Your personal and medical data is protected using industry-leading security practices. All data is encrypted in transit using TLS and stored with bank-grade AES-256 encryption. Access to your records is strictly limited to you, your Everlab clinicians, and authorised systems.

We use advanced endpoint security software (Nightfall), enforce multi-factor authentication across all systems, and manage access keys with best-practice credential security—including regular key rotation. Our team uses automated tools and external security contractors to review code and manage vulnerabilities.

To further strengthen our commitment to data security, we’re actively completing ISO 27001 certification through Vanta.

‍

You can delete your account at any time. To do so, please contact [email protected]. Please note that all medical practices in Victoria and NSW are legally required to retain your data for 7 years in case of an audit from regulatory bodies (we must be able to demonstrate that we provided appropriate care). After the 7-year period has elapsed, we will delete your records in full.

‍

Once you join Everlab, our team begins manually collecting and mapping your past medical records with your consent. We contact providers you've tested with in the past to gather available information—even before your first consultation, when possible. Your doctor will then help guide the process to request additional records, especially those that are harder to access, to ensure the most complete view of your health. While not all records may be retrievable, we continuously follow up to collect more over time. You can also upload any past results directly into your app, where they’ll be automatically analysed and visualised.

‍