SMART on FHIR, Valinor may access read-only clinical data such as:
Demographics
Encounters
Conditions
Medications
Allergies
Observations (labs and vitals)
Diagnostic reports
Clinical documents (where available)
Clinical documents, where retrieved, may be securely stored or cached to support user access and application functionality. Valinor does not alter original clinical documents and limits access to authorized users.
Valinor does not collect or store your provider portal usernames or passwords.
Data Storage & Security
Data is encrypted in transit and at rest
OAuth access tokens are stored securely and encrypted
Access is limited to authorized systems and personnel
We implement industry-standard safeguards appropriate for an early-stage healthcare application
Your Control
You control which providers are connected
You may disconnect a provider at any time
You may request deletion of your data by contacting us
Sandbox & Testing Disclosure
Valinor currently operates using test and sandbox environments, including Epic sandbox test patients. No live production patient data from real health systems is accessed without explicit authorization.
Contact
For privacy questions or data requests:
Email: support@valinorlabs.dev