1. Introduction
ANSR Health AI (“ANSR,” “we,” “us,” or “our”) is a family health platform that helps families and assisted-living facilities coordinate care for the elderly, wherever they live.
We provide our services through a web dashboard, a mobile application, and WhatsApp-based notifications via the WhatsApp Business API. This Privacy Policy explains what data we collect, how we use it, how we protect it, and what rights you have.
By using our platform, you agree to the practices described here. If you do not agree, please do not use the services.
2. Information we collect
2.1 Information you provide
- Account information: Name, email address, phone number, and authentication credentials when you create an account.
- Profile details: Relationship to the elderly person (son, daughter, caregiver, staff member), location, and language preferences.
- Health records: Prescriptions, lab reports, medical history, doctor visit notes, and health documents you or your facility’s staff upload.
- Medication details: Medication names, dosages, schedules, and adherence records.
- Feedback and communications: Messages you send to us, survey responses, and feedback form submissions.
2.2 Information collected automatically
- Device information: Device type, operating system, browser type, and app version.
- Usage data: Pages visited, features used, time spent, and interaction patterns.
- Wearable and sensor data: Heart rate, SpO2, sleep patterns, activity levels, and other vitals collected through connected devices.
- Location data: General region (city or metro area) for service delivery — not precise GPS tracking.
2.3 Information from third parties
- WhatsApp: When you interact with us via WhatsApp, we receive your phone number, message content, and delivery/read status through the WhatsApp Business API.
- Healthcare providers: With your explicit consent, we may receive health data from doctors, labs, or hospitals you connect to your account.
- Assisted-living facilities: When you are a family member of someone in an ANSR-partnered facility, we receive structured check-in data, medication logs, and clinical notes the facility’s staff records for your resident.
2.4 Mobile app permissions and device health data
Our iOS and Android apps request the following device permissions. Each is optional, used only for the feature described, and can be revoked at any time in your device settings:
- Camera and photo library: Only to photograph or attach medical documents, prescriptions, and profile photos that you choose to add to your health wallet. We access only the items you select.
- Microphone and voice recordings: Only to record voice check-ins and voice messages. Audio is transmitted securely and processed (including speech-to-text transcription, which may use third-party AI processors bound by contract) solely to power those features, then retained or deleted per Section 7.
- Notifications: A device push token so we can deliver health alerts, medication reminders, and check-in updates.
- Apple Health (HealthKit) and Google Health Connect: With your explicit on-device permission, we read the vitals you authorise — such as heart rate, resting heart rate, heart rate variability, blood oxygen, respiratory rate, body temperature, steps, and sleep — from your Apple Watch or connected health platform.
3. How we use your information
We use your data to:
- Deliver our services: Monitor vitals, send medication reminders, generate health summaries, and power family and facility dashboards.
- Send notifications: Health alerts, daily wellness updates, medication reminders, and care coordination messages via our app, web dashboard, and WhatsApp.
- Improve the platform: Analyse usage patterns to enhance features, fix issues, and develop new capabilities.
- Provide AI-assisted insights: Detect trends, identify early warning signs, and generate personalised wellness information grounded in your own health records. These insights are informational and are not a substitute for professional medical advice.
- Communicate with you: Respond to inquiries, send service updates, and share important announcements.
- Ensure safety and security: Prevent fraud, detect abuse, and maintain the integrity of the platform.
4. WhatsApp and Meta Platform data
We use the WhatsApp Business API (a Meta Platform product) to send health notifications, medication reminders, wellness updates, and one-time password (OTP) verification codes to users who have opted in.
4.1 Data we receive via WhatsApp
- Phone numbers of users who message us or opt in to receive notifications.
- Message content sent to our WhatsApp Business number.
- Message delivery and read receipts.
4.2 How we handle Meta Platform data
- We do not sell, license, or transfer any data received from Meta Platform (including WhatsApp) to any third party.
- We do not use Meta Platform Data for advertising, marketing to third parties, or building advertising profiles.
- We do not share Meta Platform Data with data brokers, ad networks, or any monetization services.
- We use WhatsApp data only to provide and improve our elderly care services — OTP verification, health reminders, wellness updates, and urgent alerts.
- If a user opts out of WhatsApp messaging, we stop sending messages and delete their WhatsApp-specific interaction data within 30 days.
- We store Meta Platform Data with encryption at rest and in transit.
4.3 Opting out of WhatsApp messages
You can stop receiving WhatsApp messages at any time by:
- Replying “STOP” to any WhatsApp message from us.
- Updating your notification preferences in the app or web dashboard.
- Contacting us at hello@ansrhealthai.com.
5. How we share your information
We share data only in these limited circumstances:
- With your care circle: Family members, facility staff, and caregivers you (or your facility’s admin) explicitly authorise can view shared health data through role-based access controls.
- With healthcare providers: Only with your explicit consent, we may share health summaries or records with doctors, hospitals, or labs you designate.
- Service providers: We use trusted third-party services (cloud hosting, analytics, communication tools) that process data on our behalf under strict contractual obligations.
- Legal requirements: We may disclose data if required by law, court order, or to protect the safety of our users.
- Emergency situations: In life-threatening emergencies, we may share relevant health data with emergency responders to protect the elderly person’s safety.
6. Data security
We take data security seriously and implement industry-standard measures:
- Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
- Access controls: Role-based access ensures only authorised personnel and users can view specific data.
- Infrastructure: Secure cloud infrastructure with regular security audits and monitoring.
- Authentication: OTP-based passwordless authentication for users; multi-factor authentication for administrators.
- Employee access: Our team members access personal data only on a need-to-know basis, under confidentiality obligations.
While we implement robust security measures, no system is 100% secure. If we become aware of a data breach that affects your personal information, we will notify you and the relevant authorities as required by law.
7. Data retention
We retain your data as follows:
- Account data: Retained as long as your account is active. After account deletion, personal data is removed from production systems within 30 days and from encrypted backups within 90 days, except where retention is required by law.
- Health records: Retained for the duration of your account. When you delete your account, health records are deleted with it — removed from production systems within 30 days and from encrypted backups within 90 days. See our account deletion page for details.
- Usage and analytics data: Retained in anonymised form for up to 3 years for service improvement.
- WhatsApp interaction data: Retained for 1 year for service delivery, then deleted unless required for legal compliance.
- Feedback submissions: Retained for 2 years or until the purpose of collection is fulfilled.
8. Your rights
8.1 Under GDPR (users in the European Economic Area)
If you are located in the EEA, you have the right to:
- Access: Request a copy of the personal data we hold about you.
- Rectification: Request correction of inaccurate or incomplete data.
- Erasure: Request deletion of your personal data (“right to be forgotten”).
- Restriction: Request that we limit how we process your data.
- Portability: Receive your data in a structured, machine-readable format.
- Objection: Object to processing based on legitimate interests.
- Withdraw consent: Withdraw previously given consent at any time.
8.2 Under the Digital Personal Data Protection Act, 2023 (India)
If you are located in India, you have the right to:
- Review: Review the personal information we hold about you.
- Correct: Request correction of inaccurate personal information.
- Withdraw consent: Withdraw consent for data processing at any time (note: this may affect service availability).
- Grievance redressal: File a complaint with our Grievance Officer (details below).
To exercise any of these rights, contact us at hello@ansrhealthai.com. We will respond within 30 days.
9. Children's privacy
Our services are designed for adults and elderly individuals. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will delete it.
10. International data transfers
Your data may be processed in India and other countries where our service providers operate. When we transfer data outside your country of residence, we ensure appropriate safeguards are in place:
- Standard contractual clauses approved by relevant authorities.
- Data processing agreements with all third-party providers.
- Encryption of data in transit and at rest.
11. Changes to this policy
We may update this Privacy Policy from time to time. When we make significant changes, we will:
- Update the “Effective Date” at the top of this page.
- Notify you via email or in-app notification.
- Post a notice on our website.
We encourage you to review this page periodically.
12. Contact us
If you have questions about this Privacy Policy or want to exercise your rights, reach out:
ANSR Health AI, Inc.
Frisco, Texas, USA · Chennai, India
Email: hello@ansrhealthai.com
Website: ansrhealthai.com
For grievances under the Digital Personal Data Protection Act, 2023, contact our Grievance Officer at the same email. We acknowledge complaints within 48 hours and resolve them within 30 days.