← Back to Home

Privacy Policy

Last updated: December 23, 2024

Your Privacy Matters

We are committed to protecting your health information with the highest standards of security and privacy.

1. Introduction and Legal Commitment

DiagnoGenie ("Company," "we," "our," or "us") is legally committed to protecting your privacy and personal health information. This Privacy Policy constitutes a binding legal agreement between you and DiagnoGenie regarding the collection, use, disclosure, and protection of your information when you use our AI-powered health diagnostic service ("Service").

BY USING OUR SERVICE, YOU EXPRESSLY CONSENT TO THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY.If you do not agree with any part of this policy, you must discontinue use of our Service immediately.

2. Our Absolute Data Protection Commitment

🛡️ IRONCLAD DATA PROTECTION GUARANTEE

WE NEVER SELL YOUR DATA - Not to anyone, for any reason, at any price

WE NEVER SHARE WITHOUT CONSENT - Your data stays with us unless legally required

WE NEVER USE FOR MARKETING - No third-party advertising or profiling

WE NEVER GIVE TO INSURANCE - Your health data will never reach insurance companies

WE NEVER SELL TO EMPLOYERS - Your employer will never get your health information

BANK-LEVEL ENCRYPTION - Military-grade security protects your data 24/7

2.1 Legal Binding Commitment

THIS IS A LEGALLY BINDING COMMITMENT: We hereby covenant and warrant that we will not, under any circumstances, sell, rent, lease, or otherwise monetize your personal or health information. Any violation of this commitment shall constitute a material breach of this agreement, entitling you to legal remedies including but not limited to damages, injunctive relief, and attorney's fees.

2.2 Zero Tolerance Policy

We maintain a zero-tolerance policy regarding unauthorized data sharing. Any employee, contractor, or third party found to have violated our data protection standards will face immediate termination and potential legal action. We conduct regular audits and monitoring to ensure compliance.

3. Information We Collect (Minimal Data Principle)

2.1 Health Information

  • Symptoms and health concerns you report
  • Medical history information you provide
  • Health reports and analysis results
  • Usage patterns and interaction data

2.2 Personal Information

  • Name and email address
  • Account credentials
  • Payment information (processed securely by third parties)
  • Communication preferences

2.3 Technical Information

  • IP address and device information
  • Browser type and version
  • Usage analytics and performance data
  • Cookies and similar technologies

3. How We Use Your Information

3.1 Primary Purposes

  • Provide AI-powered health analysis and reports
  • Improve our diagnostic algorithms and accuracy
  • Maintain and improve our service quality
  • Provide customer support and assistance

3.2 Secondary Purposes

  • Send important service updates and notifications
  • Conduct research to advance healthcare technology (anonymized data only)
  • Comply with legal obligations and regulations
  • Prevent fraud and ensure service security

4. Data Security and Protection

4.1 Security Measures

We implement industry-standard security measures including:

  • Encryption: All data is encrypted in transit and at rest using AES-256 encryption
  • Access Controls: Strict access controls and authentication requirements
  • Regular Audits: Regular security audits and vulnerability assessments
  • Secure Infrastructure: Cloud infrastructure with enterprise-grade security

4.2 HIPAA Compliance

We are committed to HIPAA compliance and treat all health information as Protected Health Information (PHI). We have implemented appropriate administrative, physical, and technical safeguards to protect your health information.

8. Information Sharing and Disclosure (Strict Prohibitions)

8.1 ABSOLUTE PROHIBITIONS - WE WILL NEVER:

❌ Sell your data to ANYONE
❌ Share with insurance companies
❌ Provide to employers
❌ Give to marketing companies
❌ Share with data brokers
❌ Sell to pharmaceutical companies
❌ Provide to social media platforms
❌ Share with government (except legal requirement)
❌ Give to family members without consent
❌ Share with healthcare providers without consent
❌ Provide to researchers without anonymization
❌ Use for any commercial purpose beyond our service

8.2 Legal Enforcement of Prohibitions

LEGALLY ENFORCEABLE PROMISE: The above prohibitions are legally binding commitments. Any violation constitutes breach of contract and breach of fiduciary duty. You may seek legal remedies including:

  • Monetary damages (actual and punitive)
  • Injunctive relief to stop further violations
  • Attorney's fees and court costs
  • Statutory damages under applicable privacy laws

8.3 Extremely Limited Sharing (Only When Legally Required)

We may only disclose your information in these specific, legally mandated circumstances:

  • Court Orders: When compelled by valid court order or subpoena (we will notify you unless legally prohibited)
  • Legal Compliance: When required by federal or state law (we will challenge overly broad requests)
  • Emergency Situations: Only to prevent imminent physical harm (documented emergency only)
  • Service Providers: Minimal data to essential service providers under strict confidentiality agreements

8.4 Your Right to Legal Notice

ADVANCE NOTICE GUARANTEE: Except where legally prohibited, we will provide you with advance notice of any legal request for your information, giving you the opportunity to challenge the request in court. We will not voluntarily cooperate with fishing expeditions or overly broad requests.

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

  • Access your personal and health information
  • Correct inaccurate information
  • Delete your account and associated data
  • Export your data in a portable format
  • Restrict certain uses of your information

6.2 Communication Preferences

You can:

  • Opt out of marketing communications
  • Choose notification preferences
  • Update your contact information

7. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Account Information: Until you delete your account
  • Health Reports: 7 years (standard medical record retention)
  • Usage Data: 2 years for service improvement
  • Legal Compliance: As required by applicable laws

8. International Data Transfers

Your information may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

  • Adequacy decisions by relevant authorities
  • Standard contractual clauses
  • Certification schemes

9. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. Cookies and Tracking Technologies

10.1 Types of Cookies We Use

  • Essential Cookies: Required for basic service functionality
  • Analytics Cookies: Help us understand how you use our service
  • Preference Cookies: Remember your settings and preferences

10.2 Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may affect service functionality.

11. Third-Party Services

Our service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to third-party services, and we encourage you to review their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending you an email notification
  • Providing in-app notifications

18. Executive Accountability and Personal Guarantees

18.1 CEO Personal Commitment

The Chief Executive Officer of DiagnoGenie personally guarantees compliance with this Privacy Policy. Any violation of our data protection commitments will result in immediate executive accountability measures, including potential personal liability for damages.

18.2 Board Oversight

Our Board of Directors maintains direct oversight of privacy compliance. Privacy violations are reported directly to the board, and executive compensation is tied to privacy compliance metrics.

19. Final Commitment Statement

🛡️ OUR UNBREAKABLE PROMISE TO YOU

Your health data is SACRED to us. We treat it with the same care we would want for our own family's health information.

We will NEVER sell, share, or monetize your personal health data. This is not just a business policy - it's a moral and legal commitment.

If we ever violate this promise, we will face the full consequences under law, including personal accountability from our executives.

Your privacy is not negotiable. Period.

20. Contact Information and Legal Department

For any privacy concerns, questions, or to report violations, contact us immediately:

Privacy Department

Chief Privacy Officer: privacy@diagnogenie.com

Privacy Hotline: 1-800-PRIVACY (24/7)

Legal Department: legal@diagnogenie.com

Executive Contact

CEO Direct Line: ceo@diagnogenie.com

General Counsel: counsel@diagnogenie.com

Compliance Officer: compliance@diagnogenie.com

Mailing Address: [Your Business Address]

Emergency Privacy Line: [Your Contact Number]

Response Time Guarantee: We will respond to privacy inquiries within 24 hours

15. Legal Remedies and Enforcement

15.1 Your Legal Rights in Case of Violation

If we violate any provision of this Privacy Policy, you have the following legal remedies:

💼 Available Legal Actions:

  • Breach of Contract Lawsuit: Sue for damages caused by our breach of this agreement
  • Privacy Law Claims: File claims under CCPA, GDPR, HIPAA, and other applicable privacy laws
  • Class Action Participation: Join or initiate class action lawsuits for widespread violations
  • Injunctive Relief: Seek court orders to stop ongoing violations
  • Statutory Damages: Claim damages as provided by applicable privacy statutes
  • Attorney's Fees: Recover your legal costs if you prevail in court

15.2 Liquidated Damages Clause

LIQUIDATED DAMAGES: In recognition that privacy violations cause harm that is difficult to quantify, we agree that any unauthorized disclosure of your personal health information shall result in liquidated damages of no less than $10,000 per incident, plus actual damages, attorney's fees, and costs.

15.3 Waiver of Arbitration for Privacy Claims

COURT ACCESS GUARANTEE: Notwithstanding any other agreement, you have the absolute right to pursue privacy violation claims in federal or state court. We waive any right to force arbitration for privacy-related disputes.

15.4 Statute of Limitations Extension

We agree that the statute of limitations for privacy violation claims shall not begin to run until you discover or reasonably should have discovered the violation, regardless of when the violation actually occurred.

16. Data Breach Notification and Response

16.1 Immediate Notification Promise

72-HOUR NOTIFICATION GUARANTEE: In the event of any data breach affecting your information, we will notify you within 72 hours of discovery via email, phone, and postal mail. We will not delay notification for any reason except where prohibited by law enforcement.

16.2 Breach Response Commitment

In case of a data breach, we commit to:

  • Immediate containment and investigation
  • Free credit monitoring for affected users (minimum 2 years)
  • Identity theft protection services
  • Legal assistance for affected users
  • Full transparency about the scope and cause of the breach
  • Independent security audit and public reporting of results

17. Governing Law and Jurisdiction

14. State-Specific Rights

14.1 California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising your rights

14.2 European Residents (GDPR)

If you are in the European Union, you have rights under the General Data Protection Regulation:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

Our Commitment

We are committed to transparency and protecting your privacy. Your health information is never sold, and we use it only to provide you with the best possible health insights.