Health Data Privacy Policy
Effective Date: April 23, 2026 | Last Updated: April 23, 2026
This Health Data Privacy Policy supplements our main Privacy Policy and applies specifically to the processing of health-related and medical information through the askFinz Med platform (med.askfinz.ai) and any other askFinz services that process health data. It is provided by askFinz, an entity under Paul V | Holdings.
1. What Is Health Data?
For purposes of this Policy, "Health Data" means:
- Information you voluntarily submit that relates to physical or mental health conditions, symptoms, diagnoses, medications, or medical history.
- Search queries or content that reveals or could reveal health status.
- Data derived from wearables or health tracking devices if integrated with askFinz services.
- Any data classified as "sensitive personal data" relating to health under applicable law (e.g., Article 9 GDPR).
2. How We Use Health Data
We collect and process Health Data only for the following purposes:
- Providing the askFinz Med Service: To deliver medical information search results, research summaries, and AI-assisted health information queries.
- Improving AI accuracy and safety: Anonymised and aggregated health-related queries may be used to improve the quality, safety, and accuracy of askFinz AI models and search results. We will not use identifiable health data for AI training without explicit consent.
- Personalisation: To surface relevant health content and filter results appropriately.
- Legal compliance: Where required by law.
We do not use Health Data for advertising, marketing profiling, or commercial sale to third parties.
3. Important Disclaimers
askFinz Med is not a medical device and does not provide medical advice. Information provided through the service is for general informational and research purposes only. Always consult a qualified healthcare professional for diagnosis, treatment, or medical decisions. Do not disregard professional medical advice or delay seeking it based on information from askFinz.
4. Special Protections for Health Data
Because of the sensitivity of Health Data, we apply additional protections:
- Minimisation: We collect only the Health Data necessary to provide the requested service.
- Separation: Health Data is stored in logically separated data stores with enhanced access controls.
- Encryption: Health Data is encrypted at rest (AES-256) and in transit (TLS 1.3).
- Access controls: Access to Health Data is restricted to personnel and systems with a demonstrable need.
- No sale: Health Data is never sold, rented, or licensed to third parties.
- Consent for AI training: Identifiable Health Data will not be used for AI model training without your explicit, separate consent.
5. Sharing of Health Data
We may share Health Data only in the following limited circumstances:
- Service providers: Cloud and infrastructure vendors operating under strict contractual obligations and appropriate data processing agreements.
- Legal compliance: When required by applicable law, court order, or regulatory authority.
- With your consent: For any purpose explicitly consented to by you.
6. Your Rights Regarding Health Data
In addition to your rights under our Privacy Policy, you have the right to:
- Withdraw consent for health data processing at any time, without affecting prior processing.
- Request immediate deletion of all health-related data associated with your account.
- Request a portable copy of your health-related data in a machine-readable format.
- Object to automated decision-making based on Health Data.
To exercise these rights, contact privacy@askfinz.ai with the subject line "Health Data Request."
7. Retention
Health Data is retained only for as long as necessary to provide the Services or as required by law. Upon account deletion, Health Data is securely erased within 30 days, subject to any legal retention requirements.
8. Contact
- Health data inquiries: privacy@askfinz.ai (Subject: "Health Data")
- General legal: legal@askfinz.ai