top of page

Privacy Policy

Equanimity AI Inc.
Last Updated: February 15, 2026


Equanimity AI Inc. (“Equanimity,” “we,” “us,” or “our”) is committed to protecting personal information and maintaining safeguards consistent with applicable federal and state laws, including, where applicable, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

This Privacy Policy explains how we collect, use, disclose, and protect information when you access our website, mobile applications, and related services (collectively, the “Services”).

If you do not agree with this Privacy Policy, please do not use the Services.

1. COMPANY INFORMATION

Equanimity AI Inc
11140 Rockville Pike Ste 100-346
Rockville, MD 20852-3149-259
United States
Email: info@equanimity-ai.com

2. ROLE DISTINCTIONS IN HEALTHCARE CONTEXTS

Equanimity provides digital infrastructure to healthcare providers.

When our Services are deployed by a clinic, hospital, or other healthcare organization:

• The healthcare organization is typically the “Covered Entity” under HIPAA.
• Equanimity acts as a “Business Associate.”
• Processing of Protected Health Information (“PHI”) occurs pursuant to a written Business Associate Agreement (“BAA”).

The Covered Entity remains responsible for:

• Patient-facing privacy notices
• Clinical decisions
• Determining what information is collected
• Patient rights under HIPAA

This Privacy Policy does not replace or modify a Covered Entity’s Notice of Privacy Practices.

3. HIPAA AND PROTECTED HEALTH INFORMATION

Where Equanimity processes PHI on behalf of a Covered Entity, we do so in accordance with:

• HIPAA
• Applicable federal and state regulations
• The terms of the applicable BAA

We implement administrative, technical, and physical safeguards designed to comply with the HIPAA Security Rule, including:

• Access controls and role-based permissions
• Encryption in transit where appropriate
• Audit logging and monitoring
• Workforce confidentiality obligations
• Vendor management processes
• Security risk assessment procedures

We limit uses and disclosures of PHI to those permitted under HIPAA and contractual agreements.

Equanimity does not use PHI for independent marketing or unrelated commercial profiling.

If you are a patient and have questions about your medical records or wish to exercise HIPAA rights, you should contact your healthcare provider directly.

Nothing in this Privacy Policy constitutes a representation that Equanimity is a Covered Entity.

4. INFORMATION WE COLLECT
A. Information You Provide

We may collect personal information including:

• Name
• Email address
• Phone number
• Mailing address
• Organization and professional title
• Account credentials
• Communications and support inquiries
• Billing-related information where applicable

B. Health and Clinical Information

When Services are used in a healthcare context, we may process:

• Patient-reported outcomes
• Clinical workflow data
• Wearable or device-derived metrics if enabled
• Voice-derived features if enabled
• Application interaction data relevant to care operations

Such information may constitute PHI when processed on behalf of a Covered Entity.

C. Automatically Collected Information

We may collect:

• IP address
• Device identifiers
• Browser type
• Operating system
• Usage logs
• Crash diagnostics
• Approximate geographic region

D. Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Core functionality
• Security and fraud prevention
• Performance analytics

Advertising trackers are not deployed within environments that process PHI.

5. HOW WE USE INFORMATION

We use information to:

• Provide and maintain the Services
• Authenticate users
• Support clinical and operational workflows
• Respond to inquiries
• Provide customer support
• Improve system performance and reliability
• Maintain platform security
• Conduct internal analytics and product development
• Comply with legal and regulatory obligations
• Send permitted business communications

We do not sell personal information.

6. DISCLOSURE OF INFORMATION

We may disclose information:

A. To Service Providers

To vendors that provide hosting, infrastructure, monitoring, analytics, and support services. Where PHI is involved, vendors are engaged under appropriate agreements consistent with HIPAA requirements.

B. To Healthcare Providers

To Covered Entities using our platform, consistent with contractual obligations and applicable law.

C. For Legal Compliance

When required by law, subpoena, court order, or regulatory obligation.

D. Corporate Transactions

In connection with mergers, acquisitions, restructuring, financing, or sale of assets, subject to appropriate confidentiality safeguards.

7. DATA RETENTION

We retain information for as long as reasonably necessary to:

• Provide the Services
• Fulfill contractual obligations
• Meet regulatory requirements
• Maintain audit logs
• Resolve disputes

Retention of PHI may be governed by contractual obligations with Covered Entities and applicable law.

When no longer required, information is securely deleted or de-identified where appropriate.

8. DATA SECURITY

We maintain safeguards designed to protect personal information, including:

• Access controls
• Encryption in transit
• Logging and monitoring
• Vendor oversight
• Workforce confidentiality obligations

No security system is infallible. Users are responsible for safeguarding their credentials.

9. DE-IDENTIFIED INFORMATION

We may use and disclose information that has been de-identified in accordance with applicable law for purposes including:

• Research
• Product improvement
• Analytics
• Quality assurance

De-identified information is not treated as personal information under this Policy.

10. CHILDREN

The Services are not directed to individuals under 18. We do not knowingly collect personal information from minors.

11. PRIVACY RIGHTS

Subject to applicable law, individuals may have rights to:

• Access personal information
• Correct inaccuracies
• Request deletion
• Restrict certain processing
• Withdraw consent where applicable

Where PHI is involved, requests may need to be directed to the applicable Covered Entity.

Requests may be submitted to:
info@equanimity-ai.com

Identity verification may be required.

12. U.S. STATE PRIVACY DISCLOSURES

Residents of certain U.S. states may have additional privacy rights under applicable state laws.

Equanimity does not sell personal information.

State-specific privacy requests may be submitted to info@equanimity-ai.com
.

13. INTERNATIONAL ACCESS

If you access the Services from outside the United States, you acknowledge that information may be transferred to and processed in the United States.

14. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. Changes become effective upon posting.

15. CONTACT

Equanimity AI Inc
11140 Rockville Pike Ste 100-346
Rockville, MD 20852-3149-259
United States

Email: info@equanimity-ai.com

bottom of page