← Back to Home

Privacy Policy

Last updated: 9/12/2025

1. Information We Collect

We collect the following types of information to provide and improve our health analysis services:

  • Account Information: Name, email address, and encrypted password
  • Health Data: Lab results, biomarker values, health conditions, and related health information
  • Usage Data: How you interact with our platform, chat conversations, and feature usage
  • Technical Data: IP address, browser type, device information (for security purposes)

2. How We Use Your Information

Your information is used solely to:

  • Provide personalized health insights and AI-powered analysis
  • Track your health progress over time
  • Improve our AI models and health recommendations
  • Ensure platform security and prevent unauthorized access
  • Communicate important updates about your account or the service

3. Enterprise-Grade Security

Your health data is protected with enterprise-grade security:

  • bcrypt password hashing with enhanced salt rounds
  • End-to-end encryption for all data transmission
  • Secure session management with CSRF protection
  • Comprehensive security monitoring and logging
  • Regular security audits and vulnerability assessments

4. Data Sharing and Disclosure

We do NOT sell, rent, or share your personal health data with third parties. Your information may only be disclosed in the following limited circumstances:

  • With your explicit consent
  • To comply with legal obligations or court orders
  • To protect the safety and security of our users
  • In connection with a business transfer (with continued privacy protection)

5. Your Data Rights

You have the right to:

  • Access: Request a copy of all personal data we hold about you
  • Rectification: Correct any inaccurate or incomplete information
  • Erasure: Request deletion of your personal data (subject to legal requirements)
  • Portability: Export your health data in a standard format
  • Object: Object to certain processing of your personal data

6. GDPR Compliance

For users in the European Union, we comply with the General Data Protection Regulation (GDPR). We process your data based on:

  • Your consent for health data analysis
  • Contractual necessity to provide our services
  • Legitimate interests in improving our platform (with privacy safeguards)

7. Data Retention

We retain your personal data only as long as necessary to provide our services and comply with legal obligations:

  • Account Data: Until you delete your account
  • Health Data: Until you request deletion or after 7 years of inactivity
  • Security Logs: Up to 2 years for security and compliance purposes

8. Cookies and Tracking

We use minimal cookies and tracking technologies:

  • Essential Cookies: Required for authentication and security
  • Performance Cookies: To understand how you use our platform
  • No Advertising Cookies: We do not use cookies for advertising purposes

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes via email or through the platform.

10. Contact Us

If you have any questions about this Privacy Policy or your data rights, please contact us through the application support system or email us directly.

Questions about your privacy? We're here to help. Contact us anytime through the platform for assistance with your data rights or privacy concerns.