Privacy Policy

Effective date: November 13, 2025
Company: Fitmedik Inc. (“Fitmedik”, “we”, “us” or “our”)
Registered address: 16192 Coastal Highway, Lewes, DE 19958, County of Sussex (Harvard Business Services, Inc. acts as our registered agent)
Scope: These Terms & Conditions (“Terms”) and Privacy Policy govern your access to and use of the Fitmedik software application(s) and web-based platform (collectively, the “Services”). They apply to customers, their authorized personnel and end-users, and any visitor to our websites or applications.

Note: Fitmedik builds an agentic platform for senior-care teams that automates documentation, extracts reports from electronic medical records (EMRs), converts care plans into alerts, and provides point-of-care support. It is intended for use by trained professionals. Fitmedik is not a licensed health-care provider and does not provide medical, legal or emergency advice.

2. Privacy Policy

2.1 Applicability

This Privacy Policy explains how Fitmedik collects, uses, shares and safeguards personal data when acting as a data controller (for example, for visitors to our website or marketing activities). When we process data on behalf of a customer (e.g., EMR data or care-plan information), we act as a data processor and follow that customer’s instructions. Customer agreements govern our handling of such data.

2.2 Personal Data We Collect

We collect and process different types of personal data:

  1. Information you provide directly. When you create an account, request a demo, contact us or otherwise interact with the Services, we collect your name, email address, employer/organization, profession, payment details (for subscription fees), and communications. We may also collect feedback or survey responses.
  2. Automatic data. We collect technical data from your device such as IP address, browser type, operating system, referring URLs, device identifiers, and usage information (time spent, queries submitted, features used). We use cookies and similar technologies to recognize you, personalize your experience, analyze usage and market our Services. You can control cookies through your browser settings.
  3. Information from third parties. We may receive information from security partners, marketing vendors, advertising providers, analytics services and event organizers to protect against fraud, identify potential customers and conduct marketing.
  4. Publicly available information. We may use publicly available data (e.g., published health statistics or industry benchmarks) to train and improve our AI models.

We do not knowingly collect personal data from children under 16 years of age and will promptly delete such data if discovered.

2.3 How We Use Personal Data

We use personal data for the following purposes:

  • Provide and maintain the Services. We use personal data to authenticate users, operate and improve our AI models, process transactions and deliver reports and alerts.
  • Research and development. We use data to develop, improve and test our algorithms and new features. This may include training AI models on anonymized or aggregated data. We do not use personally identifiable information in a way that would re-identify individuals for training purposes.
  • Personalization and marketing. We may use personal data to customize your experience, send service notices, updates and marketing communications and understand our customer base. Where required by law, we obtain your opt-in consent.
  • Customer support. We use your information to respond to inquiries, provide technical assistance and improve user satisfaction.
  • Security and fraud prevention. We use data to monitor, prevent and detect fraud, abuse and security threats and to enforce our Terms.
  • Legal compliance. We process personal data to comply with laws, regulations and legal requests and to protect the rights, safety and property of Fitmedik, our customers and others.
2.4 How We Share Personal Data

We do not sell personal data. We share personal data only in the following circumstances:

  • Service providers and sub-processors. We engage trusted third parties (e.g., cloud hosting, analytics, payment processors, AI infrastructure providers) to perform services on our behalf. These providers may have access to personal data only as necessary to perform their functions and are obligated to protect it. Data may be stored and processed in the United States by default and in other jurisdictions where our providers operate, subject to appropriate safeguards. You may request certain geographic storage options where permitted.
  • Customer instructions. When processing data on behalf of a customer, we share data as directed by that customer. For example, EMR data may be shared with authorized caregivers through the platform.
  • Business transfers. We may transfer personal data in connection with a merger, acquisition or sale of assets. You will be notified of any such transaction and choices you may have.
  • Legal obligations. We may disclose personal data if required to do so by law or in response to valid requests from public authorities.
  • Aggregated or de-identified information. We may share aggregated or de-identified data that cannot reasonably be used to identify you, for analytics, benchmarking or AI training.
2.5 International Data Transfers

Fitmedik is based in the United States and Canada but serves customers globally. Personal data may be transferred and stored in the United States or other countries where we or our service providers operate. We implement safeguards to protect data in cross-border transfers, such as standard contractual clauses or equivalent mechanisms. By using the Services, you consent to the transfer of information outside your country of residence.

2.6 Data Retention

We retain personal data only as long as necessary to fulfill the purposes described above, comply with legal obligations, resolve disputes and enforce our agreements. Retention periods depend on the nature of the data and our contractual obligations. We may retain aggregated or anonymized data indefinitely.

2.7 Your Rights and Choices

Depending on your jurisdiction, you may have rights to access, correct, delete or object to the processing of your personal data, and to withdraw consent or restrict processing. You may also have the right to data portability. To exercise these rights, please contact us using the details below. Where we process data on behalf of a customer, please direct your request to that customer (the data controller).

You can opt out of marketing emails at any time by using the unsubscribe link in the message. You can manage cookies through your browser settings or by using tools available in our cookie notice. Blocking cookies may affect certain features.

2.8 Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure or destruction. These measures include encryption, access controls, auditing and personnel training. While we strive to protect your data, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

2.9 Use of Cookies and Similar Technologies

We use cookies and similar technologies to provide and improve the Services and to personalize content. Cookies are small text files stored on your device. You can control cookies through browser settings; however, disabling cookies may limit functionality. Our cookie notice explains the types of cookies we use (functional, statistical and marketing) and how long they are stored.

2.10 Children’s Privacy

The Services are not directed to children under 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided personal data, please contact us. We will take steps to delete such information.

2.11 Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes to our practices or to comply with legal requirements. We will notify you of material changes by posting the revised policy on our website and indicating the “Effective date.” Continued use of the Services after updates become effective indicates acceptance of the revised policy.

2.12 Contact Us

If you have questions or concerns about these Terms or our privacy practices, or if you wish to exercise your data-protection rights, please contact:

Fitmedik Inc.
Attention: Legal/Privacy
16192 Coastal Highway
Lewes, DE 19958, USA
Email: compliance@fitmedik.com

References:
• Fitmedik’s Terms incorporate several best practices observed in publicly available terms for similar AI-enabled services, such as requiring users to be adults, reserving the right to change terms, disallowing illegal activities and scraping, clarifying that the service is not a medical provider and should not be used for emergencies, and limiting liability.
• Fitmedik’s Privacy Policy aligns with guidance that a privacy notice should explain what data is collected, why it is used, how it is shared, retention periods, and users’ rights. It distinguishes between data processed as a controller and as a processor, echoes requirements to inform users that AI training may use aggregated data, and draws on examples from health-tech privacy policies on the handling of user information and cookies.