Affine Health Intelligence, Inc. ("Affine," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, visit our website, or interact with us.

Information You Provide

• Contact Information: Name, email address, phone number, company name, job title
• Account Information: Username, password, and preferences
• Communications: Information you provide when contacting us or participating in surveys
• Payment Information: Billing address and payment details (processed by our payment provider)

Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on our services
• Device Information: IP address, browser type, operating system, device identifiers
• Cookies and Tracking: We use cookies and similar technologies to improve user experience

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Send you technical notices, updates, and support messages
• Respond to your comments, questions, and requests
• Communicate about products, services, and events
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent or unauthorized activity
• Comply with legal obligations

We do not sell your personal information. We may share information in the following circumstances:

• Service Providers: With vendors who assist in providing our services (e.g., hosting, analytics, payment processing)
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Legal Requirements: When required by law or to protect our rights and safety
• With Your Consent: When you have given us permission to share

When Affine processes Protected Health Information (PHI) on behalf of healthcare customers, we act as a Business Associate under HIPAA. Key points:

• PHI Stays in Your Environment: Customer PHI is processed within the customer's own Snowflake environment. We do not store or transfer PHI to our systems.
• Business Associate Agreement: We enter into BAAs with all customers who process PHI through our platform.
• Limited Access: Affine personnel access customer PHI only when necessary for support, and only with explicit customer authorization.
• Security Controls: We maintain administrative, physical, and technical safeguards required by HIPAA.

We implement appropriate technical and organizational measures to protect your information, including:

• Encryption of data in transit (TLS 1.3) and at rest (AES-256)
• Role-based access controls and multi-factor authentication
• Regular security assessments and penetration testing
• Employee security training and background checks
• SOC 2 Type II certified security controls

Depending on your location, you may have the following rights:

• Access: Request a copy of the information we hold about you
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information
• Portability: Request a copy of your data in a portable format
• Opt-Out: Opt out of marketing communications at any time

To exercise these rights, please contact us at info@affine-health.io.

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Affine Health Intelligence, Inc.

Email: info@affine-health.io

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.