Privacy Policy

Last updated: March 2026

This Privacy Policy explains how FEBVSLog ("we", "our", "us") collects, uses, and protects your personal data when you use our surgical logbook platform at febvslog.com. By registering and using FEBVSLog, you agree to the practices described in this policy.

1. Who We Are

FEBVSLog is a surgical training logbook platform operated for vascular surgery residents and fellows pursuing FEBVS certification. The platform is maintained by Dr. Mohammad Barbati, Vascular Surgeon, University Hospital Munich (LMU), Germany.

Contact: [email protected]

2. Data We Collect

We collect the following personal data when you register and use FEBVSLog:

  • Account data: Full name, email address, and hashed password
  • Profile data: Hospital, department, training start date, supervisor name (optional, entered by you)
  • Procedure data: Date, procedure type, FEBVS code, level, and notes for each logged procedure
  • Technical data: IP address, browser type, and access timestamps (for security and fraud prevention)

We do not collect payment information, location data, or any sensitive health data about patients.

3. How We Use Your Data

Your data is used exclusively for the following purposes:

  • Providing and operating the FEBVSLog logbook service
  • Displaying your training progress and procedure history
  • Generating logbook exports in PDF and CSV format
  • Maintaining the security and integrity of your account
  • Improving the platform based on aggregated, anonymised usage patterns

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Data Storage and Security

All data is stored on secure, EU-based servers. Passwords are never stored in plain text — they are hashed using bcrypt before storage. All connections to FEBVSLog are encrypted via HTTPS/TLS.

Access to your data is restricted to you alone. Platform administrators may access anonymised aggregate statistics but do not have access to your individual procedure records or profile data.

5. Data Retention

Your account and all associated data are retained for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us at [email protected]. We will process deletion requests within 30 days.

6. Your Rights Under GDPR

As a resident of the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — request correction of inaccurate data
  • Right to erasure — request deletion of your account and all data
  • Right to portability — request your data in a machine-readable format (CSV export)
  • Right to object — object to processing of your data
  • Right to restrict processing — request that we limit how we use your data

To exercise any of these rights, contact us at [email protected].

7. Cookies

FEBVSLog uses a single session cookie to maintain your login state. This cookie is strictly necessary for the service to function and does not track you across other websites. We do not use advertising cookies or third-party analytics cookies.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of FEBVSLog after changes constitutes acceptance of the updated policy.

9. Contact

For any privacy-related questions or requests, please contact us at: [email protected]