Book a Consultation

RadLog App

Privacy Policy

Last updated: May 6, 2026  |  312 IT Consulting LLC

This Privacy Policy explains what personal information the RadLog iOS application collects, how we use it, who we share it with, and the choices you have. RadLog is published by 312 IT Consulting LLC, an Illinois limited liability company ("Company," "we," "us," "our"). Capitalized terms not defined here have the meanings given in our Terms of Service.

1. Scope

This Policy applies to the RadLog iOS application and any related services we operate (the "Service"). It does not apply to third-party services we link to or interoperate with — those services are governed by their own privacy policies, which are listed in Section 5.

2. Information we collect

2.1 Information you create inside the app

When you use RadLog, you may create the following records on your device. These are stored locally using Apple's SwiftData framework and, if you sign in, replicated to our cloud sync service for backup across your devices:

  • Procedure logs — procedure type (e.g. fluoroscopy), Dose Area Product (DAP) value you enter, distance bucket from source, calculated estimated dose in mSv, timestamp.
  • Dosimeter readings — provider name (Landauer, Mirion, Instadose, RDC, IZI, Other), badge type, dosimeter ID, wear-period start/end dates, transcribed DDE / LDE / SDE values from your dosimetry report.
  • Profile preferences — display name (optional), default procedure type, default dosimetry provider, default badge type, tracking mode (Manual / Measured / Both), and other in-app settings.

You enter all of this information yourself. We do not import data from your dosimetry provider, your employer, your facility, or any electronic health record system.

2.2 Account information

To enable cloud backup and sync of your records you may create an account using:

  • Sign in with Apple — we receive a stable user identifier and, if you choose to share it, your name and an email address (which may be a private relay address).
  • Google Sign-In — we receive your Google account identifier, name, and email address.

Account records are stored in Google Firebase Authentication. Your identifier is used to associate your synced records with you so they appear on every device where you sign in.

2.3 Subscription information

If you subscribe to RadLog Pro, the purchase is handled by Apple's App Store. We do not see, collect, or store your payment card information at any point. To manage entitlements (e.g. determine whether your subscription is active, in trial, expired, or refunded) we use a third-party subscription service, RevenueCat, which receives a pseudonymous user identifier and the receipt metadata Apple provides for your transaction.

2.4 Diagnostic and usage data

We use a privacy-respecting analytics service (TelemetryDeck) to understand how the app is used in aggregate so we can improve it. Each event is a short string ("App.Launched," "Onboarding.Completed," "Auth.Succeeded," etc.) plus a small set of pre-bound parameter values.

We do not send the following to our analytics provider:

  • Your name, email address, Apple ID, Google account identifier, or Firebase user identifier
  • Specific DAP values you enter
  • Specific dose values in mSv
  • Specific procedure timestamps
  • Facility names, dosimeter IDs, or any free-text field
  • Free-form error messages from third-party SDKs

What we do send is limited to enum-bound categorical values: procedure type, distance bucket index (0–5), input method (wheel vs. number), bucketed DAP range, and ALARA milestone hits (e.g. "user crossed 10% of the annual limit"). TelemetryDeck additionally receives standard mobile context: app version, OS version, device model, and an anonymous installation identifier that is generated locally on each device.

2.5 Crash and performance data

If RadLog crashes or encounters an unrecoverable error, anonymized crash diagnostics may be sent to Apple via the standard iOS crash reporting pipeline. You can opt in or out of sharing this data with developers from Settings > Privacy & Security > Analytics & Improvements on your iOS device.

2.6 What we do not collect

RadLog is not a clinical system. RadLog never collects patient names, patient identifiers, dates of birth, medical record numbers, accession numbers, study identifiers, or any other Protected Health Information (PHI) under HIPAA. Do not enter PHI into RadLog under any circumstances.

We do not collect your contacts, photos, location, microphone, camera, calendar, health (HealthKit) data, advertising identifier (IDFA), or any biometric information. RadLog does not display third-party advertising and is not part of any advertising network.

3. How we use your information

We use the information described in Section 2 only for the following purposes:

  • Provide the Service — store your logs and readings on your device, render your dose totals, generate your PDF reports, sync your records across the devices you sign into.
  • Authenticate you — verify that the records belong to your account when you sign in.
  • Manage your subscription — confirm whether your RadLog Pro entitlement is active, expired, in trial, or refunded.
  • Improve the app — review aggregated, de-identified usage signals to find rough edges and prioritize fixes.
  • Comply with law and protect the Service — respond to legal process, enforce our Terms, or investigate suspected misuse.

We do not sell your personal information. We do not use your information for cross-context behavioral advertising. We do not train machine-learning models on the records you enter.

4. Legal bases (EEA, UK, Switzerland users)

If you use RadLog from the European Economic Area, the United Kingdom, or Switzerland, the legal bases on which we process your personal information are:

  • Performance of a contract — to provide the features of the Service you have requested.
  • Legitimate interests — to operate, secure, and improve the Service, where those interests are not overridden by your rights.
  • Consent — where you have given it (e.g. opting in to share crash diagnostics with developers).
  • Legal obligation — where processing is required to comply with applicable law.

5. Service providers and data sharing

We share the categories of personal information described above only with the third-party processors listed below, and only to the extent each one needs to deliver its part of the Service.

Processor Purpose Data shared Privacy policy
Apple Inc. App distribution, Sign in with Apple, in-app purchase, crash diagnostics Account identifier, purchase receipt, anonymous crash reports apple.com/legal/privacy
Google LLC (Firebase Authentication, Cloud Firestore) User authentication, cloud backup and sync of your records Account identifier, email address, your procedure logs and dosimeter readings (in your account's private collection) firebase.google.com/support/privacy
Google LLC (Google Sign-In) Optional authentication method Google account identifier, name, email address (only if you choose to sign in with Google) policies.google.com/privacy
RevenueCat, Inc. Subscription entitlement management Pseudonymous user identifier, App Store receipt metadata revenuecat.com/privacy
TelemetryDeck (Apparatus Apps GmbH) Privacy-respecting product analytics Aggregated, enum-bound usage events; locally generated anonymous installation identifier; app + OS + device-model context telemetrydeck.com/privacy

We do not share your personal information with any other third party except (a) with your explicit consent, (b) to comply with a valid legal process, or (c) in connection with a merger, acquisition, or sale of assets, in which case we will notify you and provide a meaningful choice before your information becomes subject to a different privacy policy.

6. Storage and security

Your records are encrypted in transit between the app and our cloud sync service using TLS. At rest, data stored in Google Firebase is encrypted using Google's standard server-side encryption. Locally on your iOS device, data is protected by iOS file-level encryption tied to your device passcode.

No internet-connected service can be guaranteed 100% secure. While we apply industry-standard safeguards, you use the Service at your own risk and should keep your device and Apple ID secure.

7. Data retention

  • Procedure logs and dosimeter readings — kept indefinitely so your annual exposure totals remain accurate. You can delete individual entries from the History or Insights tab, or clear all log data from Settings > Danger Zone > Clear All Log Data.
  • Account records — kept while your account exists. Deleting your account from within the app permanently removes your records from our servers within 30 days, except where we are required by law to retain them.
  • Subscription records — retained by Apple and RevenueCat in accordance with their respective policies and applicable accounting law.
  • Analytics events — TelemetryDeck retains de-identified events on its servers per its retention policy.

8. Your rights

Depending on where you live, you may have some or all of the following rights regarding the personal information we hold about you:

  • Access — request a copy of your personal information.
  • Correction — request that we correct inaccurate information.
  • Deletion — request that we delete your personal information.
  • Portability — receive your personal information in a portable format. The PDF Export feature inside the app already provides a portable annual report you can download at any time.
  • Object or restrict processing — object to, or ask us to restrict, certain uses of your information.
  • Withdraw consent — where we rely on your consent, withdraw it at any time. Withdrawal does not affect prior processing.

To exercise any of these rights, contact us at the address in Section 13. We will respond within the time period required by applicable law. You also have the right to lodge a complaint with your local data protection authority.

9. California privacy rights

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you the rights described in Section 8 above, plus the right to know the categories of personal information we have collected and shared in the preceding 12 months. We have set those out in Sections 2 and 5.

We do not sell or share personal information as those terms are defined under California law. We do not knowingly collect personal information from California residents under the age of 16 for sale or sharing.

10. Children's privacy

RadLog is intended for use by adult radiologic technologists. We do not knowingly collect personal information from children under the age of 13. If you believe a child under 13 has provided us with personal information, please contact us so we can delete it.

11. International users

RadLog is operated from the United States. If you use the Service from outside the United States, your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country. By using the Service you consent to that transfer.

12. Changes to this Privacy Policy

We may update this Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Material changes will be communicated within the app or by email. Your continued use of RadLog after a change becomes effective constitutes your acceptance of the revised Policy.

13. Contact us

For questions about this Privacy Policy, to exercise your rights under Section 8, or for any other privacy-related inquiry, contact us:

312 IT Consulting LLC
Chicago, Illinois, USA
312itconsulting.com/contact