1. INTRODUCTION

Aedion LLC (“Aedion,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring transparency in how we collect, use, and protect your information. This Privacy Policy applies to the Aedion mobile application (the “App”) and the Aedion Web Portal (the “Web Portal”). Collectively, the App and Web Portal are referred to as the “Service”.

• The App includes scanning features that collect and process health-related images and user data to provide AI-assisted, non-diagnostic insights. It also includes a conversational AI assistant and curated educational content designed to provide general health and wellness information.
• The Web Portal is a free, chat-only platform limited to the AI Health Assistant and does not collect image or scan data.

By using the App or Web Portal, you agree to this Privacy Policy. If you do not agree, please do not use our services.

2. DATA WE COLLECT

We collect information directly from you and automatically through your use of the Service.

2.1. Personal Information (PI). Includes information that identifies you directly or indirectly, such as:
• Name, email address, and password (encrypted)
• Account preferences and contact details
• Optional demographic data (e.g., age, gender).

2.2. Sensitive Personal Data (SPD). Includes health-related information you choose to provide through the App:
• Uploaded images of skin or eye conditions
• AI-generated outputs (Tier classifications, confidence scores, recommendations)
• Chat logs or symptom descriptions shared with the AI Assistant
Important: The Web Portal does not collect SPD. It only logs basic chat transcripts and cookie/session data for analytics and performance.

2.3. Technical and Usage Data. Automatically collected information such as:
• Device type, operating system, IP address
• Session timestamps, crash reports, and analytics data
• App interaction data (e.g., number of scans, frequency of use)

3. HOW WE USE YOUR INFORMATION

We use your information for three primary purposes:

A. Service Operation
• To provide, personalize, and improve the App and Web Portal;
• To manage user accounts and customer support requests; and
• To process uploaded images and deliver AI-generated classifications

B. AI Model Improvement (With Explicit Consent)
• To train and improve our proprietary AI models using de-identified images, chat logs, and results;
• De-identification involves removing direct identifiers (e.g., name, email, account ID) before use;
• You may opt in or out of allowing your de-identified data to be used for AI model training at any time within your account settings

C. Legal and Security Purposes
• To comply with legal obligations
• To prevent fraud or misuse of the Service
• To ensure system security and integrity

In jurisdictions requiring a legal basis for data processing (for example, under the GDPR), Aedion relies on the performance of a contract (to provide and operate the Service), user consent (for AI model training or marketing communications where applicable), and legitimate interests (to maintain, improve, and secure the Service).

4. HOW WE SHARE INFORMATION

We do not sell your information. We share it only as necessary to operate our services or comply with legal obligations.

4.1. Service Providers. We share limited data with third-party vendors under strict confidentiality obligations, including:
• Cloud Hosting: Amazon Web Services (AWS), U.S. (West Virginia Region)
• Analytics: Google Analytics for aggregated usage metrics
• AI Infrastructure: Aedion’s proprietary AI systems and secure third-party large language model providers that process user inputs to generate conversational responses and insights. All third-party AI providers operate under written agreements requiring appropriate data-protection and confidentiality safeguards.

4.2. Legal Compliance. We may disclose your data if required by law, subpoena, or court order.

4.3. Aggregated or De-Identified Data. We may share anonymized, aggregated statistics (e.g., total number of scans performed, average confidence scores) for research or reporting purposes.

4.4. Third-Party Links. The Service may contain links to third-party websites or resources. Aedion is not responsible for the privacy practices or content of such third parties, and users are encouraged to review their respective privacy policies.

5. DATA RETENTION

• Personal Information (PI) and original uploads are retained for up to 90 days after verified account deletion.
• De-identified data used for AI model training may be retained indefinitely, as it cannot reasonably be linked back to you.
• Web Portal chat logs are retained for 30 days for system optimization before being anonymized or deleted.

We review our data-retention practices periodically to ensure they remain consistent with our business need and legal obligations.

6. SECURITY MEASURES

We employ industry-standard safeguards to protect your data:
• Encryption in transit and at rest
• Access controls and network segmentation
• Continuous security monitoring
• Administrative policies to ensure personnel confidentiality compliance

Despite these measures, no method of transmission or storage is 100% secure. By using our Service, you acknowledge and accept this inherent risk.

7. YOUR RIGHTS

Depending on your jurisdiction, you may have the following rights:
• Access: Request a copy of your data
• Correction: Request updates or corrections to inaccurate data
• Deletion: Request deletion of your account and personal data (excluding de-identified data already used for training)
• Withdrawal of Consent: Opt out of AI model training at any time
• Portability: Request export of your data in a machine-readable format

To exercise these rights, contact us at the email provided below. Requests will be processed within applicable regulatory timeframes.

8. CHILDREN’S PRIVACY

Aedion does not knowingly collect information from individuals under the age of 18. If such data is inadvertently collected, it will be deleted promptly upon discovery.

9. INTERNATIONAL DATA TRANSFERS

If you access our services outside the United States, your data may be processed and stored in the U.S. We use appropriate safeguards, including standard contractual clauses where applicable, to protect your data under international privacy laws.

10. UPDATES TO THIS PRIVACY POLICY

Aedion may update this Privacy Policy from time to time. Any changes will be posted in the App and Web Portal with a new effective date. Your continued use after such changes constitutes acceptance.

11. CONTACT INFORMATION

For questions or privacy-related requests, please contact us at:
Aedion LLC
Email: info@aedion.ai
Address: 500 Cummings Center, Suite 6500A, Beverly, MA 01915 USA.

By using the Aedion App or Web Portal, you acknowledge that you have read, understood, and agreed to this Privacy Policy.