Privacy Policy

NarcCount holds inventory and recordkeeping information— drug identification numbers (DINs), quantities, dates, and optional invoice or prescription reference numbers — not patient personal health information. Patient names are not required to use the Service, and we ask that you not upload them. Because NarcCount does not collect or store patient health information, it is generally not acting as a health-information custodian under Ontario’s Personal Health Information Protection Act (PHIPA).

• Account information — the work email and password you use to sign in, your pharmacy’s name and address, and the names/roles of team members you invite.
• Reconciliation records you upload or enter — purchase, dispensing, destruction, and physical-count records for controlled substances. These typically include a drug identification number (DIN), quantity, and date, and may include an invoice or prescription (Rx) reference number where you provide it.
• Usage and technical data — basic logs (e.g. sign-in events and actions taken in the app) used to operate, secure, and audit the service.

We use your information solely to provide the service: to compute reconciliations, surface variances, generate reports, send the reminders you ask for, secure your account, and provide support. We do not sell your data, and we do not use your reconciliation records for advertising.

Your records are stored in Canada, in our database provider’s Canadian region (Supabase, ca-central-1), encrypted in transit (TLS) and at rest, with access restricted to your pharmacy’s authorized users through row-level security. Some operational processing by the service providers listed below — application hosting and delivery, transactional email, and optional AI discrepancy triage — may take place outside Canada and may be subject to the laws of those jurisdictions. We limit what each provider receives to what is needed to run the Service and require comparable protection by contract.

We rely on a small number of providers to run NarcCount:

• Supabase — database, authentication, and storage (Canadian region, ca-central-1).
• Vercel — application hosting and delivery.
• Resend — delivery of transactional and reminder email.
• OpenRouter — the AI provider used for optional discrepancy triage. Only the variance figures needed for that analysis are sent; we do not send patient identifiers.

We retain your reconciliation records for as long as your account is active so your count history stays continuous. Controlled-substance dispensing records generally need to be kept and retrievable for at least 10 years in Ontario (O. Reg. 264/16 s. 21) — longer for records of a minor, and well beyond the federal 2-year narcotic minimum — see the Ontario College of Pharmacists for the recordkeeping expectations that apply to your pharmacy. If you close your account, you may request export or deletion of your data, subject to any retention you are legally required to maintain.

Consistent with Canadian privacy law (including the Personal Information Protection and Electronic Documents Act, PIPEDA), you may request access to, correction of, or deletion of your personal information, and you may withdraw consent subject to the limits of providing the service. To make a request, contact us at the address below. If you are not satisfied with how we handle your request, you may also contact the Office of the Privacy Commissioner of Canada.

If we become aware of a breach of security safeguards involving your information that poses a real risk of significant harm, we will notify you and, where required, the appropriate authorities, without undue delay. Our security practices are described on our Security page.

We have designated a Privacy Officer who is accountable for how personal information is handled at NarcCount. Questions about this policy or your data, or to make a privacy request, email support@narccount.ca. See also our Terms of Service.