Security & Privacy

Your health data.
Locked. Encrypted. Yours.

Medical cannabis data deserves the highest standard of protection. Every architectural decision in CannaLog starts with privacy — encryption end-to-end, UK data residency, and a hard "no third-party sharing" line.

Sign Up See the detail
No data sold. Ever.
Not to clinics. Not to pharmacies. Not to anyone.
UK GDPR ICO AES-256 TLS 1.3 UK Hosting
AES-256-GCM
Encryption at rest
UK Azure only
Data residency
0 third-parties
No data processors
99.99%
Uptime (30-day)
Enterprise-Grade Protection

Built like a bank.
Designed for patients.

Every layer of the stack — client, transport, storage, backups — is locked down by default. Your data is encrypted before it leaves your device and stays encrypted on our servers.

UK Data Protection & EU GDPR Compliant Registered with the ICO. All data practices comply with UK GDPR and the Data Protection Act 2018.
Encrypted in transit (TLS 1.3) and at rest (AES-256) Your data is encrypted before it leaves your device and remains encrypted on our servers and backups.
We never sell your data Not to clinics, not to pharmacies, not to anyone else. Your health information is not a revenue stream.
We never share your data* Unless you explicitly choose to export reports for your prescribing clinic — and only the data you choose to include.

* Unless you explicitly choose to export reports to your prescribing clinic. We will never share your data without your explicit, informed consent.

No data sold. Ever.
Not to clinics. Not to pharmacies. Not to anyone.
UK GDPRTLS 1.3AES-256ICO RegisteredUK Data Residency

What we collect.
Why we collect it.

Three categories — the bare minimum to make CannaLog work, and the analytics we use only in aggregate to improve the platform.

Read the full Privacy Policy

Your data.
Your terms.

Start logging knowing every byte is encrypted before it leaves your device, hosted in the UK, and never shared without your explicit consent.

AES-256 encryption at rest
TLS 1.3 in transit
UK Data Residency
UK GDPR · ICO registered