Privacy Policy

This Privacy Policy explains how Medguide AI  ("Medguide", "we", "our", or "us") collects, uses, stores, and protects personal and health-related data when users ("you", "your", or "User") interact with our platform, website, or services.

Medguide operates as a digital health data analysis platform designed to process and structure medical records uploaded by individual users, healthcare institutions, or third-party agents. Although our services are designed for global reach; during the platform's initial launch (MVP phase), Medguide AI services are available exclusively to authorized enterprise partners located outside the United States, United Kingdom, European Union, United Arab Emirates, and Türkiye. Access from these regions is technically restricted via IP-level geofencing. Also, individual users and consumers are not eligible to use the platform during this phase.

We are committed to complying with the highest standards of data protection, including:

• The General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA)
• The California Consumer Privacy Act (CCPA) for users in the United States
• The Health Insurance Portability and Accountability Act (HIPAA) for health-related data managed in the U.S.
• The Turkish Personal Data Protection Law (KVKK) for data originating from Türkiye
• Other applicable local regulations in the regions where we operate

This Policy applies to all data submitted or generated through our services, whether by individual users, business clients, or their authorized team members. It also applies regardless of whether you access our services via web interface, mobile app (if applicable), third-party integrations, or embedded APIs.

As part of our compliance strategy, we have implemented technical access restrictions for users located in jurisdictions where the platform is not yet launched. These include the United States, United Kingdom, European Union member states, the United Arab Emirates, and Türkiye (temporarily during the MVP period). Users located in these regions will not be able to access or use the Medguide AI service unless separately authorized under a test or pilot agreement.

By using Medguide, you acknowledge that you have read and understood this Policy and consent to the practices described herein. If you do not agree with this Policy, please refrain from using our services.

For the purposes of this Privacy Policy, the following terms shall have the meanings set forth below:

• Personal Data: Any information that relates to an identified or identifiable individual, such as name, email address, IP address, location data, or user ID.
• Health Data: Any information relating to the physical or mental health of an individual, including medical history, diagnostic records, lab reports, imaging data, prescriptions, and other health-related documentation. This includes structured and unstructured data uploaded to Medguide for processing.
• Processing: Any operation performed on personal or health data, whether by automated means or not, including collection, storage, analysis, modification, access, transmission, or deletion.
• Data Subject: The individual whose personal or health data is being processed.
• User: For the MVP phase, a 'User' refers exclusively to authorized enterprise-level healthcare organizations (doctors, clinics, hospitals, medical tourism facilitators) that have entered into a direct agreement with Medguide AI. Individual consumers are not permitted to use the service at this stage.
• Team Member: An individual acting on behalf of an authorized organization (e.g., medical staff, doctor, or administrative user) within a business or enterprise account.
• Data Controller: The entity (either Medguide or the organization using it) that determines the purposes and means of the processing of personal data.
• Data Processor: Any third party that processes personal or health data on behalf of the Data Controller. This includes services such as cloud storage, OCR engines, or payment processors.
• Consent: A freely given, specific, informed, and unambiguous indication of a user's agreement to the processing of their personal or health data.
• Third-Party Services: External services or vendors integrated into the Medguide platform (e.g., Stripe, Memberstack, Uploadcare), which may receive limited data as required for operational functionality.
• Jurisdiction: The legal framework governing the rights and obligations described in this Policy, primarily based on the company’s incorporation in the United Arab Emirates (Ajman Free Zone) and applicable data protection laws in users’ locations.

Medguide AI Inc. is a health technology company registered in Deleware, USA. Our mission is to enable secure, multilingual, and intelligent processing of medical data through advanced AI-powered systems.

We serve a global user base and offer data analysis services to individuals, healthcare professionals, medical institutions, and health data intermediaries. All operations comply with relevant data protection laws, and we are committed to upholding the privacy and integrity of every user's information.

If you have any questions about this Privacy Policy or how your data is handled, you may contact us at:

Legal Entity: Medguide AI Inc.

Registered Jurisdiction: Deleware, USA

Email: legal@medguide.app (placeholder, can be updated)

Depending on your usage of the platform and your user type (Personal, Business, Enterprise), we may collect the following categories of data:

A. Account Information

• Full name, email address, country, and password (encrypted)
• Organization name, role (Owner, Admin, Team Member)
• Language and communication preferences

B. Uploaded Content

• Medical files submitted for analysis (e.g., lab results, prescriptions, imaging scans, doctor notes)
• Supplementary information provided with uploads (e.g., patient name, notes, language preference)
• These may include health data protected under applicable laws

C. System Usage & Logs

• IP address, browser type, device information, and session timestamps
• Uploaded file sizes, types, language detected, and processing history
• Token usage metrics (volume, limits, plan tier, recharge history)

D. Payment Information

• Payment method (card or bank) is processed by Stripe, not stored by Medguide
• We store only limited metadata: plan type, payment status, transaction ID, and expiration date

E. Third-Party Integrations

• If you sign up via a third-party service (e.g., Google), we may collect identifiers from that platform
• File processing may use secure third-party APIs (e.g., OCR, NLP)

F. Cookies and Analytics

• Session cookies for login and authentication
• Optional usage analytics (anonymized and only if consent is granted)

We do not knowingly collect data from children under the age of 16, and do not allow minor users to create accounts without legal guardian consent.

We process personal and health data only for the purposes clearly defined below, and only when such processing is necessary and lawful under applicable data protection regulations. Our core principle is minimum data use for maximum utility and security.

A. File Processing and Analysis

• To analyze uploaded medical documents and generate structured summaries, classifications, and multilingual interpretations
• To identify relevant medical specialties, urgent findings, and terminology for both professional and layperson users

B. User Account Management

• To register, authenticate, and manage your user account and preferences
• To allocate usage limits, track token balances, and manage subscription tiers
• To allow Business and Enterprise accounts to assign and control Team Member access

C. Communication and Support

• To send you service notifications, including processing confirmations, system alerts, or account-related messages
• To provide technical or customer support when you reach out for help
• To send occasional updates (if opted in), such as feature announcements or surveys

D. Platform Operation and Maintenance

• To monitor usage patterns for system optimization and stability
• To perform technical audits, load balancing, and fraud detection
• To enforce platform security protocols

E. Legal and Regulatory Compliance

• To comply with obligations under GDPR, HIPAA, KVKK, and other applicable regulations
• To respond to valid legal requests such as subpoenas or court orders
• To uphold your rights (e.g., data access, deletion) under relevant law

F. Research and Development (Anonymized only)

• Aggregated, de-identified data may be used to improve our algorithms, models, and service features. No such usage involves personally identifiable information without explicit user consent.

We will never sell or rent your data to third parties. We do not engage in behavior tracking or ad personalization using health or identity-related information.

We rely on several legal bases to collect and process your data, depending on the nature of your interaction with the platform and your geographic location. These bases ensure that all data handling activities comply with applicable laws, including the GDPR (Europe), KVKK (Türkiye), HIPAA (USA), and other relevant frameworks.

A. Consent (GDPR Art. 6.1.a)

We process your personal and health data when you give us clear, informed, and specific consent, for example:

• When you upload a medical file for analysis
• When you accept terms and grant permission via checkboxes during sign-up
• Additionally, explicit consent is re-collected during each document upload via inline confirmation modals
• When you opt in to receive communications

Consent is always revocable, and users can withdraw it at any time via their profile settings or by contacting us.

B. Performance of a Contract (GDPR Art. 6.1.b)

When you subscribe to our platform, we process your information to:

• Deliver the services as defined in our Terms of Service
• Manage your membership, usage limits, and billing

C. Legal Obligation (GDPR Art. 6.1.c)

We may process certain data to fulfill obligations under local or international law, including:

• Retaining transaction records for tax or audit purposes
• Responding to lawful requests from regulators or authorities

D. Legitimate Interest (GDPR Art. 6.1.f)

We may process non-sensitive usage data (e.g., file type frequency, user navigation patterns) to:

• Maintain system stability and security
• Detect fraudulent or abusive behavior
• Improve service functionality (only when not overridden by your privacy rights)

E. Vital Interest / Health Data (GDPR Art. 9.2.a & h)

Health-related data is classified as special category data. We only process such data when:

• You have given explicit consent, or
• The processing is required for diagnostic or medical information purposes initiated by the user

We take data confidentiality seriously and do not sell, rent, or trade your personal or health data to any third parties under any circumstances.

However, we may share limited data with carefully selected third-party service providers when it is essential for the operation of our platform. All such disclosures are governed by strict contractual agreements that ensure data security and legal compliance.

A. Third-Party Service Providers

We work with external partners to support our core functions, such as:

• Payment processing (e.g., Stripe)
  Handles subscription fees and stores limited billing metadata.
• Authentication and user management (e.g., Memberstack)
  Manages user roles, login sessions, and secure access levels.
• Cloud storage and infrastructure (e.g., Supabase, AWS)
  Hosts uploaded files and generated reports in encrypted form.
• AI processing and document analysis (e.g., Amazon Textract, Comprehend Medical)
  Enables advanced summarization, translation, OCR, and report generation.

These services receive only the minimum data required to perform their specific role. We ensure that each partner maintains industry-standard certifications (e.g., SOC 2, ISO 27001) and complies with GDPR/HIPAA where applicable.

B. Internal Access Controls

Within Medguide, access to personal or health data is restricted to:

• Authorized employees with a clear operational need
• Developers and data protection personnel for debugging, support, or auditing purposes
• Enterprise/Business account Owners and Admins, who are responsible for managing their team's access

All access is monitored, and all data transfers are encrypted in transit and at rest.

C. Legal and Regulatory Authorities

We may disclose your data only when:

• Required by a valid court order, subpoena, or regulatory request
• Necessary to detect or prevent fraud, abuse, or harm
• Mandated by local law in jurisdictions where we operate

In such cases, we will notify you unless prohibited by law.

D. Corporate Restructuring (If Applicable)

If Medguide undergoes a merger, acquisition, or asset sale, user data may be transferred as part of the transaction. In such an event, we will notify users and provide options regarding their data.

We retain your data only for as long as necessary to provide our services, fulfill our legal obligations, and protect the integrity of your information. Our retention strategy varies based on the type of user, nature of the data, and the plan selected.

A. Guest Users (Unregistered)

• Files uploaded by guest users who do not complete registration are processed temporarily.
• These files and any associated data are automatically deleted within 1 hour of upload (exact timing may vary depending on system load).
• No identifiable user metadata is retained beyond that window.

B. Registered Users (Personal, Business, Enterprise)

• Uploaded files, generated reports (PDFs), and related metadata are retained for 30 days.
• After 30 days, all input files, outputs, and processing history are permanently deleted unless otherwise required by an ongoing enterprise agreement.

This approach ensures:

• Better performance, storage efficiency, and system scalability
• Higher data security by limiting long-term exposure

Users are responsible for downloading or archiving any data they wish to retain beyond this 30-day window.

C. Account Metadata

• Essential user account metadata (e.g., email, plan type, billing history) is retained as long as the account is active or as required by financial/legal compliance.
• Upon full account deletion, we erase all identifiable metadata within 30 days, unless a longer retention is required for legal defense or fraud investigation.

D. Enterprise & Business Team Members

• Team Members are governed by the Owner or Admin of the organization.
• When a user is removed by an Admin, their access and historical usage logs are deleted according to the same 30-day retention window unless configured otherwise via enterprise settings.

Depending on your country of residence and the applicable laws (such as GDPR, CCPA, or KVKK), you may have specific rights regarding the personal and health data we process. We are committed to enabling the exercise of these rights in a transparent and accessible manner.

A. Right to Access

You have the right to request a copy of the personal and health data we hold about you, including any processed reports or usage logs.

B. Right to Rectification

You may request correction of any inaccurate, outdated, or incomplete data we hold, particularly for your account details or organization information.

C. Right to Erasure (“Right to Be Forgotten”)

You may request deletion of your personal data. If legally permitted, we will erase your files, reports, and metadata within 30 days.

Note: Enterprise users may need to contact their Admin/Owner to initiate this process if their access is part of an organization account.

D. Right to Data Portability

You can request an export of your data in a machine-readable format (e.g., JSON or CSV) if you wish to migrate to another provider.

E. Right to Restrict or Object to Processing

In some cases, you may request that we stop processing specific categories of your data (e.g., marketing preferences, file storage) without deleting your account.

F. Right to Withdraw Consent

You may withdraw consent at any time for data processing based on consent (e.g., optional communications, analytics).

G. Right to File a Complaint

If you believe your data has been processed unlawfully, you may:

• Contact our Data Protection Officer at legal@medguide.app
• File a complaint with your local data protection authority (e.g., KVKK in Türkiye, ICO in UK, or Data Protection Authority in the EU country of residence)

We employ industry-leading security protocols to protect all personal and health-related data processed on the Medguide platform. Our infrastructure is designed to meet high standards of confidentiality, integrity, and availability.

A. Encryption in Transit and at Rest

• All data transfers between your device and our servers are protected using HTTPS with TLS 1.2+ encryption.
• Uploaded files, generated reports, and metadata are encrypted at rest using cloud provider native encryption (e.g., AWS KMS, Google Cloud encryption).

B. Access Control and Role-Based Permissions

• User roles (Owner, Admin, Team Member) determine access rights within Business and Enterprise accounts.
• Internal staff have limited and audited access for support and maintenance purposes only.
• Each user session is securely authenticated and logged.

C. Infrastructure Protections

• Our cloud providers are ISO 27001, SOC 2, and HIPAA-compliant.
• Firewalls, endpoint protection, and anomaly detection systems are in place.

D. Secure File Handling

• Uploaded medical files are stored in temporary encrypted containers.
• Files are auto-deleted after 30 days or sooner if initiated by the user or admin.

E. HSTS Preloading and HTTPS Enforcement

• We use HTTP Strict Transport Security (HSTS) with preloading, ensuring that all browsers force secure connections and never allow fallback to HTTP.
• This prevents common attack vectors such as SSL stripping.

F. Regular Security Reviews

• Periodic internal security audits and external penetration testing are part of our roadmap.
• Third-party processors are reviewed and vetted for compliance and security alignment.

G. Breach Notification Protocol

In the event of a data breach that affects your personal or health data:

• We will notify you within the legally required timeframe (typically within 72 hours under GDPR/HIPAA).
• We will provide a summary of the incident, mitigation steps, and your rights.

Medguide uses cookies and similar tracking technologies solely to ensure secure access, maintain session integrity, and improve system performance. We do not use cookies for behavioral advertising, profiling, or third-party remarketing.

A. Types of Cookies We Use

• Essential Cookies
  Required for the operation of our website. These include session tokens, login authentication, and security settings. These cookies cannot be disabled as they are necessary for service delivery.
• Functional Cookies (optional)
  Used to remember your preferences (e.g., selected language or display mode) and enhance user experience.
• Analytics Cookies (optional, consent-based)
  Help us understand how users interact with the platform, such as which pages are most visited, processing duration metrics, or where users drop off. We use anonymized data only, and never for profiling or advertising.

B. Third-Party Analytics Tools

We may integrate secure analytics tools (e.g., Plausible, PostHog, or Google Analytics with IP anonymization enabled) to better understand platform usage. These tools:

• Do not collect personal or health data
• Respect your opt-out or cookie preference
• Are configured in accordance with GDPR and ePrivacy directives

C. Cookie Consent and Management

• First-time visitors are shown a cookie banner explaining our usage.
• Users can choose to accept, reject, or customize cookie settings.
• Preferences can be modified anytime from the platform footer or profile settings.

D. Do Not Track (DNT)

We honor "Do Not Track" signals from browsers and avoid loading optional cookies unless explicit consent is given.

As a globally accessible health data platform, Medguide may transfer and process your data outside your country of residence, including to countries that may not provide the same level of data protection as your local laws. We ensure that all such transfers are conducted lawfully, securely, and with appropriate safeguards in place.

A. Primary Hosting Regions

• Our cloud infrastructure and data processing services may operate across multiple regions, including:
• United States
• European Union (Germany, Ireland)
• United Arab Emirates (UAE – Ajman, only for business entity registration)
• Actual data residency (file storage and processing location) is managed through secure, compliant infrastructure partners (e.g., AWS, GCP), and selected based on service performance, compliance, and user location.

B. Legal Mechanisms for Transfer

Depending on your jurisdiction, we rely on the following legal bases for international data transfers:

• Standard Contractual Clauses (SCCs) – For users located in the EU, we implement SCCs approved by the European Commission with our subprocessors and infrastructure providers.
• Adequacy Decisions – Where applicable, data transfers to countries with recognized “adequate” data protection laws are allowed under GDPR (e.g., Japan, Switzerland, UK).
• Explicit Consent – For data transfers to regions without adequacy decisions (e.g., USA from EU), we rely on your explicit, informed consent, which is collected during registration and file upload.
• HIPAA Business Associate Agreements (BAAs) – For U.S. users, we ensure our processing partners sign BAAs where required by HIPAA.

C. Regional Blocking (If Applicable)

To comply with specific national regulations or internal security policies, we may:

• Prevent data upload or access from restricted jurisdictions (e.g., embargoed countries)
• Block account creation in territories where we cannot ensure regulatory compliance
• Allow enterprise users to select preferred processing regions in the future (planned)
• During early pilot phases, uploads from specific jurisdictions (e.g., UAE-resident IPs) may be temporarily restricted.

Medguide is not intended for use by individuals under the age of 16 unless explicitly authorized by a parent or legal guardian and permitted under applicable local laws.

A. Account Creation

• We do not knowingly collect personal data from children under 16 without verifiable parental consent.
• If we become aware that a child has registered without appropriate authorization, we will delete the account and associated data immediately.

B. Parental Responsibility

• For medical documents related to minors (e.g., parents uploading test results on behalf of a child), it is the parent/legal guardian’s responsibility to ensure that:
• The data is shared lawfully
• Consent is properly granted
• No third party’s rights are infringed

C. Enterprise Clients

• Hospitals, clinics, or agencies processing minor data via Medguide are solely responsible for obtaining the necessary legal grounds and parental permissions.
• We provide no direct services to children without a verified intermediary.

We may revise this Privacy Policy from time to time to reflect changes in our services, legal requirements, or technology infrastructure. When such changes occur:

A. Notification of Changes

• We will notify users of significant updates via email or through a prominent notice on our platform.
• The effective date will be clearly stated at the top of this document.

B. Continued Use

• Continued use of the platform after the update implies acceptance of the revised terms.
• For material changes (e.g., new data uses, additional third-party integrations), we may seek renewed consent if required.

C. Version Archive

• Users may request previous versions of this Privacy Policy for audit or legal review.
• We maintain a change log documenting all revisions for transparency.

If you have any questions, concerns, or requests regarding your data or this Privacy Policy, you may contact us at any time.

A. Primary Contact

Medguide AI Inc.
Email: legal@medguide.app

This is the designated email for all privacy-related inquiries, including data access, deletion, consent withdrawal, or suspected data incidents.

B. Data Protection Officer (DPO)

DPO Email: dpo@medguide.app (provisional – to be finalized upon launch)

DPO and Legal contact addresses are provisionally assigned for launch-readiness and will be confirmed upon operational go-live. Contracting with corporate agencies (such as Termly, Iubenda, GDPRLocal, etc.) can also be considered to processing matters related to:

• Cross-border data transfers
• Legal bases and consent handling
• Enterprise data protection responsibilities
• Security breach notifications

C. Supervisory Authority Contact

If you are located in the EU, you also have the right to file a complaint with your local Data Protection Authority (DPA). A list of EU DPAs is available at:
https://edpb.europa.eu/about-edpb/about-edpb/members_en

D. Reporting accidental access

To report accidental access from restricted regions, or for test user onboarding under written agreement, please contact legal@medguide.app. All exceptional cases will require written consent and IP exception approval.