Health.ai
Sign In

Privacy Policy

Last Updated: January 9, 2026

1. Introduction

At Health.AI, your privacy is paramount. This Privacy Policy explains how we collect, use, protect, and share your personal information when you use our AI-powered health platform. By using Health.AI, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

  • Account Information: Name, email address, phone number, password, and profile picture
  • Health Data: Medical history, symptoms, conditions, medications, and health goals you share with our platform
  • Payment Information: Credit card details and billing address (processed securely through third-party payment processors)

2.2 Technical Information

  • Device Information: IP address, browser type, device type, and operating system
  • Usage Data: Pages visited, features used, time spent on platform, and interaction patterns
  • Cookies: Small data files stored on your device to enhance user experience and analytics

3. How We Use Your Information

Service Delivery: To provide, maintain, and improve Health.AI services, including AI-powered health consultations and personalized recommendations.

Personalization: To customize your experience with tailored health insights, treatment suggestions, and wellness guidance based on your profile and history.

Communication: To send you service updates, health reminders, promotional offers, and important notifications about your account.

Security: To detect, prevent, and address fraud, security breaches, and technical issues to protect our users and platform.

Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests.

Research & Development: To analyze aggregated, de-identified data to improve our AI algorithms and develop new features (your personal health data is never used for this purpose without explicit consent).

4. Data Protection & Security

We implement industry-standard technical and organizational safeguards to protect your information:

  • End-to-End Encryption: All data transmission is encrypted using TLS/SSL protocols
  • Data Encryption at Rest: Your health data is encrypted when stored on our servers
  • Two-Factor Authentication: Optional 2FA for enhanced account security
  • Regular Security Audits: Periodic third-party security assessments and penetration testing
  • Access Controls: Strict internal policies limiting employee access to user data
  • HIPAA Compliance: Our platform adheres to HIPAA standards for health information protection

However, please note that no system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security against all potential threats.

5. Information Sharing

⚠️ We DO NOT sell your personal health data to third parties.

We may share your information only in the following limited circumstances:

  • With Your Consent: When you explicitly authorize us to share your data
  • Service Providers: With trusted third-party vendors who assist in operating our platform (e.g., cloud hosting, payment processing, email services) under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, or governmental regulation
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred (you will be notified in advance)
  • Protection of Rights: To protect the rights, property, or safety of Health.AI, our users, or the public

6. Your Rights & Choices

Access: Request a copy of all personal data we hold about you

Correction: Update or correct inaccurate personal information

Deletion: Request deletion of your account and associated data (some data may be retained for legal compliance)

Data Portability: Export your health data in a machine-readable format

Opt-Out: Unsubscribe from marketing communications at any time

Cookie Management: Control cookie preferences through your browser settings

To exercise any of these rights, contact us at privacy@health.ai

7. Children's Privacy

Health.AI is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have inadvertently collected such information, we will delete it immediately. If you believe we have collected information from a child under 13, please contact us at support@health.ai.

8. Third-Party Services

Health.AI may contain links to third-party websites, services, or integrations (e.g., wearable device apps, payment processors). This Privacy Policy does not apply to third-party services. We recommend reviewing their privacy policies before providing any personal information.

Third-party integrations we use: Google OAuth, Stripe/PayPal (payments), SendGrid (emails), AWS (hosting)

9. International Data Transfers

Health.AI operates globally. Your information may be transferred to, stored, and processed in countries other than your country of residence. We ensure that all international data transfers comply with applicable data protection laws, including GDPR for European users.

10. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law (e.g., tax records, fraud prevention).

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or a prominent notice on our platform. Your continued use of Health.AI after changes take effect constitutes acceptance of the revised policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@health.ai

Support: support@health.ai

Health.AI
Palo Alto, California, USA