← Back to X·Sim

Privacy Policy

Last updated: 1 July 2026

Privacy-first by design. X·Sim has no user accounts and no backend database. It does not collect, transmit to us, or store any personal health information (PHI). Simulated patient data is fictional. Audio and video, if you enable them, flow directly between participants and are not recorded by the Service.

1. What we do and don't collect

DataHow it's handled
Account / identityNone. X·Sim requires no sign-up and stores no name, email, or profile.
Simulated patient vitals & rhythmsFictional; generated in your browser. Never leaves the peer-to-peer session except between the instructor and trainee you connect with.
Session code / linkA random room identifier used only to connect two browsers. Not tied to your identity.
Microphone audio ("Call Medical Direction")Streamed peer-to-peer in real time to the other participant. Not recorded or stored by the Service. Off unless you grant browser permission.
Camera video ("AV monitoring")Streamed peer-to-peer in real time. Not recorded or stored by the Service. Requires an explicit in-app consent prompt and browser permission before it starts.
Button-press eventsDuring a session, the trainee's simulated device actions are sent to the instructor's screen so they can coach. These describe simulator interactions, not personal data, and are not persisted after the session ends.

2. Signaling & connectivity

To set up the direct peer-to-peer connection, X·Sim uses a third-party WebRTC signaling broker (PeerJS) and public STUN servers. These exchange the technical information (network candidates and session descriptions, including IP addresses) needed to connect two browsers. Your media does not pass through us. If direct connection fails on restrictive networks, a relay (TURN) server may be required in a production deployment; if the operator adds one, media may transit that relay in transport-encrypted form. WebRTC media is encrypted in transit (DTLS-SRTP).

3. Local storage

X·Sim may keep small values in your browser (e.g., a chosen role or session code) to make the app work. This stays on your device and is not sent to us. Clearing your browser data removes it.

4. Children

X·Sim is intended for adult learners and professionals. It is not directed at children under 13, and we do not knowingly collect data from them.

5. Your choices

6. Security & honest limits

WebRTC media is encrypted in transit. However, anyone with a session link can join that session, so share links only with intended participants. No internet transmission is perfectly secure; use the AV features only where appropriate and with everyone's consent.

7. Not a HIPAA-covered service

X·Sim is a training simulator and is not designed to handle real PHI. Do not enter or capture real patient information. If an institution wishes to use it in a workflow subject to HIPAA or similar laws, that institution is responsible for its own compliance assessment.

8. Changes & contact

X·Sim is operated by Brickell Bay Group LLC. We may update this Policy; material changes will be noted by the "Last updated" date. Privacy and medical-application questions: sales@sanalogs.com. Legal questions: legal@sanalogs.com.

Terms of Use →