Last updated: April 1, 2026

Privacy Policy

Aere (“Aere,” “we,” “us,” or “our”) operates aere.health and the Aere healthspan intelligence platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal and health information when you use our services. Because you are entrusting us with sensitive health data, we treat your privacy as a core obligation — not an afterthought.

By creating an account or using Aere, you agree to the practices described in this Policy. If you do not agree, please discontinue use of the platform.

1. Information We Collect

Account information. When you register, we collect your name, email address, and (if applicable) your Google account identifier. We do not store your Google password.

Health records you upload. You may upload PDF documents such as lab results, imaging reports, and clinical notes. These files are stored in encrypted cloud storage and are processed by our AI service to extract structured data. The original files are never made available to third parties except as described in Section 4.

Extracted biomarkers. Our AI extracts individual biomarker values (e.g., cholesterol, HbA1c, vitamin D) from your uploaded documents. These structured data points are stored in our database and used to power your healthspan dashboard, trend charts, and AI coaching.

Health profile and intake data. You may optionally provide additional context — including medical history, medications, allergies, emergency contacts, and demographic information — through our health intake form. This information is used to personalize AI analysis and, if you choose, to generate a pre-visit health brief you can share with your providers.

Usage data. We collect standard server logs including IP addresses, browser type, pages visited, and feature interactions. This data is used for security monitoring, debugging, and product improvement. It is not linked to your health data.

2. How We Use Your Information

We use your information to:

  • Provide, operate, and improve the Aere platform and its AI-powered features
  • Extract and structure biomarker data from your uploaded health documents
  • Generate personalized healthspan insights, trend analysis, and AI coaching responses
  • Create sharable health summaries or pre-visit briefs at your explicit request
  • Send transactional emails (e.g., account verification, password reset)
  • Process subscription payments and manage billing
  • Maintain security, detect fraud, and comply with legal obligations
  • Respond to your support requests

We do not use your health data to train AI models, build advertising profiles, or engage in any secondary commercial use beyond operating and improving Aere for you.

3. Legal Basis for Processing (where applicable)

We process your data on the basis of your consent (which you may withdraw at any time), the performance of our contract with you (providing the Aere service you signed up for), and our legitimate interests in operating a secure and compliant platform. Processing of health data is based solely on your explicit consent.

4. How We Share Your Information

We do not sell, rent, or trade your personal or health data. We share your information only in the following limited circumstances:

  • Cloud database and storage provider — your records and biomarker data are stored in an encrypted, access-controlled cloud database under a data processing agreement.
  • AI processing service — document content is transmitted to an AI service to parse your health records and generate insights. This service operates under a data processing agreement and is prohibited from using your data for its own purposes.
  • Payment processor — our PCI-DSS compliant payment processor handles all billing and subscription data. Aere does not store credit card numbers.
  • Email delivery service — your email address is shared with our transactional email provider solely for the purpose of sending account-related communications.
  • Cloud hosting provider — our hosting infrastructure serves the application. This provider does not access your stored health data.
  • Healthcare providers you designate — if you use Aere's sharing features to share a health summary or pre-visit brief with a provider, that provider will receive the data you explicitly chose to include. You control the scope, expiration, and revocation of all share links.

We may disclose information if required by law, court order, or a valid government request, or to protect the safety of our users or the public. We will notify you of such requests unless legally prohibited from doing so.

5. Data Security

We implement technical and organizational measures to protect your health information, including encryption of all stored files and records at rest, encryption of all data in transit, access controls ensuring users can only access their own records, secure session management, rate limiting, audit logging of all protected health information access, and soft-delete policies that prevent accidental data destruction. No system is 100% secure. If you discover a security vulnerability, please report it immediately to admin@aere.health.

6. Data Retention

We retain your account data and health records for as long as your account is active or as needed to provide the service. If you request account deletion, we will delete your personal data within 30 days, subject to any legal obligations requiring longer retention. Audit logs are retained for a minimum of 6 years in accordance with HIPAA requirements.

7. Your Rights

You have the right to:

  • Access — request a copy of the personal and health data we hold about you
  • Correct — update or correct inaccurate information in your account or health profile
  • Delete — request deletion of your account and associated data
  • Export — request your health records and biomarker data in a portable format
  • Withdraw consent — withdraw consent for data processing at any time, which will require account termination
  • Complain — lodge a complaint with your local data protection authority if you believe your rights have been violated

To exercise these rights, contact us at admin@aere.health. We will respond within 30 days.

8. Children's Privacy

Aere is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact admin@aere.health.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page and, for material changes, notify you via email or an in-app notice. Continued use of Aere after changes take effect constitutes acceptance of the revised policy.

10. Contact Us

Aere
Email: admin@aere.health
Website: aere.health