| Data | How it's handled |
|---|---|
| Account / identity | None. X·Sim requires no sign-up and stores no name, email, or profile. |
| Simulated patient vitals & rhythms | Fictional; generated in your browser. Never leaves the peer-to-peer session except between the instructor and trainee you connect with. |
| Session code / link | A random room identifier used only to connect two browsers. Not tied to your identity. |
| Microphone audio ("Call Medical Direction") | Streamed peer-to-peer in real time to the other participant. Not recorded or stored by the Service. Off unless you grant browser permission. |
| Camera video ("AV monitoring") | Streamed peer-to-peer in real time. Not recorded or stored by the Service. Requires an explicit in-app consent prompt and browser permission before it starts. |
| Button-press events | During a session, the trainee's simulated device actions are sent to the instructor's screen so they can coach. These describe simulator interactions, not personal data, and are not persisted after the session ends. |
To set up the direct peer-to-peer connection, X·Sim uses a third-party WebRTC signaling broker (PeerJS) and public STUN servers. These exchange the technical information (network candidates and session descriptions, including IP addresses) needed to connect two browsers. Your media does not pass through us. If direct connection fails on restrictive networks, a relay (TURN) server may be required in a production deployment; if the operator adds one, media may transit that relay in transport-encrypted form. WebRTC media is encrypted in transit (DTLS-SRTP).
X·Sim may keep small values in your browser (e.g., a chosen role or session code) to make the app work. This stays on your device and is not sent to us. Clearing your browser data removes it.
X·Sim is intended for adult learners and professionals. It is not directed at children under 13, and we do not knowingly collect data from them.
WebRTC media is encrypted in transit. However, anyone with a session link can join that session, so share links only with intended participants. No internet transmission is perfectly secure; use the AV features only where appropriate and with everyone's consent.
X·Sim is a training simulator and is not designed to handle real PHI. Do not enter or capture real patient information. If an institution wishes to use it in a workflow subject to HIPAA or similar laws, that institution is responsible for its own compliance assessment.
X·Sim is operated by Brickell Bay Group LLC. We may update this Policy; material changes will be noted by the "Last updated" date. Privacy and medical-application questions: sales@sanalogs.com. Legal questions: legal@sanalogs.com.