The short version
FHIRBuilders is a marketplace + sandbox for healthcare AI builders. We collect the minimum we need to run the product:
- Your account: name, email, profile image, GitHub username if you sign in with GitHub.
- What you create: projects, comments, upvotes, AI-generated apps you choose to share.
- Sign-in tracking: the timestamp of your first and most recent sign-in, plus a count. Used only for admin views of cohort participation.
We do not sell your data. We do not embed third-party tracking pixels (no Meta Pixel, no Google Analytics scripts, no LinkedIn tags). We do not handle real Protected Health Information (PHI) — the FHIR sandboxes we connect to use synthetic patient data only.
Where your data lives
- Database: PostgreSQL on Neon (US region).
- Hosting: Next.js application on Vercel.
- Email: magic-link sign-in + transactional email via Resend.
- FHIR data: we never store real patient data. When you use the sandbox, FHIR resources live in your own Medplum project. Medplum sandboxes are pre-loaded with synthetic data from Synthea.
- AI model calls: when you use OpenClaw or AI features, prompts go to Anthropic and/or OpenAI under your own API key (BYOK). We don't store the request/response payload by default — only generation metadata (channel, status, timing).
What we use it for
- Authenticating you and showing the right pages.
- Counting how many builders have signed in (for cohort coordination — see the admin roster).
- Sending you transactional email (magic links, cohort updates, feedback replies).
- Aggregate, anonymized usage stats — “X projects shared this week” — to run the marketplace.
Sign-in providers
When you sign in with GitHub or Google, the provider sends us your name, email, and profile image. We don't request additional scopes beyond your public profile + email. You can revoke FHIRBuilders' access at any time from your provider's connected-apps settings.
Cookies
We set a single first-party cookie for your sign-in session (next-auth.session-token or the secure-prefixed variant in production). No analytics, advertising, or third-party cookies. The session is stored as a signed JWT — we don't track session activity on the server beyond the sign-in timestamps above.
Sharing
We share data only when:
- You publish something publicly (your profile, a project, a comment) — the visible fields are public by definition.
- A service provider runs core infrastructure for us (Neon, Vercel, Resend, OAuth providers). They handle data on our behalf under their own DPAs.
- We're legally compelled. We'll tell you when we're allowed to.
No advertising. No data brokers. No data sale.
Your rights
- Export — email us and we'll send you a JSON dump of everything we have on your account.
- Delete — email us and we'll delete your account + everything linked to it within 7 days, except where retention is legally required.
- Correct — most fields are editable from your profile; if something isn't, email us.
Cohort participants
If you joined Cohort 00 (or a future cohort), your name + what you said you're building is visible to other cohort participants on the community page behind a sign-in. Sign-in timestamps and pod assignments are visible to the cohort organizer (Eugene) only.
We'll publish cohort outcomes (project names, demo URLs you choose to share) publicly after Demo Day. Nothing tied to your individual sign-in cadence or commitment history is ever published.
Children
FHIRBuilders is not directed at children under 16. We don't knowingly collect data from them.
Changes
If we make a material change to this policy, we'll bump the “last updated” date at the top and email every signed-up user.
Contact
Eugene Vestel — eugene.vestel@gmail.com. Operating as an individual, not a corporate entity, as of 2026-06-05.