CPRD Extractor is a data extraction tool. It does not store, transmit, or distribute patient data. All data processing occurs locally on the user's machine or institutional server.

Users are responsible for:

• Holding a valid CPRD data licence
• Complying with all applicable data governance requirements
• Ensuring patient data is never committed to version control

If you discover a security vulnerability in this software, please report it responsibly:

1. Do not open a public issue.
2. Email milad.nazarzadeh@wrh.ox.ac.uk with a description of the vulnerability.
3. Allow reasonable time for a fix before public disclosure.