Privacy Policy

1. Introduction

VitaConsult AI ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our health and longevity consultation platform at longevityconsult.vip (the "Service"). By using our Service, you consent to the practices described in this policy. We comply with the General Data Protection Regulation (GDPR), the Personal Data Protection Act (PDPA) of Singapore, and the Dubai Health Authority (DHA) data protection requirements.

2. Information We Collect

We collect the following categories of personal information: Account Information: When you create an account, we collect your name, email address, and authentication credentials through our OAuth provider. Consultation Data: When you use our AI consultation service, we collect the questions you ask and the AI-generated responses. This may include health-related information you voluntarily provide. Subscription & Payment Data: If you purchase a subscription, we collect billing information processed through our payment provider (Airwallex). We do not store your full credit card details on our servers. Usage Data: We automatically collect information about how you interact with our Service, including pages visited, features used, timestamps, and device/browser information. Cookies & Analytics: We use cookies and similar technologies to enhance your experience and collect analytics data. See Section 7 for details.

3. How We Use Your Information

We use your personal information for the following purposes: • Providing the Service: To deliver AI-powered health consultations, maintain your consultation history, and manage your account and subscription. • Improving the Service: To analyze usage patterns, improve AI response quality, and develop new features. • Communication: To send you important service updates, subscription reminders, and (with your consent) promotional communications. • Security & Compliance: To protect against unauthorized access, maintain audit logs as required by DHA regulations, and comply with legal obligations. • Payment Processing: To process subscription payments and manage billing through our payment provider.

4. Data Storage & Retention

Your data is stored on secure cloud servers with encryption at rest and in transit. We retain your personal data for as long as your account is active or as needed to provide the Service. Consultation history is retained to allow you to review past sessions. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as audit logs required by healthcare regulations). Payment records may be retained for up to 7 years for tax and accounting purposes.

5. Data Sharing & Third Parties

We do not sell your personal information. We may share your data with the following categories of third parties: • AI Service Providers: Your consultation queries are processed by our AI language model provider to generate responses. Queries are sent without personally identifiable information where possible. • Payment Processors: Airwallex processes your payment information in accordance with PCI DSS standards. • Cloud Infrastructure: Our hosting and database providers store your data under strict data processing agreements. • Legal Requirements: We may disclose information if required by law, court order, or governmental regulation. All third-party providers are bound by data processing agreements that ensure adequate protection of your personal data.

6. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data: • Right of Access: You can request a copy of the personal data we hold about you. • Right to Rectification: You can request correction of inaccurate personal data. • Right to Erasure: You can request deletion of your personal data (subject to legal retention requirements). • Right to Data Portability: You can request your data in a structured, machine-readable format. • Right to Restrict Processing: You can request that we limit how we use your data. • Right to Object: You can object to processing based on legitimate interests. • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time. To exercise any of these rights, please contact us at the email address provided in Section 10.

7. Cookies & Tracking Technologies

We use the following types of cookies: • Essential Cookies: Required for the Service to function (authentication, session management). These cannot be disabled. • Analytics Cookies: Help us understand how visitors interact with our Service. We use privacy-respecting analytics that do not track users across websites. • Preference Cookies: Remember your language selection and cookie consent choices. You can manage your cookie preferences through the cookie consent banner displayed on your first visit. You can also control cookies through your browser settings, though disabling essential cookies may affect Service functionality.

8. Data Security

We implement industry-standard security measures to protect your personal data, including: • TLS/SSL encryption for all data in transit • Encryption at rest for stored data • Role-based access controls • Regular security assessments • Audit logging for compliance with healthcare regulations While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We encourage you to use strong passwords and protect your account credentials.

9. International Data Transfers

Our Service is operated globally. Your data may be transferred to and processed in countries other than your country of residence. We ensure that any international data transfers comply with applicable data protection laws through appropriate safeguards, including standard contractual clauses approved by relevant authorities.

10. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us: Email: [email protected] Website: longevityconsult.vip For EU residents, you also have the right to lodge a complaint with your local data protection supervisory authority.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.