Privacy Policy - Reflectio EM Autofill

This policy is specific to the Reflectio EM Autofill Chrome extension. The extension is a small companion tool that auto-fills your medical training ePortfolio with workplace-based assessment entries you have already authored in the Reflectio web application. For the data handling of the underlying Reflectio web app itself, please see the main Reflectio privacy policy.

Version 1.2 · Last reviewed 12 May 2026

Who runs the extension. The extension is published by Dr Thomas Porter, an individual sole trader registered with the UK Information Commissioner's Office under reference ZC140250. Contact: privacy@reflectio.io.

What the extension does

The extension is a single-purpose Chrome extension. When a signed-in user opens a workplace-based assessment (WPBA) form on their ePortfolio, the extension displays a small floating widget offering to populate matching fields with the most recent unconsumed transfer record from that user's Reflectio account.

It currently operates on the ePortfolio platform used by UK Emergency Medicine trainees, hosted at kaizenep.com. It does not run on any other website.

What data the extension processes

Data	Purpose	Where it sits
Email address (sign-in)	Authenticate the extension to your Reflectio account via a one-time passcode (OTP).	Sent to Supabase auth. Cached briefly in `chrome.storage.local` as mid-OTP state, cleared on completion.
Authentication tokens (access + refresh)	Fetch your transfer records on your behalf.	`chrome.storage.local`, isolated to the extension. Cleared on sign-out.
Transfer records (the assessment text and metadata you authored in Reflectio)	Populate the corresponding fields on the open ePortfolio form.	Fetched on demand from your Reflectio account on Supabase. Not cached to disk by the extension.
ePortfolio form structure (field labels and IDs of the open WPBA form)	Match Reflectio fields to the corresponding ePortfolio inputs.	Read in-memory only. Not stored. Not transmitted.

What the extension does NOT collect or transmit

Patient-identifiable information.
Browsing history outside of kaizenep.com.
Keystrokes.
Analytics, telemetry, or usage statistics.
Tracking cookies.
Any data from websites other than kaizenep.com and the Supabase backend.

Permissions justification

Permission	Why it is needed
storage	Persist the user's authentication session and transient OTP state.
alarms	Run a lightweight once-per-minute check to update the toolbar badge with the count of pending transfers.
*host: .kaizenep.com**	Inject the auto-fill widget on the user's ePortfolio.
host: Supabase project	Communicate with the Supabase backend for authentication and to fetch your transfer records.

The extension does not request the tabs, cookies, webRequest, history, or downloads permissions, and cannot read or modify any site outside the host permissions listed above.

Subprocessors

The extension transmits data to one third-party service:

Subprocessor	What it does	Where
Supabase	Hosts authentication and the `bridge_transfers` database table. Acts as a data processor under a counter-signed Data Processing Agreement (signed May 2026).	UK (eu-west-2)

The extension sends no data to Google, Anthropic, OpenAI, or any analytics or advertising provider.

Data retention

Authentication session: persisted on your device until you sign out via the extension popup. Sign-out clears the local session and revokes the session server-side.
Transfer records on Supabase: governed by the main Reflectio privacy policy. The extension marks records as "consumed" once auto-fill completes; deletion is handled by the web application.

Security

All communication with Supabase is over HTTPS (TLS 1.2 or higher).
Database queries are protected by Supabase Row Level Security (RLS): each query is scoped to the signed-in user's own records by the database itself, not just by client-side filtering.
The extension contains no third-party analytics SDKs or trackers.
The publishable Supabase API key bundled with the extension is intended to be public and grants no privileges beyond unauthenticated requests; all authorisation is via the user's session token.
Authentication tokens stored in chrome.storage.local are isolated to the extension and not accessible to web pages.

Your rights under UK GDPR

You have the right to access, rectify, erase, or port the personal data Reflectio holds about you, to withdraw consent, to object to processing, and to lodge a complaint with the UK Information Commissioner's Office at ico.org.uk. To exercise any of these rights, email privacy@reflectio.io.

Children

The extension is intended for use by qualified clinicians in the United Kingdom. It is not intended for, and is not directed at, children.

Changes to this policy

Material changes to this policy will be communicated via the extension popup at next sign-in. The version and "Last reviewed" date at the top of this page will be revised. The current version is always available at https://app.reflectio.io/bridge/privacy.

Regulatory alignment

UK GDPR Data Protection Act 2018 UK GDPR Article 25 (Privacy by Design) NHS Information Governance Caldicott Principles GMC Confidentiality Guidance (2017)