Ethical use statement:
GAIA is designed with privacy, transparency, and user control at its core. We aim to help individuals reflect on their whole health while respecting personal autonomy, minimising data use, and avoiding misuse of sensitive information. Our systems are built to support users, not to make decisions for them, or about them.

GAIA Health Ai (“GAIA”, “we”, “our”, or “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect information when you use the GAIA mobile application (the “App”).

1. Information We Collect

We collect the following categories of information:

a. Information You Provide

• Personal details such as name and email address (if you create an account)

• Health and wellness information you choose to enter, such as symptoms, health and wellbeing scores, medical information, notes, and medication information

• Audio recordings of consultations or meetings that you choose to record within the App and subsequently created AI-generated summaries

• Images captured using your device camera, such as photos of symptoms or medications

• Preferences and settings within the App

b. Child Profiles

• An account holder may create separate profiles for their children

• All data entered into child profiles is provided by the parent or guardian

• Children do not directly use the App or submit data themselves

c. Automatically Collected Information

• Device information (device type, operating system version)

• App usage data (screens viewed, features used, crash logs)

d. Information We Do Not Collect

• We do not collect precise location data

• We do not collect contacts

• We do not access the microphone or camera outside of user-initiated actions 

2. How We Use Your Information

We use your information to:

• Enable audio recording, image capture, and AI-powered summaries within the App 

• Process audio recordings and images to generate summaries and insights requested by you

• Store and display your health and wellness tracking data

• Create anonymised and aggregated analytical data that may be shared with third parties for research, statistical, or service improvement purposes

• Improve app performance, reliability, and user experience

• Respond to support requests

• Comply with legal obligations

Audio recordings and images are processed only to deliver features explicitly requested by you.

Personal data, including audio recordings, images, and health information, is not used to train public or general-purpose AI models.

AI-generated outputs are produced automatically but remain subject to human interpretation and user control. Users decide how outputs are used, stored, or shared.

AI-generated summaries and insights are informational only and are not medical advice, diagnosis, or treatment.

3. Legal Basis for Processing (GDPR and Equivalent Laws)

We process personal data in accordance with the General Data Protection Regulation (GDPR) and equivalent data protection laws worldwide.

Where multiple laws apply, we apply the highest applicable standard of data protection.

Our legal bases include:

• Your explicit consent

• Performance of a contract (providing the App)

• Legitimate interests such as improving the App, where these do not override your rights

GAIA may be used by individuals outside the UK or European Economic Area. Where personal data is transferred internationally, we apply appropriate safeguards such as standard contractual clauses or equivalent lawful mechanisms.

You may withdraw consent at any time.

4. Data Sharing and Third Parties

We do not sell your personal data.

Your data may be shared only in the following ways:

• With industry-standard AI and cloud service providers under GDPR-compliant contracts, strictly for operating and improving the App

• With third parties in anonymised and aggregated form, where individuals cannot be identified and data cannot be associated back to a specific user

All data is encrypted in transit using SSL/TLS and encrypted at rest. We do not share any data that could reasonably be used to identify an individual user.

All third parties are contractually required to comply with data protection laws and to use data only for the purposes described above.

5. Data Retention

We retain your data only for as long as your account is active or as necessary to provide the App.

If you close your account, personal data that can identify you will be deleted or irreversibly anonymised within 30 days, except where retention is required by law.

Anonymised data that can no longer reasonably be linked to an individual may be retained and used for analytics, research, and service improvement purposes, even after account closure.

If you explicitly request deletion of your data, both identifiable data and any associated data under our control will be deleted, subject only to legal retention obligations.

Secure backups are isolated and overwritten on a rolling basis and are not used for analytics or product development.

When you request account deletion, your data will be permanently deleted within 30 days, except where retention is required by law or where data exists in secure backups. Backup data is isolated and overwritten on a rolling basis.

6. Your Rights

You have the right to: 

- Access your personal data

- Correct inaccurate data

- Request deletion of your data

- Restrict or object to processing

Users may request deletion of their account and associated data by contacting us via email.

To exercise these rights, contact us at: contactus@gaiahealth.ai

7. Data Security

We use appropriate technical and organisational measures to protect your data.

• All data is encrypted in transit using SSL/TLS

• All data is encrypted at rest

We design our systems so that data cannot reasonably be associated back to an individual without additional information.

However, no system is 100% secure, and we cannot guarantee absolute security.

8. Data Breach Notification

In the event of a personal data breach, we will assess the risk and notify affected users and relevant supervisory authorities where required by applicable law.

9. Automated Decision-Making

GAIA does not make automated decisions that produce legal or similarly significant effects on individuals. AI-generated outputs are provided to support user reflection and decision-making only.

10. Children’s Privacy

GAIA is not intended to be used independently by children.

GAIA is intended for individuals aged 16 or over. Users must be at least 16 years old to create an account.

Parents or guardians may create and manage profiles for their children of any age, and enter information on their behalf. We do not knowingly allow children to create accounts or submit data directly.

Where local law requires a higher age for consent, that higher age applies.

If you believe a child has provided personal data without parental consent, please contact us and we will take appropriate action.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted within the App.

12. Contact Us

If you have questions about this Privacy Policy or your data, contact:

GAIA Support
Email: contactus@gaiahealth.ai