Política de Privacidad

Last Updated: 14 Oct, 2023


The BodyBrainAI cares about data privacy and security and is committed to fair information practices and to the protection of privacy.

This Privacy Policy explains the manner in which BodyBrainAI, Inc. (hereinafter – the “BodyBrainAI”, “we”, “us” or “our”) collects, stores, uses, and/or discloses (collectively “process”) information, including Personal and other types of data, collected from the website (the “Website”). It also guides you on how you can control your information.

This Privacy Policy applies to the Website and services available through the Website (the “Services”) and complies with the Health Insurance Portability and Accountability Act of 1996 and related state laws relating to health data security (collectively, “HIPAA”). While our Services may not involve specific transactions to which HIPAA directly applies, we nonetheless operate in compliance with HIPAA's guidelines.

Unless the context otherwise requires or unless otherwise expressly defined in the Terms of Use, the terms will have the same meanings whenever used in this Privacy Policy. The Users of the Website or the Services (including visitors and registered users (the “Registered User”) of the Website) are collectively referred to as “Users”, “you”, “your”, or “yours”. Any reference in this Privacy Policy made to the Users pertains to both visitors and Registered Users.

Your use of the Website is governed by this Privacy Policy and the Terms of Use.

By using the Website, you signify your acceptance of this Privacy Policy. You also agree, acknowledge, and represent that you have reviewed this Privacy Policy; you understand your rights and how BodyBrainAI may use and disclose personally identifiable information that identifies you under HIPAA, GDPR, or other applicable laws and regulations; and give your consent for BodyBrainAI to use and disclose such information as described in this Privacy Policy. To revoke your consent, please contact us in writing at a specified contact method (e.g., email).

If you do not agree to this Privacy Policy, please do not use the Website and/or the Services.

Collection of Information

When you access or use the Website and/or the Services, we may collect various types of information:

  • Automatically Collected Information: We automatically gather certain data when you interact with the Website. This includes:

    • Traffic Data: IP addresses, domain servers, types of devices accessing the Website, web browser types, referring sources that directed you to the Website, and other related information.

    • Cookies: These are small files transferred to your device's storage that may include user IDs and preferences. While cookies can enhance your experience by saving certain data, you can choose to block or delete them. However, some features of the Website might not function optimally without cookies.

    • Google Analytics: Our website uses Google Analytics to provide insights and statistical analysis. This does not include personal data. More details can be found in Google's privacy policy.

    • Web Beacons: These electronic images help us understand user behavior, including reactions to our emails and interactions with online advertisements.

    • Embedded Web Links: Links in our emails or on certain third-party websites may have embedded tracking. This allows us to gauge user engagement with our content.

    • Third-party Services: We collaborate with third-party service providers who might employ various data collection techniques to optimize the performance of our marketing campaigns.

Information You Provide

You might supply us with different information based on the nature of your interaction with the Website.

  • Account Information: While you aren't mandated to provide personal data to browse the Website, certain services might require you to set up an account. This could involve creating a username and password unique to you.

  • Contact and Feedback: You may voluntarily share data, such as when reaching out to BodyBrainAI for more information. When doing so, offer only pertinent information and avoid unnecessary sensitive details. 

  • Health Data: If our Services request health-related data, ensure you omit any direct identifiers like your name, address, or any specifics that can personally identify you. Always sanitize data before submission, removing details that could single out an individual.

Information you provide to us includes, without limitation the following:

Personal Information

While you can access and use the Website without creating an account, certain Services are exclusive to Users who have registered on the Website (referred to as “Registered Users”).

For Registered Users, BodyBrainAI may require you to provide certain personal identifiers, including, but not limited to, your email address (termed “Personal Information”).

The categories of Personal Information we might collect include:

  • Contact Data: This consists of your email address and the password for your BodyBrainAI account.

  • Demographic Data: Information such as your gender, age, and date of birth.

  • Medical Data: Any medical details you willingly share with us.

It's essential to note that we only gather Personal Information when voluntarily submitted by you. While you have the freedom to decline providing this data, withholding it might restrict you from partaking in specific activities on the Website, especially those related to availing our Services.

Medical Records

To utilize certain features, such as the chat with our AI Health Assistant, you may need to provide us with medical data. This can include past and current health records, medical reports, diagnostic test results, laboratory results, descriptions of symptoms, medication details, medical histories, lifestyle descriptions, and any relevant documentation or reports from healthcare professionals who have diagnosed or treated you. All of this collectively is termed as the “Medical Information”.

It's crucial to understand that we gather Medical Information only when you voluntarily share it with us. While you retain the right to withhold this information, not providing it might limit your ability to fully engage with specific features on the Website or avail certain Services.

Other information

We collect additional information that you might voluntarily provide while using various interactive tools and Services on the Website. This could be data you input in free-text boxes, or responses to surveys and questionnaires.

While some of this data could potentially be categorized as Personal or Medical Information, we urge you to be cautious and omit any direct identifiers. Ensure that you exclude details like your name, address, contact details, social security number, medical record number, and any other identifiers. If you're sharing documents, such as medical reports, always redact personal details. This can be achieved by blacking out the sensitive parts or using specialized online tools to anonymize the data.

Payment data

You're not required to input any credit card details while browsing our website or accessing the basic services. Only when you decide to opt for a paid subscription to our Services will we need payment information.

For secure payment processing, we use PCI-compliant third-party processors. They handle the payment details on our behalf, ensuring smooth transaction completion. After a payment is successfully processed, we receive a confirmation, which we associate with your account and relevant transactions. It's important to note that while our administrators can monitor transactions via customer portals, they don't have direct access to or process the specific credit card details.

Information Provided on Behalf of Children

BodyBrainAI is committed to safeguarding the privacy of young individuals. In line with the Children's Online Privacy Protection Act ("COPPA"), we don't collect information from children under the age of 13. Furthermore, we do not knowingly allow individuals under the age of 21 to create accounts or access the Services and the Website.

Children's Online Privacy Protection Act

COPPA sets clear limitations on the collection of information from children under 13. Given these restrictions and our own policies, individuals under the age of 21 are prohibited from using our Website. Our Website, its Services, and the associated data are not designed for or targeted at users below 21 years of age. If you're under 21, we kindly request that you refrain from accessing or using the Website in any capacity.

For parents or guardians: If you discover that your child, under the age of 21 or the equivalent minimum age in your jurisdiction, has created an account on our Website, please contact us using the details provided in the "Contact Us" section. We'll promptly take steps to delete the child's personal information from our systems. If we inadvertently collect information from a child below 21, or the jurisdiction's equivalent minimum age, we'll use that information solely to inform the child (or their parent or guardian) that they cannot use our Services. We'll then delete this information as soon as possible, unless legally obligated to retain it.

Use of collected Information

We value your privacy and only collect and use personal information for specific, legitimate purposes:

  • Service Provision and Enhancement: We might request Personal and Medical Information to generate AI-reports or deliver other services to optimize and enhance our offerings.

  • Customer Service Improvement: Your information aids us in responding more efficiently to customer service requests and support needs.

  • Transaction Processing: This includes verifying payments, sending related notifications, including purchase confirmations, invoices, and critical alerts.

  • Website Enhancement: Feedback from users is invaluable in improving our website and the services we provide.

  • Research: In some instances, we might conduct research using your information, but only with your explicit written consent.

  • Legal and Security Measures: To prevent illegal activities or enforce our terms, and also to comply with the Terms of Use.

  • Marketing and Outreach: To inform you about new services, offers, promotions, and events that might be of interest to you.

  • Communication: To get in touch when needed, especially in relation to any tools or services you've engaged with.

  • User Engagement: To increase the number of active users through targeted marketing and advertising.

  • Commercial Communications: To send updates about our products, features, newsletters, and promotions, in alignment with your preferences.

  • Contractual Obligations: To fulfill and enforce any contractual obligations between you and us, including billing and collection.

  • Regulatory Compliance: To share information with regulatory bodies when legally mandated, always in line with this Privacy Policy.

  • User Consent: For any purpose you've been informed of at the time of data collection, and for which you've given consent, always subject to the limitations set by HIPAA and the HIPAA NPP.

  • Personalization: We might use the information to personalize your experience across our website, emails, and communications based on your interests and preferences.

Sharing of Information

We value your trust and only share the information we collect based on the guidelines listed below:

  • Authorized Third-party Vendors and Service Providers: We collaborate with third-party vendors and service providers that assist us with specialized services, such as billing, payment processing, customer service, email deployment, business analytics, marketing, advertising, performance monitoring, hosting, and data processing. These third parties are only allowed to use the information for the services they provide to us and are prohibited from using it for other purposes.

  • Legal Purposes: We might disclose information in response to legal processes like subpoenas, court orders, law enforcement requests, legal claims, or government inquiries. This is to uphold the rights, interests, health, safety, and security of BodyBrainAI, our users, and the public, as well as to enforce our Terms of Use.

  • Business Transfers: In the event of a business transition, such as an asset transfer, merger, consolidation, or bankruptcy, we may transfer information, provided such a transfer is compliant with HIPAA guidelines.

  • Protected Health Information (PHI): We may transfer your PHI as permitted under HIPAA regulations.

  • With Your Consent or at Your Direction: There may be instances where we share information based on your explicit consent or direction.

  • Non-Disclosure: We affirm that we do not sell, trade, or rent your personal information to others.

Retention of Information

We retain your Personal Information only for the duration necessary to fulfill the objectives outlined in this Privacy Policy, unless the law mandates or allows for a more extended retention period (as might be the case for tax, accounting, or other legal considerations).

Once there's no continuing legitimate business reason to process your Personal Information, we'll take measures to either delete or anonymize it. If direct deletion or anonymization isn't feasible (for instance, if the data resides in backup archives), we'll securely store your Personal Information, ensuring it's segregated from any active processing, until such time that deletion becomes viable.

User Choice

  • Information Provision: You have the choice to withhold any Personal or Medical Information from us. If you choose to do so, you can still access parts of the Website. However, certain sections or Services requiring this information will be inaccessible to you.

  • Email Newsletters and Marketing: We will only send you email newsletters and marketing communications if you've given us explicit consent. If you've opted in and later decide to opt out, you can do so by clicking the “unsubscribe” link at the bottom of each email.

  • Operational Messages: While you can opt out of marketing messages, there are operational communications essential for providing our Services that you cannot opt out of. These include payment confirmations, password reset notifications, and other crucial alerts.

  • Cookies: Depending on your web browser, you might be able to refuse or disable cookies. As browsers vary, please refer to your browser's "Help" section or manual for specific instructions.

  • Request for Deletion: You can ask us to erase your personal information by contacting us at [email protected]. Unless legally required, we will remove the specified data upon your request.

Your Protected Health Information

It's important to understand that not all the Information shared on our Website falls under the legal protections of the Health Insurance Portability and Accountability Act (“HIPAA”).

Where your Personal Information and/or Medical Information is categorized as protected health information as outlined in 45 CFR § 160.103 (“Protected Health Information” or “PHI”), we ensure its use and disclosure align with HIPAA regulations. You have several rights concerning this PHI:

  • Right to Access: You can review or request copies of your PHI. Requests must be in writing. While we may charge a fee for processing and mailing, we'll inform you of these costs upfront.

  • Right to Amend: If you believe the PHI we hold is incorrect or incomplete, you can request amendments in writing, providing reasons. We might deny requests under certain conditions, like if the record is already accurate and complete.

  • Right to Disclosure Accounting: You can request an accounting of disclosures we've made of your PHI, excluding those made for treatment, payment, healthcare operations, or with your consent.

  • Right to Request Restrictions: You can request limitations on how we use or disclose your PHI for treatment, payment, or healthcare operations.

  • Confidential Communications: You've agreed to receive confidential communications from us electronically, accessible via our Website.

  • Breach Notification: Should there be a breach of your PHI, you'll be notified electronically via our Website.

  • Right to Paper Copy: You can request a physical copy of this Privacy Policy at any time.

By engaging with our Website or Services and providing information that might be categorized as PHI, you:

  • Grant BodyBrainAI permission to store all Personal Information, Medical Information, and any other data potentially constituting your PHI. You can view this information online.

  • Permit BodyBrainAI to disclose specific Personal or Medical information, including PHI, to third parties when mandated by law, court orders, or in response to legal processes.

  • Allow BodyBrainAI to use the Personal Information, Medical Information, and any other data that could constitute your PHI, as determined necessary by BodyBrainAI.

  • Recognize that BodyBrainAI might review your Personal Information, Medical Information, and any other relevant data before and after your engagement with the Website. This review is, among other reasons, for quality assurance. While we may use anonymous data for public purposes, we will always ensure no personally identifying information is disclosed.


Protecting your Personal Information is of utmost importance to us. We adhere to widely-accepted industry standards and employ suitable data collection, storage, processing practices, and protective measures to guard against unauthorized access, alteration, disclosure, or destruction of your personal information, username, password, transaction details, and data stored on our Website.

Any sensitive and private data exchanges between you and our Website are facilitated using third-party platforms that employ robust security measures and encryption, as outlined in their respective privacy policies.

It's important to acknowledge that while we strive for robust security, no system can guarantee absolute protection. Despite our best efforts, there might be instances where your Personal Information might be accessed without authorization. Should we discover any such unintended disclosures, we commit to notifying you about the nature and scope of the breach as soon as reasonably possible, subject to legal regulations.

Your role in safeguarding your data is crucial. We urge you to be vigilant with your online credentials like usernames and passwords. If you suspect any unauthorized use or believe your credentials might be compromised, please change your password promptly and inform us. Additionally, if your Contact Data is lost, stolen, or misused, inform us immediately so we can take appropriate action to secure your account.

Public Disclosures

Information you disclose in review postings or other online forums on our Website is intentionally public. Always exercise caution when sharing personally identifiable information in public spaces. Your public comments could be accessed by third parties and used in ways beyond our control.

Third-party Websites and Social Media

This Privacy Policy exclusively applies to the BodyBrainAI Website and not to any external websites you might access from our platform. Some external sites might resemble our platform in appearance, but they operate under their own terms and privacy policies. Always ensure you're on our Website and, if visiting external sites, familiarize yourself with their respective privacy policies. BodyBrainAI doesn't share your personal data with these external sites and isn't responsible for their data handling practices.

International Users

We process and store information in the United States, which might have different data protection standards than your home country. By using our Services and providing your information, you acknowledge that your data will be transferred to and stored in the U.S. By continuing to use our platform and its Services, you consent to this transfer and storage in line with this Privacy Policy.

Your GDPR Rights

For individuals falling under the General Data Protection Regulation (GDPR), you may be entitled to specific rights regarding your Personal Information (or "Personal Data" as termed in the GDPR):

  • Right to Access: You have the right to request a copy of your Personal Data that we hold.

  • Right to Rectification: Should you find inaccuracies in your Personal Data, you can request its amendment or correction.

  • Right to Erasure: In certain situations, you can ask us to delete your Personal Data, provided there's no legal obligation for us to retain it.

  • Right to Data Portability: You can request a transferable version of your data that you provided to us.

  • Right to Object or Restrict Processing: In specific circumstances, you can request that we halt the processing of your Personal Data.

For the context of the GDPR, BodyBrainAI functions as a data processor.

Updates to Privacy Policy

We periodically review and may update this Privacy Policy. Any changes will be posted on the Website, and the revised date will be updated. If significant changes are made, we'll notify you through the Website or by email. By continuing to use our Website and Services after these changes, you acknowledge and agree to the revised Privacy Policy. If you disagree with any part of the updated policy, your only option is to cease using our services and delete your account.

Always ensure you review our Privacy Policy periodically to stay informed about how we protect your data.

Contacting Us

For any inquiries or concerns about this Privacy Policy or your data, please reach out to us at [email protected]. If you believe your privacy rights have been violated, you can file a complaint with the U.S. Department of Health and Human Services. More details on this process can be found here


Your AI health partner, empowering you to take command of your health.

twitter icon


Contact Us



©2023 By BodyBrainAI Inc.