AUTONOMIC HEALTH
Privacy Policy
Effective Date: November 4, 2024 | Last Updated: April 1, 2026
Autonomic Health, Inc. ("Autonomic Health," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use our website, platform, educational content, diagnostic tools, clinical AI services, and any related services (collectively, the "Services").
This policy applies to all users of our Services, including patients, healthcare providers, clinical partners, and researchers. By using the Services, you agree to the practices described in this Privacy Policy.
1. WHO WE ARE
Autonomic Health provides a multi-modal platform built around the science of the autonomic nervous system (ANS). Our Services include:
Autonomic AI — a clinical AI tool to help decode complex diseases through nervous system analysis
Diagnostic support tools for healthcare providers and clinical partners
Patient and provider education on autonomic conditions (e.g., POTS, Long COVID, dysautonomia)
Research collaboration and clinical data analysis
Partner-facing tools for healthcare organizations and medical institutions
We are not solely a chatbot. Our Services span clinical AI, education, diagnostics, and research, and this Privacy Policy reflects that full scope.
2. INFORMATION WE COLLECT
2.1 Information You Provide Directly
Contact and account information: name, email address, professional credentials, institution affiliation
Health and clinical information: symptoms, medical history, autonomic test results, conditions, and clinical notes — provided voluntarily or through healthcare provider input
Communications: inquiries, feedback, and support requests you send us
Partner and research data: data shared by clinical partners or submitted for research purposes under applicable agreements
2.2 Information Collected Automatically
Device and technical data: IP address, browser type, operating system, and device identifiers
Usage data: pages visited, features used, session duration, and interaction logs
Log data: server logs, error reports, and system activity
Cookies and tracking technologies: see Section 6 for details
2.3 Information from Third Parties
Healthcare providers or clinical partners may share patient or clinical data with us as permitted by applicable law and data use agreements
Analytics providers (e.g., Mixpanel) may provide aggregated usage insights
We do not purchase data from data brokers
3. HOW WE USE YOUR INFORMATION
We use the information we collect to:
Provide, operate, and improve the Services
Deliver clinical AI insights and diagnostic support features
Respond to your inquiries and provide customer support
Personalize your experience on the platform
Conduct medical and scientific research (in de-identified or aggregated form where possible)
Send service updates, clinical education materials, and partner communications
Comply with legal obligations and regulatory requirements
Detect and prevent fraud, abuse, or security incidents
Enforce our Terms of Service and other agreements
We will not use your personal information for unrelated purposes without your consent.
4. HIPAA AND PROTECTED HEALTH INFORMATION
To the extent Autonomic Health functions as a Business Associate or Covered Entity under the Health Insurance Portability and Accountability Act (HIPAA), we handle Protected Health Information (PHI) in accordance with HIPAA's Privacy Rule and Security Rule.
Specifically, we:
Maintain appropriate administrative, physical, and technical safeguards to protect PHI
Enter into Business Associate Agreements (BAAs) with covered entities as required by law
Use PHI only for the purposes described in applicable BAAs and permitted by HIPAA
Do not sell PHI or use PHI for marketing without explicit patient authorization
If you are a healthcare provider or clinical partner sharing patient data with us, please contact us at privacy@autonomichealth.ai to ensure appropriate agreements are in place.
5. HOW WE SHARE YOUR INFORMATION
We do not sell your personal data. We may share your information in the following limited circumstances:
5.1 Service Providers
We share data with trusted third-party vendors who help us operate the Services, including:
Cloud infrastructure and hosting providers (e.g., Amazon Web Services)
Analytics platforms (e.g., Mixpanel — see their privacy policy at mixpanel.com/legal/privacy-policy)
Customer support and communication tools
All service providers are contractually obligated to protect your data and may only use it to provide services to us.
5.2 Clinical and Research Partners
With your consent or under applicable data agreements, we may share de-identified or aggregated data with academic institutions, medical centers, or research collaborators for legitimate scientific and clinical purposes.
5.3 Legal Requirements
We may disclose your information if required to do so by law, court order, or regulatory authority, or to protect the rights, property, or safety of Autonomic Health, its users, or the public.
5.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and your rights with respect to your data.
6. COOKIES AND TRACKING TECHNOLOGIES
We use cookies and similar technologies to enhance your experience, analyze usage, and deliver relevant content. Types of cookies we use include:
Essential cookies: required for core site functionality
Analytics cookies: help us understand how the Services are used (e.g., Mixpanel)
Preference cookies: remember your settings and preferences
You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Services. We do not currently respond to browser Do Not Track (DNT) signals due to the lack of an industry-wide standard.
7. DATA RETENTION
We retain your personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we securely delete or anonymize it.
Clinical and health-related data may be subject to longer retention periods under applicable healthcare regulations (e.g., HIPAA, state medical record laws). If you would like to request deletion of your data, see Section 9.
8. DATA SECURITY
We implement commercially reasonable administrative, technical, and physical safeguards to protect your information, including:
Encryption of data in transit (TLS) and at rest
Access controls and authentication requirements
Regular security assessments and monitoring
Employee training on data privacy and security
No method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of any account credentials.
9. YOUR PRIVACY RIGHTS
9.1 All Users
Regardless of your location, you may:
Request access to the personal information we hold about you
Request correction of inaccurate or incomplete information
Request deletion of your personal information (subject to legal obligations)
Opt out of marketing communications at any time by emailing privacy@autonomichealth.ai
9.2 California Residents (CCPA)
Under the California Consumer Privacy Act (CCPA), California residents have the right to:
Know what personal information is collected, used, shared, or sold
Delete personal information collected about them
Opt out of the sale of personal information (we do not sell personal information)
Non-discrimination for exercising CCPA rights
To exercise your CCPA rights, contact us at privacy@autonomichealth.ai. We will respond within 45 days, with a possible 45-day extension when reasonably necessary.
9.3 EEA, UK, and Swiss Residents (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) or equivalent laws, including:
Right of access, rectification, and erasure
Right to restrict or object to processing
Right to data portability
Right to withdraw consent at any time
Right to lodge a complaint with your local data protection authority
Our lawful bases for processing include: your consent, performance of a contract, compliance with legal obligations, and our legitimate interests in providing and improving the Services.
Note: By using our Services, you acknowledge that data may be transferred to and processed in the United States. We take appropriate safeguards to ensure such transfers comply with applicable law.
10. CHILDREN'S PRIVACY
Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us at privacy@autonomichealth.ai and we will promptly delete it.
11. THIRD-PARTY LINKS AND SERVICES
Our Services may contain links to third-party websites, research publications, or partner platforms. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access.
12. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, Services, or applicable law. We will notify you of material changes by posting the revised policy on our website and updating the "Last Updated" date at the top. Your continued use of the Services after such changes constitutes your acceptance of the updated policy.
13. CONTACT US
If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:
Autonomic Health, Inc.
Email: privacy@autonomichealth.ai
General Inquiries: info@autonomichealth.ai
Website: https://autonomichealth.ai
We are committed to resolving complaints about your privacy and our collection or use of your personal information.
Autonomic Health, Inc. | HIPAA Compliant | Clinically Validated