Privacy & Cookie Policy
Effective Date: January 1, 2025
Last Updated: January 1, 2025
Thank you for visiting our website. This Privacy & Cookie Policy outlines how AI Health Studio (“we,” “us,” or “our”) collects, uses, protects, and shares your personal information, as well as how we use cookies and other tracking technologies. We are committed to safeguarding your privacy and ensuring the security of your personal information. This policy is designed to comply with applicable privacy laws and regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the upcoming EU Artificial Intelligence Act (AI Act), and other relevant global data protection laws.
1. Information We Collect
1. Personal Information You Provide:
We may collect personal information when you:
• Visit our website
• Register for an account or request services
• Interact with our services or contact our support teams
• Voluntarily provide information via forms or other means
This information may include your name, email address, contact details, company information, job title, and any additional information you choose to provide.
2. Technical and Usage Information:
• Log Data: We automatically receive information from your browser or device, which may include your IP address, browser type, operating system, referral URLs, and date/time stamps of your visit.
• Analytics Information: We may collect information through third-party analytics tools (e.g., Google Analytics) to analyze trends, track user behavior, and enhance our website’s functionality.
3. Health-Related Information:
In the course of providing certain custom software or AI-driven solutions—especially those related to healthcare or wellness—we may process or have access to health-related data. Any health information we handle will be protected in accordance with HIPAA or GDPR, where applicable, and other relevant healthcare data protection regulations.
2. How We Use Your Information
We use the information we collect for purposes including, but not limited to:
1. Service Delivery and Enhancement:
• Providing and improving our products, services, and custom software solutions
• Personalizing your experience on our website and our client portals
2. Communication:
• Responding to inquiries, support requests, and account management
• Sending updates, newsletters, promotional materials, and other information that may be of interest to you (in accordance with your communication preferences)
3. Analytics and Development:
• Analyzing website traffic and user behavior to enhance user experience
• Developing, testing, and improving our AI and software solutions in compliance with the AI Act and other applicable laws
4. Compliance and Legal Obligations:
• Complying with applicable laws, regulations, or legal processes
• Enforcing our contractual or legal rights
5. Healthcare Data:
• If we process Protected Health Information (PHI), we do so in compliance with HIPAA and GDPR regulations. We maintain Business Associate Agreements (BAAs) with relevant third parties and take appropriate measures to safeguard PHI.
3. Legal Bases for Processing (GDPR Compliance)
If you are located in the European Economic Area (EEA) or the United Kingdom, our legal bases for processing your personal information include:
1. Your Consent: Where you have given consent (e.g., for direct marketing or certain cookies).
2. Contract Performance: Where processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract.
3. Legal Obligations: Where processing is required to comply with a legal obligation (e.g., responding to lawful requests by public authorities).
4. Legitimate Interests: Where processing is necessary for our legitimate interests, provided that such interests are not overridden by your rights and freedoms.
4. Your Privacy Rights
1. GDPR and UK Data Protection Rights (For EU/EEA/UK Residents):
• Access, Correction & Erasure: You have the right to request access to your personal data, correct inaccuracies, or request deletion of your data.
• Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Restriction & Objection: You may request the restriction of processing or object to the processing of your data in certain circumstances.
• Withdraw Consent: Where we rely on your consent to process your personal data, you may withdraw your consent at any time.
• Complaint: You have the right to lodge a complaint with a supervisory authority if you believe we have not complied with applicable data protection laws.
2. CCPA Rights (For California Residents):
• Access to Information: You have the right to request information about how we have collected, used, and shared your personal information.
• Deletion of Information: You can request that we delete the personal information we have about you.
• Opt-Out of Sale or Sharing: We do not sell personal information. However, if you believe your information has been sold or shared, you have the right to opt out.
• Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
3. Other Jurisdictions:
Depending on your location, you may have similar or additional rights under applicable laws. Please contact us using the information in the “Contact Us” section to exercise your rights or if you have any questions.
5. Data Security
We employ industry-standard security measures (e.g., encryption, secure servers, access controls, and intrusion detection) to protect your personal information from unauthorized access, disclosure, alteration, or destruction. However, please note that no method of internet transmission or electronic storage is completely secure, and we cannot guarantee absolute protection.
For HIPAA-covered data, we implement administrative, physical, and technical safeguards required by HIPAA regulations to ensure the confidentiality, integrity, and availability of Protected Health Information.
6. Third-Party Disclosure
1. Service Providers:
We may share your information with trusted third-party service providers who assist in operating our website, conducting our business, or delivering our services, provided they agree to keep your information confidential and use it solely for the purposes we specify.
2. Business Transfers:
In the event of a merger, acquisition, or other business transaction involving some or all of our assets, your information may be transferred as part of the transaction. Any entity acquiring such information will be required to honor the terms of this Privacy & Cookie Policy.
3. Legal Requirements:
We may disclose your information to comply with legal obligations or respond to lawful requests and legal processes (e.g., subpoenas, court orders, or requests from regulators).
4. Aggregated and De-Identified Data:
We may share aggregated or de-identified information that does not reasonably identify you for the purposes of analytics, research, or improving our services.
7. International Data Transfers
As a company based in the United States with international clients, we may transfer your personal information to countries outside of your country of residence, including to the United States. When we do so, we take steps to ensure that appropriate safeguards are in place to protect your information, including entering into standard contractual clauses or relying on other valid transfer mechanisms as per GDPR requirements.
8. Cookie Policy
8.1 What Are Cookies?
Cookies are small text files placed on your device by websites you visit. They help websites recognize you and remember certain information about your visit, such as your preferences and settings.
8.2 Types of Cookies We Use
1. Essential Cookies:Necessary for the website to function properly (e.g., enabling basic site features like page navigation).
2. Performance & Analytics Cookies:Collect information about how visitors use our site, allowing us to improve user experience (e.g., Google Analytics).
3. Functionality Cookies:Remember your preferences (e.g., language, login details).
4. Advertising or Targeting Cookies:Track browsing habits to deliver relevant ads or measure the effectiveness of advertising campaigns.
8.3 How We Use Cookies
• To enhance your browsing experience
• To analyze site usage and gather insights on how to improve our offerings
• To personalize content and, where applicable, advertising
8.4 Managing Cookies
You can adjust your browser settings to refuse cookies or alert you when cookies are being used. However, disabling cookies may limit certain features and functionality of our website. For detailed instructions on how to manage cookies for specific browsers, please consult the browser’s help documentation.
9. AI Act Compliance
We are committed to complying with the forthcoming EU Artificial Intelligence Act (AI Act) and relevant international standards for the responsible and ethical use of AI technologies. We ensure our AI solutions are designed, developed, and deployed with safety, transparency, accountability, and human oversight in mind. Should you have any questions or concerns about how we use AI, please contact us using the information below.
10. Changes to This Policy
We reserve the right to update or change this Privacy & Cookie Policy at any time. Any changes will be posted on this page, and the effective date will be revised accordingly. We encourage you to review this Policy periodically for any updates.
11. Contact Us
If you have any questions or concerns about our Privacy & Cookie Policy or our handling of your personal information, or if you would like to exercise your rights under applicable laws, please contact us at:
Email: hello@aihealthstudio
We will respond to your inquiries in a timely manner and take appropriate steps to address your concerns.