Privacy Policy

1. Data We Collect

What we collect:

• Account information: email address, username, password hash. Stored in a secure cloud database for authentication. Email is required as your identity credential for login and doctor binding.
• Health records: follow-up records, test results, nodule data, and other information you voluntarily enter. Stored in encrypted local storage on your device — never uploaded to any cloud server.
• AI conversation records: de-identified health descriptions. Personal identifiers are reversibly anonymized before being sent to cloud AI models. Anonymized data is stored in a cloud data lake for generating AI health advice and service improvement.
• Device information: device model, OS version — used for compatibility and basic analytics.

What we do NOT collect:

• Name, national ID number, or home address (unless you voluntarily enter them in your health records)
• Precise location data
• Contacts, photo gallery, SMS, or other sensitive device data
• Complete payment information (payments are processed by third-party providers; we never see your full payment credentials)

2. How We Use Your Data

• Account information is used for authentication and subscription management.
• Health records are stored and processed locally on your device only — they are not uploaded to the cloud.
• AI conversation data is de-identified before being sent to cloud AI models. Results are used solely to generate health advice and stored in anonymized form for service improvement.
• De-identified usage data may be used for product optimization and analytics, but cannot be traced back to any individual.

3. Data Storage & Security

• Health records: stored in encrypted local databases (iOS Keychain / Android EncryptedSharedPreferences) — never uploaded to any cloud server.
• Account data: stored in a secure cloud database with hashed passwords.
• Transmission: all network communication uses TLS/SSL encryption.
• Local encryption: sensitive data is encrypted at rest on your device.
• Doctor workstation (LIVE2LIFE-BOX_Pro): all clinical data is stored locally on the edge device. Core clinical functions work fully offline without internet access.

4. Cross-Border Data Transfer

When you use the AI health advice feature, de-identified text (containing no name, contact information, address, or other identifiable data) is sent to cloud AI models for processing. These servers may be located outside mainland China. The data is anonymized and cannot be traced back to any individual.

5. Device Permissions

This app may request the following device permissions:

• Storage: to save health reports and AI advice to your device.
• Notifications: to send CT follow-up reminders and doctor messages (optional).
• Bluetooth: to connect wearable devices (e.g. Apple Watch) for heart rate and SpO₂ sync (with your additional consent).

You may revoke any permission at any time in your device system settings. Core health record functionality is not affected by disabling permissions.

6. Third-Party Services

We may engage third-party service providers to assist in delivering parts of this software, including but not limited to cloud data processing, AI model inference, and cloud infrastructure hosting. These providers process data only to the extent necessary and are bound by confidentiality obligations.

We require all third-party service providers to comply with applicable data protection laws and to implement reasonable security measures to protect your information.

7. Data Sharing

• We do NOT sell, rent, or share your personal health data with third parties.
• Your health data is shared ONLY with the doctor(s) you explicitly connect to via binding code.
• Aggregated, de-identified data may be used for product improvement and clinical research.

8. Your Rights

Under applicable data protection laws (including China's Personal Information Protection Law and the GDPR), you have the following rights:

• Right to know: what data we collect and how it is used.
• Right to access: request a copy of your personal data.
• Right to rectify: correct inaccurate personal information.
• Right to delete (right to be forgotten): request deletion of your account and associated data. You can also self-serve directly in the app via Settings → Data Management → Delete All Data. Deletion is irreversible.
• Right to data portability: receive your data in a structured, commonly used format.
• Right to withdraw consent: withdraw your consent to data processing without affecting the lawfulness of processing carried out before withdrawal.
• Right to complain: lodge a complaint with a data protection supervisory authority.

To exercise these rights, contact us via the email below. We will respond within 30 days.

9. Medical Disclaimer

LIVE2LIFE-Health_WK provides AI-assisted insights for informational purposes only. It does not constitute medical diagnosis, treatment advice, or replace professional clinical judgment. Always consult your physician for any health-related decisions.

10. Children's Privacy

This software is not intended for users under 18 years of age. If we inadvertently collect personal information from a minor, we will delete it immediately.

11. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be notified via in-app notice or the contact information you provided during registration. Continued use after material changes constitutes acceptance of the updated policy.

12. Applicable Law

This privacy policy is formulated in compliance with the Personal Information Protection Law (PIPL) of the People's Republic of China and relevant regulations, with reference to the data processing principles of the General Data Protection Regulation (GDPR) and the health data protection principles of the Health Insurance Portability and Accountability Act (HIPAA).

13. Contact

If you have any questions, concerns, or requests regarding this privacy policy, please contact us:

Email: info@live2life.ltd