Our Commitment: Your health data is sensitive and personal. We are committed to protecting your privacy, being transparent about our practices, and giving you control over your information.
1. Information We Collect
Account Information
- Name and email address
- Password (stored securely hashed)
- Payment information (processed by Stripe; we don't store card numbers)
Health Information (with your authorization)
When you connect your healthcare provider's patient portal, we may access:
- Demographics (name, date of birth, gender)
- Medical conditions and diagnoses
- Laboratory results and vital signs
- Medications and prescriptions
- Allergies and immunizations
- Clinical notes and documents
Usage Information
- How you interact with our Service
- Device and browser information
- IP address and general location
2. How We Use Your Information
| Purpose |
Legal Basis |
| Provide health analysis and reports |
Your consent and contract performance |
| Generate personalized health podcasts |
Your consent and contract performance |
| Improve our AI models and Service |
Legitimate interest (using anonymized data) |
| Send service notifications |
Contract performance |
| Process payments |
Contract performance |
| Comply with legal obligations |
Legal requirement |
3. How We Protect Your Data
- Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Strict employee access controls and audit logging
- Infrastructure: HIPAA-compliant cloud infrastructure
- No Password Storage: We never store your healthcare portal credentials
- Regular Audits: Security assessments and penetration testing
4. Data Sharing
We do NOT sell your health data.
We may share data with:
- AI Service Providers: To process and analyze your health data (data is not retained by these providers)
- Payment Processors: Stripe, for subscription billing
- Legal Requirements: When required by law or to protect rights and safety
5. Your Rights and Choices
You have the right to:
- Access: Request a copy of your data
- Correction: Update or correct your information
- Deletion: Request deletion of your data
- Portability: Receive your data in a portable format
- Revoke Access: Disconnect healthcare provider integrations at any time
- Opt-Out: Unsubscribe from marketing communications
6. Data Retention
- Account data: Retained while your account is active
- Health data: Retained until you delete it or close your account
- After account closure: All data is permanently deleted. We do NOT retain any user data after account deletion.
7. Children's Privacy
HealthyCompute is not intended for children under 18. We do not knowingly collect data from children. If you believe a child has provided us data, please contact us immediately.
8. International Data Transfers
Your data may be processed in the United States. We ensure appropriate safeguards for international transfers in compliance with applicable laws.
9. HIPAA Compliance
HealthyCompute operates as a Business Associate under HIPAA when processing Protected Health Information (PHI). We maintain appropriate administrative, physical, and technical safeguards.
10. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes via email or through the Service. The "Last Updated" date indicates when the policy was last revised.
11. Contact Us
For privacy-related questions or to exercise your rights:
Data Protection Officer: For EU/UK residents, you may also contact our Data Protection Officer at
dpo@healthycompute.com