Last Updated: March 10, 2022

Our Role

Healthcare providers that use AEYE's services are responsible for determining how patient information is collected and used. In these situations, the healthcare provider acts as the data controller, while AEYE acts as a data processor on behalf of the provider.

​

AEYE processes information solely to provide and support its services and does not independently determine the purposes for which patient health information is collected.

Information We Process

• Retinal images used for screening and diagnostic purposes
• Exam identifiers
• Medical Record Numbers (MRNs) or other identifiers where required for system integrations
• Diagnostic results generated by our services

We process only the information necessary to deliver our services and support patient care workflows.

How Information Is Used

Information is processed to:

• Deliver diagnostic screening results to healthcare providers
• Operate, maintain, and improve our services
• Support integrations with healthcare systems and workflows
• Meet legal and regulatory requirements

​

Healthcare providers use the results generated through AEYE to support patient care, diagnosis, treatment decisions, and communication with patients.

In some cases, de-identified and pseudonymized retinal images may be used to improve and enhance our AI systems.

Information Sharing

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

AEYE does not sell patient information.

Information may be shared only in limited circumstances, including:

• With healthcare providers to deliver screening results and diagnostic outputs
• With trusted service providers that host or support our systems
• When required by law or regulation
• In connection with mergers, acquisitions, or business transfers
• In emergency situations involving patient or public safety

 

Data Storage and Security

AEYE operates services using systems located in the United States.

We implement administrative, technical, and organizational safeguards designed to protect information against unauthorized access, misuse, alteration, or loss. While we apply industry-standard security measures, no system can guarantee absolute security.

 

Data Retention

Patient information is retained according to agreements with healthcare providers and applicable legal requirements.

AEYE may retain anonymized and de-identified data used for research, development, and improvement of its AI technologies.

Patient Rights

Patients may have rights under applicable laws, including access, correction, deletion requests, restrictions, consent withdrawal, and certain privacy notifications.

Requests regarding patient data should generally be directed to the relevant healthcare provider.

 

Changes to This Policy

We may update this Privacy Policy from time to time and provide notice when required.

 

Contact Us

AEYE Health, Inc.
Email: info@aeyehealth.com