Privacy Policy

1.1 Information You Provide

• Account registration information (name, email address, password)
• Profile information (professional credentials, healthcare organization, role)
• Payment information (processed securely through Stripe)
• Communications with us (support requests, feedback)
• Content you create or upload through our services

1.2 Information Collected Automatically

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, interaction patterns)
• Cookies and similar tracking technologies
• Analytics data to improve our services

1.3 Information from Third Parties

• OAuth authentication data from providers (Google, Discord, Apple)
• Payment processing information from Stripe

We use the information we collect for the following purposes:

• To provide and maintain our services
• To process transactions and manage subscriptions
• To personalize your experience and provide relevant content
• To communicate with you about your account and our services
• To send marketing communications (with your consent)
• To improve our services and develop new features
• To comply with legal obligations and protect our rights
• To detect and prevent fraud or security issues

3.1 We do not sell, trade, or rent your personal information to third parties.

3.2 We may share your information in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our website and services (e.g., Stripe for payment processing, PocketBase for authentication)
• Legal Requirements: When required by law, court order, or governmental authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Consent: With your explicit consent for specific purposes
• Aggregated Data: We may share anonymized, aggregated data that cannot identify you personally

4.1 We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit and at rest
• Secure authentication and access controls
• Regular security audits and updates
• Limited access to personal information on a need-to-know basis

4.2 Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

5.1 We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy.

5.2 When you delete your account, we will delete or anonymize your personal information within 90 days, except where we are required to retain it for legal or legitimate business purposes.

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request your data in a portable format
• Opt-out: Opt-out of marketing communications at any time
• Cookies: Manage cookie preferences through your browser settings

To exercise these rights, please contact us at privacy@ayni.health.

7.1 Our services are operated from Australia. If you access our services from outside Australia, your information may be transferred to and processed in Australia.

7.2 We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.

10.1 We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

10.2 We will notify you of material changes by posting the updated policy on our website and updating the “Last Updated” date.

10.3 Your continued use of our services after such changes constitutes your acceptance of the updated policy.