SERENIO
Open web app
Home About Membership Contact Open web app Try free on LINE

Privacy

Privacy Policy

How we handle and protect your personal data.

What we will not share

Unless you agree, we will not share your conversation interactions with Serenio, such as what you write or the path you take in a conversation.

Interactions with third-party services

Our services may connect with third parties, such as helplines or other resources. Any information shared with or collected by third parties is governed by that third party's terms and privacy policy. We are not responsible for third parties' handling of personal data related to these resources.

De-identified and/or aggregated data

We may use your personal data to create de-identified and/or aggregated data, such as approximate location, information about the device you use to access our services, conversation trends, or other analytics. De-identified and/or aggregated data is not personal data, and we may use and share it in accordance with applicable law, for example with academic partners. Even when de-identified, we will not share your conversation records with Serenio without your consent.

How is my personal data protected?

We work to implement security measures designed to prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data. This may include, as applicable: following hospital-grade security policies and procedures to protect sensitive user data, in line with HIPAA requirements including the Privacy and Security Rules; using cloud-based infrastructure designed to reduce our data footprint; encrypting all personal data, both at rest and in transit; storing sensitive personal data securely in dedicated environments to ensure separation and clear access control; using technical network controls such as multi-factor authentication and deny-all/allow-by-exception to maintain controlled access; conducting and responding to penetration tests, vulnerability assessments, code reviews and internal compliance reviews; maintaining our business continuity, disaster recovery and incident response plans; and allowing employees to access personal data only where relevant to their job duties.

Despite these efforts, no security measure is perfect, and no method of data transmission or storage can guarantee against unauthorized disclosure or misuse. We therefore cannot ensure or warrant the security of any personal data you provide to us. To the maximum extent permitted by applicable law, we accept no liability for unauthorized access, use, disclosure or loss of personal data.

How long do you store my personal data?

We store personal data to provide you with a personalized service experience based on your past interactions, and for the other reasons described above. We retain the personal data we collect until you stop using our services, or as needed to fulfil the purposes of collection, provide our services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable law. To learn more about our data retention practices, please contact us.

What rights do I have?

Anyone who uses the service can access, correct or delete their personal data, wherever they live or are located. In addition, under certain data protection laws, individuals may have rights over their personal data, which may include, as applicable: the right of access to the personal data we hold about you and how we use it; the right to rectification of inaccurate or incomplete personal data, including protected health information (PHI); the right to request erasure in certain circumstances; the right to restrict or object to our processing in certain circumstances; the right to data portability; the rights to obtain copies of, receive confidential communications of, restrict the use or disclosure of, and obtain an accounting of disclosures of your PHI; the right to designate a personal representative; the right to withdraw consent; and the right to obtain a paper copy of this Privacy Policy.

We will handle your request in accordance with applicable law. Please note that we will need you to take steps to verify your identity. If you wish to exercise any of these rights, please contact us.

How do I control my personal data?

If you have feedback or questions about any aspect of how we collect, share or use your personal data, please contact us. If your personal data is governed by the applicable data protection laws of the European Economic Area, Switzerland or the United Kingdom, you have the right to lodge a complaint with a competent supervisory authority if you believe our processing violates applicable law. You cannot opt out of certain important communications, such as updates to our terms or this Privacy Policy.

  • SMS: follow the instructions in the messages you receive, or contact us.
  • Push notifications: we may send push notifications through one of our mobile apps; opt out by changing your device settings.
  • Do Not Track (DNT): we honor DNT on our website. DNT preferences do not apply to mobile apps.
  • Cookies and similar technologies: you can stop, limit or delete certain cookies depending on your browser or device permissions, on each browser and device. We use cookies only on our website, not in any mobile app. If you adjust your preferences, some services may not function properly.

What are my responsibilities?

You are responsible for helping protect your personal data by securing your device, email and password. For best practices, see the U.S. Federal Trade Commission (FTC) guidance on protecting your privacy on apps and keeping your personal information secure.

Protecting children's information. The service is not directed to children (defined as under 13, or another age as required by local law), and we do not knowingly collect children's personal data. If you discover that your child has provided personal data to us without your consent, please contact us. If we learn that we have collected a child's personal data in violation of applicable law, we will delete that data (unless legally required to retain it) and close the child's account.

Third parties. The service may contain links to third-party websites or apps not covered by this Privacy Policy. We are not responsible for their privacy practices or content. Providing personal data to them is at your own risk.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you to the extent permitted by applicable law, generally by posting the updated policy on our website or app before the changes take effect, and in some cases by email. The updated terms supersede previous terms and take effect immediately upon posting, except as otherwise required or permitted by law. Continuing to use our services indicates your agreement to the updated Privacy Policy.

Contact us

If you have any questions, comments or complaints about this Privacy Policy or our information-handling practices, please contact Serenio AI Limited (company registration number: 3299059), email support@serenio.ai.

Last updated: 22 August 2023