privacy policy

EVAA.AI PRIVACY POLICY

Effective Date: May 12, 2026

Last Updated: May 18, 2026

1. Introduction

Evaa.ai, LLC operates the EVAA.AI platform ( “Service”), an AI-enabled platform designed to support administrative and workflow functions for ophthalmology and optometry practices.

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use EVAA.AI.

2. Information We Collect

2.1 Personal Information

We may collect:

  • Name, email, phone number
  • Organization/practice details
  • Login credentials
2.2 Healthcare and Operational Data

Depending on usage, the the EVAA.AI platform may process:

  • Patient demographic information
  • Appointment and workflow data
  • Clinical documentation (non-diagnostic support)

The EVAA.AI platform is designed to support HIPAA-aligned workflows but customers are responsible for
ensuring lawful use of PHI.

2.3 Automatically Collected Data
  • Device information
  • IP address
  • Usage logs
  • App performance data

3. How We Use Information

We use data to:

  • Provide and improve the EVAA.AI platform
  • Enable workflows and automation
  • Support customer operations
  • Ensure system security and integrity
  • Comply with legal obligations

4. AI Processing Disclosure

The EVAA.AI platform uses artificial intelligence to generate outputs (e.g., documentation, summaries,
communication drafts).

  • Outputs may be inaccurate or incomplete
  • Human review is required
  • Data may be processed using automated systems

5. Data Sharing and Disclosure

We may share information with:

  • Service providers (hosting, infrastructure, analytics)
  • Authorized users within your organization
  • Legal authorities when required

We do not sell personal data.

6. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect data. However:

  • No system is completely secure. Users are responsible for appropriate use and safeguards.

7. HIPAA and Healthcare Data

  • The EVAA.AI platform supports secure handling of healthcare data
  • A Business Associate Agreement (BAA) may be required where applicable
  • Customers are responsible for HIPAA compliance

8. International Data Transfers

If you are located outside the United States:

  • Data may be processed in the U.S. or other jurisdictions
  • Users are responsible for compliance with local laws (e.g., GDPR, PIPEDA)

9. Data Retention

We retain data:

  • As long as necessary to provide our services, including but not limited to the EVAA.AI platform
  • As required by law or contractual obligations

10. User Rights

Depending on jurisdiction, you may have rights to:

  • Access your data
  • Correct inaccuracies
  • Request deletion
  • Restrict processing

Requests can be submitted to: support@evaa.ai

11. Children’s Privacy

The EVAA.AI platform is not intended for use by individuals under 18.

12. Changes to This Policy

We may update this Privacy Policy periodically. Continued use of the EVAA.AI platform constitutes
acceptance.

13. Contact

Evaa.ai, LLC

Email: support@evaa.ai

Website: www.evaa.ai