Conversational artificial intelligence is at the technological frontier. We believe that this emerging technology will fundamentally change the way that we engage with and think about computers in our everyday lives. Ultimately, our goal is to use AI to build safe, smart, kind, and engaging conversational partners.
One note at the top, we never sell your health data to a third party, nor will it ever be used to target you for advertising.
Users deserve transparency regarding how that process works, particularly when it comes to their data. This Policy is one part of that transparency. It documents what data we collect, how we keep it secure, and describes how we use that data to improve our Services for everyone. Here are the top level points:
August is a health information platform and any information provided by August does not constitute medical advise and should never be used to replace sound advise from a healthcare professional. Always run the information you get form August by a healthcare professional.
When you use August, we collect data including your name, phone number, and IP address. We use this data to run August, inform improvements to the platform, keep you safe, and comply with all applicable laws.
Keeping your conversations with August private and safe is our top priority, and we will never sell or share your data for advertising or marketing purposes. We have strict internal controls over the use of and access to user data.
You agree to follow our Acceptable Use policy. When you talk to August, you should not try to get it to talk about harmful, abusive, or illegal topics. You also should not attempt to evade our security measures or learn about the models, algorithms, prompts, or source code of August. If our automated systems detect this activity, you may be suspended.
You are not permitted to use August if you are under the age of 18.
August may make up facts, events, or advice. You should never rely on anything it tells you without double-checking the facts yourself or, if appropriate, talking to a professional.
Information We Collect
Information you provide to us
Contact and account information, such as your first and last name, email address, and your phone number.
Content and metadata of any messages that you send using the Services or to August directly.
Communications that we exchange with you, including when you respond to our surveys or contact us with questions, feedback or otherwise.
Health Reports: Any PDF, Images that you submit that contain any data related to your health
Automatic data collection. We and our service providers may automatically log and combine information about you, your computer or mobile device, and your interaction over time with the Services, online resources and our communications, such as:
Device data such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, device type (e.g., phone, tablet), IP address, unique identifiers, language settings and general location information such as city, state or geographic area.
Online activity data such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Services, navigation paths between pages or screens, information about your activity on a page or screen, access times, duration of access, and whether you have opened or otherwise engage with our communications.
We use the following tools for automatic data collection:
Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.
Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
Information we obtain from other sources. If you choose to contact or otherwise interact with our Services over a third-party messaging platform such as Facebook Messenger or Instagram, we will collect an identifier of your profile on these platforms.
How Do We Use The Information We Collect?
We use personal information for the following purposes or as otherwise described at the time of collection:
Provide our Services. We use personal information to operate, maintain, and provide you with our Services. In particular, we use personal information to perform our contractual obligations under our Terms of Service.
Communicate with you about our Services. It is in our legitimate business interests to use personal information to respond to your requests, provide customer support, and communicate with you about our Services, including by sending announcements, surveys, reminders, updates, security alerts, and support and administrative messages.
Improve, monitor, personalize, and protect our Services. It is in our legitimate business interests to improve and keep our Services safe for our users, which includes:
Understanding your needs and interests, and personalizing your experience with the Services and our communications.
Troubleshooting, testing, and research, and keeping the Services secure.
Investigating and protecting against fraudulent, harmful, unauthorized, or illegal activity.
Research and development. We may use personal information for research and development purposes where it is in our legitimate business interests, including to analyze and improve the Services and our business. As part of these activities, we may create or use aggregated, de-identified or other anonymized data from personal information we collect. We make personal information into anonymized data by removing information that makes the data personally identifiable to you. We may use this anonymized data and share it with third parties for our lawful business purposes, including to analyze and improve the Services and promote our business.
Compliance and protection. We may use personal information to comply with legal obligations, and to defend us against legal claims or disputes, including to:
Protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims).
Audit our internal processes for compliance with legal and contractual requirements and internal policies.
Enforce the terms and conditions that govern the Services.
Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.
Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
Sharing Your Information
We do not sell or share your personal information with third-parties for interest-based advertising purposes . We may disclose your personal information as described below:
Service providers. We may rely on third-party service providers in furtherance of the purposes described above. In these cases, personal information may be accessed by these third-parties and processed or stored on our behalf. These service providers can include hosting services, cloud computing and storage services, maintenance services, security services, and customer support services. We also may share hashes of names and phone numbers and limited device data for advertising attribution and measurement services. This means that the recipient can recognize your name and phone number only if they already have that information from another source.
Business transferees. Personal information may be transferred to another entity in the event of a bankruptcy, change of control, or shutdown of Beyond Health. We may also transfer personal information in the course of a sale or merger of the business.
Authorities and others. If we are legally obliged or otherwise believe it necessary to do so, personal information may be disclosed to regulatory agencies, law enforcement agencies, courts, and other government authorities, including for the compliance and protection purposes described above.
Where and when is information collected from customers and end users?
Security is integral to the success of conversational AI: people need to trust that their data is being handled responsibly and safely in order to fully get the benefits of our Services.
Ensuring the integrity of your data is a major priority for us. Beyond Health has technical measures in place to protect personal information against unauthorized access, corruption, loss, or misuse. This includes internal measures that limit access to personal information to a dedicated set of specialist employees working on improving the safety or quality of our Services. Where possible and appropriate, we also deidentify sensitive data like conversational logs to preserve user privacy.
However, these measures are not a guarantee of absolute security and you acknowledge and accept that your use of our Services is ultimately at your own risk.
Also, please note that you are responsible for managing access to any accounts that you maintain with Beyond Health. Failure to limit access to your devices or browser might enable third-parties to have unauthorized access to your personal information.
Third-Party Websites and Content
Please be advised that you may encounter links or content through our Services that are provided by third-parties that Beyond Health does own or otherwise control. You acknowledge that any data you provide to these third-parties shall be governed solely by the terms of service, privacy policies, and other terms applicable to those third-parties.
Our Services are not intended for minors under the age of 18. We do not knowingly collect or solicit personal information from minors under the age of 18. If you are a minor under the age of 18, please do not attempt to use our Services, register an account with us, or send any personal information to us.
If you believe that a minor under the age of 18 has provided personal information to us or is otherwise using our Services, please let us know immediately at firstname.lastname@example.org and we will seek to delete this information and revoke access as quickly as possible.
Where required under applicable laws, we retain personal information only for as long as is necessary to fulfill the purposes for which it was collected and processed, in accordance with our retention policies, and in accordance with applicable laws and regulatory obligations or until you withdraw your consent (where applicable).
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we use personal information and whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.
The laws of India, excluding its conflicts of law rules, shall govern this Agreement and your use of the website. Your use of the website may also be subject to other local, state, national, or international laws.
Links to Other Websites
Blocking and disabling cookies and similar technologies
Wherever you're located you may also set your browser to block cookies and similar technologies, but this action may block our essential cookies and prevent our website from functioning properly, and you may not be able to fully utilize all of its features and services. You should also be aware that you may also lose some saved information (e.g. saved login details, site preferences) if you block cookies on your browser. Different browsers make different controls available to you. Disabling a cookie or category of cookie does not delete the cookie from your browser, you will need to do this yourself from within your browser, you should visit your browser's help menu for more information.
We may display, include or make available third-party content (including data, information, applications and other products services) or provide links to third-party websites or services ("Third- Party Services").
You acknowledge and agree that Beyond Health shall not be responsible for any Third-Party Services, including their accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect thereof. Beyond Health does not assume and shall not have any liability or responsibility to you or any other person or entity for any Third-Party Services.
Third-Party Services and links thereto are provided solely as a convenience to you and you access and use them entirely at your own risk and subject to such third parties' terms and conditions.
Google Maps API
Google Maps API is a robust tool that can be used to create a custom map, a searchable map, check-in functions, display live data synching with location, plan routes, or create a mashup just to name a few.
Google Maps API may collect information from You and from Your Device for security purposes.
Local Storage sometimes known as DOM storage, provides web apps with methods and protocols for storing client-side data. Web storage supports persistent data storage, similar to cookies but with a greatly enhanced capacity and no information stored in the HTTP request header.
Information about General Data Protection Regulation (GDPR)
What is GDPR?
GDPR is an EU-wide privacy and data protection law that regulates how EU residents' data is protected by companies and enhances the control the EU residents have, over their personal data.
The GDPR is relevant to any globally operating company and not just the EU-based businesses and EU residents. Our customers’ data is important irrespective of where they are located, which is why we have implemented GDPR controls as our baseline standard for all our operations worldwide.
What is personal data?
Any data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data extends beyond a person’s name or email address. Some examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical address, sexual orientation, and ethnicity.
The Data Protection Principles include requirements such as:
Personal data collected must be processed in a fair, legal, and transparent way and should only be used in a way that a person would reasonably expect.
Personal data should only be collected to fulfil a specific purpose and it should only be used for that purpose. Organizations must specify why they need the personal data when they collect it.
Personal data should be held no longer than necessary to fulfil its purpose.
People covered by the GDPR have the right to access their own personal data. They can also request a copy of their data, and that their data be updated, deleted, restricted, or moved to another organization.
Why is GDPR important?
GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts it's simply the right thing to do. At Beyond Health we strongly believe that your data privacy is very important and we already have solid security and privacy practices in place that go beyond the requirements of this new regulation.
Individual Data Subject's Rights - Data Access, Portability and Deletion
We are aware that if you are working with EU customers, you need to be able to provide them with the ability to access, update, retrieve and remove personal data. We got you! We've been set up as self service from the start and have always given you access to your data and your customers data. Our customer support team is here for you to answer any questions you might have about working with the API.
The California Consumer Privacy Act (CCPA) requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above.
We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:
Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
Right to Equal Service. We will not discriminate against you if you exercise your privacy rights.
Right to Delete. You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.
Request that a business that sells a consumer's personal data, not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
We do not sell the Personal Information of our users.
For more information about these rights, please contact us.
Don't hesitate to contact us if you have any questions.
Via Email: email@example.com
Via Phone Number: 7483127040