AÉSTA Data Submission Privacy Policy (MVP)
Effective Date: 30 August 2025
AÉSTA Ltd. ("AÉSTA", "we", "us") is committed to protecting your privacy. This policy outlines how we handle Personal Identifiable Information (PII) and Health Data ("Data") submitted through our secure onboarding portals for our MVP program.
1. Data Controller
AÉSTA Ltd., [Your Registered Address, City, Postcode, UK]. Contact: privacy@aesta.ai.
2. Data We Collect
PII Submission Flow (from `onboarding-initiation.html`):
- Full Name
- Email Address
- Phone Number (Optional)
- Postal Address (Optional)
Health Data Submission Flow (from `onboarding-health-data.html`, linked via AÉSTA AI ID):
- AÉSTA AI ID (Provided by us)
- Demographic & Biometric Data (Age, Sex, Height, Weight)
- Health Goals & Lifestyle Information
- Uploaded Health Data Files (e.g., lab results, tracker data) - you are instructed to strip PII from these files.
- Encrypted symmetric keys for file decryption (if client-side encryption was successful).
Technical logs (IP, browser) may be collected by our hosting provider (Netlify) for security and operational purposes.
3. How We Use Your Data & Lawful Basis
- To contact you: Using your PII to communicate about the MVP and AÉSTA services (Lawful basis: Legitimate Interest; Consent for marketing if applicable).
- To issue AÉSTA AI ID: Based on your PII submission (Lawful basis: Legitimate Interest, Performance of a contract/service).
- To generate insights: Analyzing Health Data (linked via AÉSTA AI ID) to provide preliminary personalized insights (Lawful basis: Performance of a contract/service you requested by participating in MVP; Explicit Consent for special category health data, evidenced by your proactive submission after PII removal instructions).
- To improve our services: Anonymized or aggregated data may be used for research and development (Lawful basis: Legitimate Interest).
4. Data Security & Storage
- Data is submitted via Netlify Forms, which provides secure transmission (HTTPS).
- Uploaded Health Data files are intended to be client-side encrypted before submission where feasible, meaning we receive an encrypted version along with an encrypted key for decryption.
- PII and Health Data are stored separately and linked only by the AÉSTA AI ID internally.
- Access to raw Data is strictly limited to authorized AÉSTA personnel.
- If you accidentally include PII in your Health Data files, we will take steps to remove or pseudonymize it before analysis.
- Your Health Data is normalized (e.g., "high cholesterol" instead of exact values) before being used by any AI models for generating insights. Full, unencrypted Health Data is not sent directly to AI models without these protective steps.
5. Data Sharing
We do not sell your Data. We may share Data with:
- Service providers (e.g., Netlify for hosting/forms, secure cloud storage providers for encrypted files) under strict data processing agreements.
- We will not share your PII with any third parties for their marketing purposes.
6. Data Retention
Data collected for the MVP will be retained for the duration of the MVP program and a reasonable period thereafter as necessary for analysis and communication, or as required by law. You can request deletion of your Data (see Your Rights).
7. Your Rights
You have rights regarding your Data, including access, rectification, erasure, restriction, and objection. To exercise these rights, contact privacy@aesta.ai. You also have the right to complain to the UK Information Commissioner's Office (ICO).
8. International Transfers
If Data is transferred outside the UK/EEA (e.g., by Netlify), it will be protected by appropriate safeguards like Standard Contractual Clauses.
9. Changes to this Policy
We may update this policy. Significant changes will be communicated.