Your Privacy Matters

Privacy Policy

Last Updated: October 6, 2025

Introduction

VisionScan, Inc. ("VisionScan," "we," "us," or "our") is committed to protecting your privacy and the confidentiality of your personal health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered retinal imaging services, website, and mobile applications.

Information We Collect

Personal Information

We collect the following types of personal information:

  • Identity Information: Name, date of birth, gender, contact details (email, phone, address)
  • Health Information: Medical history, retinal images, diagnostic results, treatment records, insurance information
  • Account Information: Username, password, security questions, account preferences
  • Payment Information: Billing address, payment method details (processed securely by our payment processor)
  • Technical Information: IP address, browser type, device information, usage data, cookies

How We Collect Information

  • Directly from you: When you create an account, schedule appointments, or communicate with us
  • From healthcare providers: When they use our platform to provide care
  • Automatically: Through cookies and similar technologies when you use our services
  • From third parties: Insurance companies, healthcare facilities, or business partners with your consent

How We Use Your Information

We use your information for the following purposes:

  • Providing Services: Conducting retinal scans, analyzing images, generating diagnostic reports
  • Treatment and Care Coordination: Sharing information with your healthcare providers for treatment purposes
  • Communication: Sending appointment reminders, test results, and important updates
  • Research and Development: Improving our AI algorithms (using de-identified data only)
  • Legal Compliance: Meeting regulatory requirements and legal obligations
  • Security: Protecting against fraud, unauthorized access, and security threats
  • Business Operations: Billing, customer support, quality improvement

How We Share Your Information

We may share your information with:

  • Healthcare Providers: Doctors, specialists, and medical facilities involved in your care
  • Business Associates: Service providers who help us operate (subject to confidentiality agreements)
  • Insurance Companies: For billing and claims processing (with your authorization)
  • Legal Authorities: When required by law or to protect rights and safety
  • Research Partners: For scientific research (only de-identified data)

We will NEVER sell your personal health information to third parties.

Your Rights and Choices

You have the following rights regarding your information:

  • Access: Request copies of your personal and health information
  • Correction: Request corrections to inaccurate or incomplete information
  • Deletion: Request deletion of your information (subject to legal requirements)
  • Restriction: Request restrictions on certain uses of your information
  • Portability: Receive your information in a portable format
  • Opt-Out: Unsubscribe from marketing communications
  • Revoke Consent: Withdraw consent for specific uses (where applicable)

Data Security

We implement robust security measures to protect your information:

  • End-to-end encryption for data in transit and at rest
  • Multi-factor authentication for account access
  • Regular security audits and penetration testing
  • Employee training on data protection and HIPAA compliance
  • Secure data centers with physical and digital safeguards
  • Incident response procedures for potential data breaches

Data Retention

We retain your information for as long as necessary to provide services and comply with legal obligations. Medical records are retained for a minimum of 7 years as required by California law. De-identified research data may be retained indefinitely.

Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13 without parental consent. If you believe we have collected such information, please contact us immediately.

California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to deletion, and the right to opt-out of sales (though we do not sell personal information).

International Data Transfers

Your information is primarily stored and processed in the United States. If you access our services from outside the U.S., your information may be transferred to, stored, and processed in the U.S. where our servers are located.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through our platform. The "Last Updated" date at the top indicates when the policy was last revised.

Contact Us

For questions about this Privacy Policy or to exercise your privacy rights, contact us:

  • Email: privacy@visionscan.io
  • Phone: (415) 555-0123
  • Mail: VisionScan, Inc., Attn: Privacy Officer, 1123 Claire St, Suite 104, San Francisco, CA 94102
  • HIPAA Privacy Officer: compliance@visionscan.io

This Privacy Policy complies with HIPAA, HITECH Act, CCPA, and other applicable privacy regulations. For information specific to HIPAA compliance, please see our HIPAA Compliance page.