Skip to content

Trust & security/Security

Security & data protection

The statements below summarise practices described in our Privacy Policy. If anything here conflicts with the policy, the policy text controls.

Encryption & infrastructure

Data is encrypted in transit (TLS) and at rest. Authentication is provided by Supabase using industry-standard practices. We do not claim independent third-party audit certificates on this page unless they are published separately with evidence.

Who can read your case text?

Patient case descriptions are not public directory content. Access is limited by account role and relationship to the case (for example you, matched specialists you connect with, and authorised administrators for support). Public specialist profiles deliberately omit phone, email, and exact clinic addresses so browsing cannot substitute for an accepted connection.

Payments

Card payments are processed by Stripe. CareMatch does not store your full card numbers on our servers.

Data sharing & sales

We do not sell your personal data. Sub-processors involved in running the platform (for example database, email delivery) are listed in the Privacy Policy.

Report a security concern

If you believe you have found a vulnerability or a privacy issue, email hello@carematchglobal.com with enough detail for us to reproduce the problem. Please do not publicly disclose unresolved security issues until we have had a reasonable time to respond.

Your privacy tools

Signed-in patients and other users can access export, correction, deletion, and restriction flows from the privacy rights page.

Security FAQ

Short answers grounded in how the product is built and what we publish in the Privacy Policy.

Do you sell my personal information?
No. Our Privacy Policy states that we do not sell personal data. Sub-processors used to run the service are described there.
Will you notify me if there is a data breach?
Where the law requires notification, we follow those requirements. For any concern, contact us at hello@carematchglobal.com.
What should I do to keep my account safe?
Use a unique password, keep your email inbox secure, sign out on shared devices, and only continue sensitive conversations through channels you trust after a specialist has accepted your introduction.
Where do I read the full legal terms?
See the Privacy Policy and Terms of Service.

CareMatch uses essential cookies to keep you signed in and to make the platform work.

We do not use tracking or advertising cookies. Learn more.