Max AI Health Logo

Privacy Policy

Your trust and the security of your information are paramount to us.

Last Updated: May 20, 2024

1. Introduction

Welcome to Max AI Health ("Company", "we", "our", "us"). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at privacy@maxaihealth.com.

This privacy notice describes how we might use your information if you: Visit our website at https://www.maxaihealth.com Engage with us in other related ways, including any sales, marketing, or events.

In this privacy notice, if we refer to: "Website," we are referring to any website of ours that references or links to this policy. "Services," we are referring to our Website, and other related services, including any sales, marketing, or events.

The purpose of this privacy notice is to explain to you in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.

2. Information We Collect

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

  • Personal Information Provided by You: Names; phone numbers; email addresses; mailing addresses; usernames; passwords; contact preferences; contact or authentication data; billing addresses; debit/credit card numbers; and other similar information.
  • Health and Genetic Information: If you use our health-related services, we may collect sensitive health information, including medical history, genetic data from DNA tests, blood panel results, lifestyle information (diet, exercise), and self-reported symptoms or conditions. This information is treated as Protected Health Information (PHI) where applicable under HIPAA.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

3. How We Use Your Information

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.

We use the information we collect or receive:

  • To facilitate account creation and logon process.
  • To post testimonials. (With your consent)
  • Request feedback.
  • To manage user accounts.
  • To send administrative information to you.
  • To protect our Services. (e.g., for fraud monitoring and prevention)
  • To enforce our terms, conditions, and policies for business purposes, to comply with legal and regulatory requirements, or in connection with our contract.
  • To respond to legal requests and prevent harm.
  • Fulfill and manage your orders.
  • To deliver and facilitate delivery of services to the user. Specifically, to analyze your health data, genetic information, and blood panel results to provide personalized health insights, recommendations, and plans.
  • To respond to user inquiries/offer support to users.
  • To send you marketing and promotional communications. (You can opt-out at any time)
  • Deliver targeted advertising to you.
  • For other Business Purposes. Such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and to evaluate and improve our Services, products, marketing, and your experience. We may use and store this information in aggregated and anonymized form so that it is not associated with individual end users and does not include personal information.

4. How We Share Your Information

We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.

We may process or share your data that we hold based on the following legal basis:

  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

  • Business Transfers.
  • Affiliates.
  • Business Partners. (e.g., CLIA-certified laboratories for DNA and blood testing, telehealth providers) We require all business partners to adhere to strict data protection and HIPAA compliance standards through Business Associate Agreements (BAAs) where applicable.
  • With your explicit consent for research purposes. You may have the option to consent to the use of your anonymized and aggregated data for research purposes to advance scientific understanding.

5. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. This includes encryption, access controls, and secure infrastructure. Our platform and practices are designed with HIPAA compliance principles in mind to safeguard Protected Health Information (PHI). However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.

6. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.

If you are a resident in the European Economic Area (EEA) or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority.

If you are a resident in California, you are granted specific DRAFT rights regarding access to your personal information under the California Consumer Privacy Act (CCPA). Please refer to our "CCPA Privacy Notice" section if applicable (Note: Add a separate CCPA notice if targeting CA residents significantly).

7. Children's Privacy

Our Services are not intended for use by children under the age of 18 (or other age as required by local law), and we do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete such information as soon as possible.

8. Changes to This Privacy Policy

We may update this privacy notice from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

9. Contact Us

If you have questions or comments about this notice, you may email us at privacy@maxaihealth.com or by post to:

Max AI Health
Attn: Privacy Officer
4201 E 100th Ter.
Kansas City, MO 64137
USA