INTRODUCTION
Wizey LLC ("we," "our," "us," or the "Company") is committed to protecting the privacy and security of your personal information and health data. This Privacy Policy explains in detail how we collect, use, share, and protect your information when you use our website (wizey.one), mobile application, API services, and related services (collectively, the "Services"). Our Services are designed to provide AI-powered analysis of medical test results and health-related recommendations. We understand the sensitive nature of health information and maintain strict compliance with applicable healthcare privacy laws and regulations, including:
We encourage you to read this Privacy Policy carefully to understand our practices regarding your information and how we treat it. We adhere to the principle of data minimization, collecting only the information necessary to provide our Services. We process sensitive health data only with your explicit consent, which you may withdraw at any time.
- The Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations
- The General Data Protection Regulation (EU) 2016/679 (GDPR)
- The California Consumer Privacy Act (CCPA)
- State-specific healthcare privacy laws
- Other applicable international data protection laws
DEFINITIONS
To help you better understand this Privacy Policy, we use the following defined terms:
"Protected Health Information" (PHI):
Any individually identifiable health information that is created, received, maintained, or transmitted by healthcare providers, health plans, and healthcare clearinghouses that is transmitted by electronic media, maintained in electronic media, or transmitted or maintained in any other form or medium.
"Personal Data":
Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
"Special Categories of Personal Data":
Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data processed for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a person's sex life or sexual orientation.
"Processing":
Any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
"Data Controller":
The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
"Data Processor":
A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
"User," "you," or "your":
Any individual who uses our Services, including patients, healthcare providers, and other authorized users.
SCOPE OF THIS POLICY
This Privacy Policy applies to all personal information and health data collected through our Services, including:
- Information provided directly by users
- Information collected automatically through our Services
- Information received from third parties
INFORMATION WE COLLECT
We may collect the following types of information, only as necessary to provide our Services:
- Personal identification information (e.g., name, email address)
- Health-related information (e.g., medical history, test results) with your explicit consent
- Technical information (e.g., IP address, device information)
- Usage data (e.g., service interactions, preferences)
You are responsible for ensuring the accuracy of the information you provide.
HOW WE USE YOUR INFORMATION
We use collected information for the following purposes:
- Providing and improving our Services
- Personalizing user experience
- Analyzing health data and providing recommendations with your consent
- Communicating with users
- Complying with legal obligations
LEGAL BASIS FOR PROCESSING
We process personal information based on the following legal grounds:
- Performance of a contract
- Explicit consent for health data
- Legitimate interests (e.g., service improvement)
- Compliance with legal obligations
DATA STORAGE AND SECURITY
We implement appropriate technical and organizational measures to protect your information, including:
- Encryption of data in transit and at rest (e.g., AES-256)
- Regular security audits and penetration testing
- Access controls and multi-factor authentication
- Incident response procedures
While we take all reasonable steps to secure your data, no system is entirely immune to cyber threats.
SHARING AND DISCLOSURE OF INFORMATION
We may share information only with:
- Service providers and partners bound by data protection agreements
- Legal authorities when required by law
- Affiliated companies under strict safeguards
- In connection with business transfers, with notice to users
YOUR RIGHTS AND CHOICES
You have the following rights regarding your data:
- Access and rectification
- Data portability
- Withdrawal of consent at any time
- Deletion of data
- Objection to processing
INTERNATIONAL DATA TRANSFERS
We may transfer data internationally with appropriate safeguards:
- Standard Contractual Clauses (SCCs) per GDPR
- Adequacy decisions by relevant authorities
- Binding corporate rules
We assess the adequacy of data protection in receiving countries.
DATA RETENTION
We retain data only as long as necessary:
- For the purposes for which it was collected
- To comply with legal obligations
- To resolve disputes
CHILDREN'S PRIVACY
Our Services are not directed to children under 16:
- We do not knowingly collect children's data
- Parental consent is required for users under 16, verified per applicable laws (e.g., COPPA, GDPR)
- Parents can request deletion of children's data
CHANGES TO THIS POLICY
We may update this policy and will notify users of material changes:
- Through our website
- Via email notification
- Through in-app notifications
Continued use of the Services constitutes acceptance of updates.
CONTACT INFORMATION
For questions about this policy, contact us at:
- Email: [email protected]
- Address: Wizey LLC, 5830 E 2nd St, Ste 7000 #34409, Casper, WY 82609, USA
JURISDICTION-SPECIFIC PROVISIONS
Additional provisions for specific jurisdictions:
- California Consumer Privacy Act (CCPA) rights
- GDPR rights for EU residents
- Other regional data protection laws
This Privacy Policy may be available in multiple languages. In case of any discrepancy, the English version shall prevail.