1. Introduction EyeCareX is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data in compliance with applicable privacy laws, including PIPEDA (Canada) and other relevant regulations.

By using our services, you agree to the terms of this Privacy Policy and provide explicit consent to the collection and processing of your data. If you do not agree, you must discontinue use of our services immediately.

 

2. Definitions

• "Patients": Individuals using EyeCareX for personal eye care assessments, including image capture and AI-driven insights.

• "Healthcare Professionals": Licensed providers (e.g., optometrists) using EyeCareX to review patient data, AI assessments, or clinical recommendations.

• "Users": Refers to both Patients and Healthcare Professionals collectively.

 

3. Information We Collect EyeCareX collects different types of information to provide and improve our services, including:

a. Personal and Contact Information:

• Name, email address, phone number, and mailing address (if applicable).

b. Biometric and Health Data:

• For Patients: Eye images, facial images, and other health-related data provided for AI analysis.

• For Healthcare Professionals: Data entered while reviewing patient records, clinical notes, and usage analytics related to AI model performance.

c. Device and Usage Information:

• IP addresses, device type, operating system, browser type, and interaction data with our platform.

d. Payment Information (if applicable):

• If you make a purchase, we process payments via third-party providers (e.g., Stripe, PayPal). EyeCareX does not store payment details.

e. Cookies and Tracking Technologies:

• We use cookies, log files, and analytics tools to enhance user experience and optimize platform performance.

f. Data Minimization & Purpose Limitation:

• EyeCareX only collects the minimum personal data required for service provision, research, and security. Your data will not be used for purposes beyond those stated in this policy without your explicit consent.

• Before collecting any personal data, EyeCareX will notify users about what data will be collected, how it will be used, and request explicit consent where required.

 

4. How We Use Your Information We use your data for the following purposes:

• For Patients: To deliver and improve AI-driven eye care insights and support research.

• For Healthcare Professionals: To facilitate patient data review, AI-driven clinical insights, and usage analytics.

• AI Research & Training: To enhance EyeCareX’s AI-driven eye care solutions.

• Security & Compliance: To prevent fraud, ensure regulatory compliance, and protect our systems.

• Customer Support: To respond to inquiries and troubleshoot service issues.

• Analytics & Development: To optimize platform functionality and develop new features.

EyeCareX does not sell or rent personal information to third parties.

 

5. Data Sharing & Third-Party Service Providers We may share your data under the following conditions:

• With Authorized Service Providers: Third-party partners (e.g., AWS) that help us operate and maintain our platform.

• For Legal & Compliance Purposes: If required by law or to comply with government requests.

• With Your Explicit Consent: Any additional data sharing (e.g., research collaborations) will require your informed consent.

• Healthcare Professional Responsibilities: Healthcare professionals confirm that they have obtained all necessary patient consents in compliance with PIPEDA, HIPAA (if applicable), and local privacy laws before sharing any patient data through EyeCareX.

• All third-party vendors handling personal data on behalf of EyeCareX must comply with PIPEDA or equivalent data protection laws. Regular compliance audits are conducted to ensure adherence.

• EyeCareX is not responsible for service failures, data breaches, or security vulnerabilities occurring within third-party platforms.

 

6. Data Retention & Deletion EyeCareX retains user data only as long as necessary for its intended purpose or as required by law.

• For Patients: You may request data deletion at any time, subject to legal or research requirements.

• For Healthcare Professionals: EyeCareX retains patient records only as long as necessary for research, compliance, or legal reasons. Healthcare professionals must ensure that local laws regarding patient data storage are followed.

• User Request for Deletion: You may request data deletion by contacting info@eyecarex.com. However, anonymized data used for AI training cannot be removed.

• Automatic Deletion: Data no longer required will be securely deleted or anonymized.

 

7. AI & Automated Decision-Making EyeCareX uses artificial intelligence (AI) for automated analysis and assessment. AI-generated results are based on training data and statistical models and may not always be accurate. Healthcare professionals remain solely responsible for all clinical decisions and should use AI-generated insights as supplementary tools, not as definitive diagnoses.

• EyeCareX does not guarantee the accuracy, reliability, or applicability of AI-generated results and disclaims any liability for reliance on such insights.

 

8. International Data Transfers EyeCareX may store and process personal data on secure servers located in Canada, the United States, or other jurisdictions. By using our services, you consent to the transfer of your data to these locations, where privacy laws may differ.

 

9. Security Measures & Breach Notification Policy We implement strong encryption, secure storage, and restricted access controls to protect user data. While we take every precaution, no system is 100% secure. Users are responsible for safeguarding their own devices and passwords.

In the event of a security breach that poses a risk of harm to your personal data, EyeCareX will notify affected users within 72 hours or as soon as feasible after discovering the breach and report the breach to the Office of the Privacy Commissioner of Canada (OPC) as required by law.

 

10. Limitation of Liability & Indemnification

• EyeCareX is not liable for any direct, indirect, incidental, or consequential damages arising from the use or misuse of our services, including but not limited to medical, legal, or financial decisions made in reliance on AI insights.

• Users agree to indemnify, defend, and hold harmless EyeCareX, its affiliates, officers, employees, and partners from any claims, damages, liabilities, or legal expenses arising from their use or misuse of EyeCareX services.

 

11. Dispute Resolution & Class Action Waiver

• By using EyeCareX’s services, you agree that any disputes arising from this Privacy Policy shall be resolved through binding arbitration in British Columbia, Canada.

• You waive any rights to file or participate in a class action lawsuit against EyeCareX, except where prohibited by law.

 

12. Updates to This Privacy Policy Changes to this Privacy Policy apply only to data collected after the updated policy takes effect. Previously collected data remains subject to the policy in place at the time of collection, unless otherwise required by law.

 

13. Contact Information For any privacy-related inquiries, please contact:

EyeCareX Privacy Officer
Email: info@eyecarex.com