Privacy Policy.

MetaCura is built on a single principle: your health record is yours. This Privacy Policy explains what we collect, how we protect it, and the controls you have. We collect only what is necessary to provide your personal health companion, and we never sell patient data.

This policy covers metacura.ai, the MetaCura mobile and web applications, and any associated APIs or integrations (collectively, the “Services”).

To provide the Services, we collect the following categories of information:

• Clinical records, encounters, lab results, imaging, medications, visit notes, and other FHIR-compatible health data you authorize from your providers or upload directly.
• Wearable telemetry, vital signs, sleep, activity, and continuous-monitoring data from connected devices, with your consent.
• Account information, name, email, phone number, demographics required for clinical interpretation, and authentication credentials.
• Usage data, pages viewed, features used, and diagnostic logs needed to keep the Services reliable. Usage data is never linked to your clinical record without your explicit consent.

We use your information only to operate, secure, and improve the Services for you. Specifically:

• Consolidate, organize, and present your longitudinal medical record.
• Generate clinical-grade interpretations, alerts, and recommendations grounded in your record.
• Coordinate with your providers, laboratories, and pharmacies, only with your explicit consent.
• Maintain the security, integrity, and reliability of the platform.

Your clinical record is never used to train AI models, sold to third parties, or shared with advertisers.

Your clinical record is encrypted with AES-256 at rest and TLS 1.3 in transit. Per-record encryption keys are derived from your credentials and held by you, even MetaCura personnel cannot read your record.

We follow HITRUST-aligned security controls, undergo annual third-party audits, and maintain audit logs of every record access and disclosure.

You have full control over your record at all times:

• Access, view every clinical record, alert, and AI interpretation in your account.
• Granular consent, share specific records or your entire record with providers, family, or designated caregivers, and revoke any access at any time.
• Portability, export your full clinical record as a structured bundle, PDF clinical summary, or raw CSV, with no fees, anytime.
• Deletion, request deletion of your account at any time. We retain only the minimum required by clinical regulation.

We share information only in the following limited circumstances:

• With your consent, when you authorize sharing with a provider, family member, or care partner.
• Service providers under BAA, vetted infrastructure, hosting, and analytics partners bound by Business Associate Agreements and HIPAA-equivalent protections.
• Legal obligations, when required by valid legal process, with patient notification where permitted by law.

We never sell, rent, or trade patient data. Period.

We retain clinical records for as long as your account is active. Upon deactivation, we automatically export your full record and retain only the minimum required by applicable healthcare regulations (typically 7 years for medical records under HIPAA), after which records are securely deleted.

You can request immediate deletion of non-regulated data at any time via your account settings.

We may update this policy as the Services evolve or to comply with legal requirements. Material changes will be announced 30 days in advance, and we will notify you by email and in-app notification. Continued use after the effective date constitutes acceptance of the updated policy.