Privacy Policy

How ADID collects, uses, stores, and protects personal and physiologic data.

Effective date: May 17, 2026 · Last updated: May 17, 2026

This Privacy Policy describes how ADID (“ADID,” “we,” “us,” or “our”) handles information collected through the ADID mobile application (the “App”), the ADID web portal at clinician.adid.app, and this website at adid.app (collectively, the “Services”).

ADID is a passive, non-diagnostic physiologic monitoring system intended to support people living with spinal cord injury and the clinicians caring for them. Because the Services may collect health-related information, we treat that information with elevated care and apply the safeguards described below.

Information we collect How we use information Sharing Retention Security Your rights Deletion Children Changes Contact

1. Information we collect

Depending on how you use the Services, ADID may collect the following categories of information:

Account information: name, email address, and authentication credentials used to create and access your account.
Demographic and clinical context: information you or your care team provide that helps contextualize your physiologic data (for example, level of spinal cord injury, relevant medications, or known triggers).
Physiologic and sensor data: continuous and intermittent measurements collected by paired wearable or sensor devices, such as heart rate, heart rate variability, and blood pressure trends. Timestamps are captured to support clinical review.
User-entered notes: optional notes, symptom tags, or contextual entries you choose to record alongside physiologic data.
Device and technical data: device model, operating system version, App version, language, time zone, and limited diagnostic logs used to identify and fix bugs.
Usage data: non-identifying information about how the App is used (for example, which screens are viewed) so we can improve reliability and usability.

We do not collect precise location data unless you explicitly enable a feature that requires it. We do not use the Services to deliver third-party advertising and we do not sell personal information.

2. How we use information

ADID uses collected information only for the purposes described below:

To provide the core monitoring functions of the App and to display physiologic data and trends to you.
To make structured, reviewable datasets available to clinicians you have authorized to receive your data.
To establish a patient-specific autonomic baseline that supports interpretation of subsequent measurements.
To maintain account security, prevent abuse, and troubleshoot technical issues.
To communicate with you about the Services, including service announcements and pilot program updates.
To improve the reliability and quality of the Services, using aggregated and de-identified data where feasible.
To comply with applicable laws, regulations, and lawful requests.

ADID does not use your personal or physiologic data to train third-party advertising models, and does not share it with data brokers.

Your information may be shared only in the limited circumstances below:

With clinicians you authorize: data is shared with the care team or clinical site you explicitly connect to your account, through the ADID clinician portal.
With service providers: vendors that host infrastructure, deliver email, or provide error monitoring on our behalf, under contractual obligations restricting use to providing services to ADID.
For legal reasons: when required by applicable law, court order, or to protect the rights, property, or safety of users, the public, or ADID.
In a corporate transaction: as part of a merger, acquisition, or sale of assets, in which case you will be notified before your information becomes subject to a different privacy policy.

We do not sell or rent your personal information, and we do not share it with third parties for their independent marketing or advertising purposes.

4. Data retention

We retain personal and physiologic information for as long as your account is active or as needed to provide the Services. Clinical and physiologic records may be retained for longer periods where required by applicable medical-records laws, by clinical pilot protocols, or to comply with our legal obligations. When information is no longer needed, we delete it or de-identify it so that it can no longer be associated with you.

5. Security

ADID applies administrative, technical, and physical safeguards designed to protect personal and physiologic information against unauthorized access, alteration, disclosure, or destruction. These include encryption of data in transit, encryption of data at rest in our managed infrastructure, role-based access controls, audit logging, and regular review of access and security configuration. No method of electronic storage or transmission is completely secure, so we cannot guarantee absolute security.

6. Your rights and choices

Depending on where you live, you may have the following rights regarding your personal information:

Access: request a copy of the personal information we hold about you.
Correction: ask us to correct information that is inaccurate or incomplete.
Deletion: request deletion of your account and associated personal data, subject to limited exceptions described below.
Portability: request a copy of your data in a portable, structured format where applicable.
Withdraw consent: withdraw consent for processing that relies on consent, at any time, without affecting prior lawful processing.
Object or restrict: object to or restrict certain processing where allowed by applicable law.

To exercise any of these rights, contact us at privacy@adid.app. We may need to verify your identity before fulfilling a request. We aim to respond within 30 days.

7. Account and data deletion

You can request deletion of your ADID account and associated personal data at any time. Detailed instructions, including what specifically is deleted and what is retained for legal or clinical compliance reasons, are available on our dedicated Account & Data Deletion page.

8. HIPAA and health data

Where ADID is engaged by a covered entity (such as a clinic, hospital, or healthcare provider) and operates as a business associate under the U.S. Health Insurance Portability and Accountability Act (HIPAA), we handle protected health information (PHI) in accordance with the applicable Business Associate Agreement and HIPAA Security and Privacy Rules. Information you submit directly to us outside of such an arrangement (for example, through a self-managed account) is governed by this Privacy Policy.

9. International users

ADID is operated from the United States. If you access the Services from outside the United States, you understand that your information may be processed and stored in the United States and other jurisdictions whose data protection laws may differ from those of your country. We take reasonable steps to ensure your information receives appropriate protection wherever it is processed.

10. Children’s privacy

ADID is not directed to children under 13, and we do not knowingly collect personal information from children under 13 without verifiable parental consent. If you believe a child has provided us with personal information, please contact us at privacy@adid.app and we will take steps to delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will revise the “Last updated” date at the top and, where appropriate, provide notice through the App or by email. Your continued use of the Services after a change takes effect constitutes acceptance of the updated policy.

12. Contact us

If you have questions or concerns about this Privacy Policy or our handling of your information, please contact:

Email: privacy@adid.app
General inquiries: info@adid.app
Web: adid.app