1. INTRODUCTION

Aedion LLC (“Aedion,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring transparency in how we collect, use, and protect your information. This Privacy Policy applies to the Aedion mobile application (the “App”) and the Aedion Web Portal (the “Web Portal”). Collectively, the App and Web Portal are referred to as the “Service”.

• The App includes scanning features that collect and process health-related images and user data to provide AI-assisted, non-diagnostic insights. It also includes a conversational AI assistant and curated educational content designed to provide general health and wellness information.
• The Web Portal is a free, chat-only platform limited to the AI Health Assistant and does not collect image or scan data.

By using the App or Web Portal, you agree to this Privacy Policy. If you do not agree, please do not use our services.

2. DATA WE COLLECT

We collect information directly from you and automatically through your use of the Service.

2.1. Personal Information (PI). Includes information that identifies you directly or indirectly, such as:
• Name, email address, and password (encrypted)
• Account preferences and contact details
• Optional demographic data (e.g., age, gender)

2.2. Sensitive Personal Data (SPD). May include the following where applicable:
• Images captured for scanning, which are transmitted via encrypted connection, processed in real-time on secure servers, and immediately discarded after analysis. No image data is stored or retained by Aedion
• Text-based scan results and pattern observations derived from analysis
• Chat logs, symptom descriptions, or contextual information voluntarily provided by the user.
• Wellness profile information such as height, weight, or other voluntarily user-entered data.
Important: The Web Portal does not collect SPD. It only logs basic chat transcripts and cookie/session data for analytics and performance.

2.3. Technical and Usage Data. Automatically collected information such as:
• Device type, operating system, IP address
• Session timestamps, crash reports, and analytics data
• App interaction data (e.g., number of scans, frequency of use)

3. HOW WE USE YOUR INFORMATION

We use your information for three primary purposes:

A. Service Operation
• To provide, personalize, and improve the App and Web Portal;
• To manage user accounts and customer support requests; and
• To process images on secure servers in real-time and deliver AI-generated pattern observations. Images are immediately discarded after analysis and are never stored.

B. AI Model Improvement (With Explicit Consent)
• Aedion does not currenlty use user data for AI model training. If this changes in the future, we will seek explicit opt-in consent from users before using any data for this purpose. Users will have the ability to opt in or out of AI model training at any time, and we will provide clear controls within the app settings to manage the consent.

C. Legal and Security Purposes
• To comply with legal obligations
• To prevent fraud or misuse of the Service
• To ensure system security and integrity

In jurisdictions requiring a legal basis for data processing (for example, under the GDPR), Aedion relies on the performance of a contract (to provide and operate the Service), user consent (where applicable, including for any future AI model training or marketing communications), and legitimate interests (to maintain, improve, and secure the Service).

4. HOW WE SHARE INFORMATION

We do not sell your information. We share it only as necessary to operate our services or comply with legal obligations.

4.1. Service Providers. We share limited data with third-party vendors under strict confidentiality obligations, including:
• Cloud Hosting: DigitalOcean, U.S.
• Analytics: Google Analytics for aggregated usage metrics
• AI Infrastructure: Aedion’s proprietary AI systems and secure third-party large language model providers that process user inputs to generate conversational responses and insights. All third-party AI providers operate under written agreements requiring appropriate data-protection and confidentiality safeguards.

4.2. Legal Compliance. We may disclose your data if required by law, subpoena, or court order.

4.3. Aggregated or De-Identified Data. We may share anonymized, aggregated statistics (e.g., total number of scans performed, average confidence scores) for research or reporting purposes.

4.4. Third-Party Links. The Service may contain links to third-party websites or resources. Aedion is not responsible for the privacy practices or content of such third parties, and users are encouraged to review their respective privacy policies.

5. DATA RETENTION

• Personal Information (PI) and stored non-image data are retained for up to 90 days following verified account deletion, unless a longer retention period is required by law.
• Images captured for scanning are transmitted via encrypted connection, processed in real-time, and immediately discarded after analysis; no image data is retained by Aedion.
• Web Portal chat logs are retained for 30 days for system optimization before being anonymized or deleted.

We review our data-retention practices periodically to ensure they remain consistent with our business need and legal obligations.

6. SECURITY MEASURES

We employ industry-standard safeguards to protect your data:
• Encryption in transit and at rest
• Access controls and network segmentation
• Continuous security monitoring
• Administrative policies to ensure personnel confidentiality compliance

Despite these measures, no method of transmission or storage is 100% secure. By using our Service, you acknowledge and accept this inherent risk.

7. YOUR RIGHTS

Depending on your jurisdiction, you may have the following rights:
• Access: Request a copy of your data
• Correction: Request updates or corrections to inaccurate data
• Deletion: Request deletion of your account and personal data
• Portability: Request export of your data in a machine-readable format

To exercise these rights, contact us at the email provided below. Requests will be processed within applicable regulatory timeframes.

8. CHILDREN’S PRIVACY

Aedion does not knowingly collect information from individuals under the age of 18. If such data is inadvertently collected, it will be deleted promptly upon discovery.

9. INTERNATIONAL DATA TRANSFERS

If you access our services outside the United States, your data may be processed and stored in the U.S. We use appropriate safeguards, including standard contractual clauses where applicable, to protect your data under international privacy laws.

10. UPDATES TO THIS PRIVACY POLICY

Aedion may update this Privacy Policy from time to time. Any changes will be posted in the App and Web Portal with a new effective date. Your continued use after such changes constitutes acceptance.

11. CONTACT INFORMATION

For questions or privacy-related requests, please contact us at:
Aedion LLC
Email: info@aedion.ai
Address: 500 Cummings Center, Suite 6500A, Beverly, MA 01915 USA.

By using the Aedion App or Web Portal, you acknowledge that you have read, understood, and agreed to this Privacy Policy.