Back

Legal

Privacy Policy

Effective date: January 1, 2026  ·  Last updated: April 1, 2026

Atman Labs, Inc. ("Jiva", "we", "our", or "us") is committed to protecting the privacy of our customers, their patients, and all visitors to our website. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit jiva.health or use our AI-powered clinical platform (collectively, the "Services").

Please read this policy carefully. If you disagree with its terms, please discontinue use of our Services.

1. Information We Collect

1.1 Information You Provide Directly

  • Account & contact data — name, email address, phone number, practice name, and billing details when you register or request a demo.
  • Communications — messages you send us via email, support tickets, or in-product chat.
  • Survey & feedback data — responses to optional questionnaires or user research sessions.

1.2 Information Collected Automatically

  • Usage data — pages viewed, features used, time spent, click paths, and session metadata.
  • Device & log data — IP address, browser type, operating system, referrer URL, and error logs.
  • Cookies & similar technologies — session cookies, preference cookies, and analytics pixels. See Section 6 for details.

1.3 Protected Health Information (PHI)

When Jiva is deployed within a healthcare setting and processes patient data on behalf of a covered entity, we act as a Business Associate under HIPAA. PHI is processed solely to provide the contracted Services and is never used for advertising or sold to third parties. Our HIPAA compliance program includes encryption at rest (AES-256) and in transit (TLS 1.3), role-based access controls, and audit logging.

2. How We Use Your Information

  • Provide, operate, and improve the Services.
  • Respond to your inquiries and provide customer support.
  • Send transactional emails (account confirmations, security alerts).
  • Send marketing communications, where you have opted in and as permitted by law.
  • Analyze aggregate usage trends to guide product development.
  • Detect, prevent, and investigate fraud, abuse, or security incidents.
  • Comply with legal obligations.

3. How We Share Your Information

We do not sell personal information. We may share information with:

  • Service providers — cloud infrastructure (AWS), analytics (Mixpanel), payment processing (Stripe), and email delivery (Postmark) under data processing agreements.
  • Business transfers — in connection with a merger, acquisition, or asset sale, subject to standard confidentiality protections.
  • Legal requirements — when required by law, subpoena, or to protect the rights, property, or safety of Jiva, our users, or the public.
  • With your consent — for any other purpose with your prior written consent.

4. Data Retention

We retain personal data for as long as your account is active or as needed to provide Services. After account termination, we delete or anonymize personal data within 90 days, except where retention is required by law or legitimate business purposes (e.g., fraud prevention, resolving disputes). PHI is retained per the terms of the applicable Business Associate Agreement.

5. Your Rights & Choices

Depending on your location, you may have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request deletion of your personal data, subject to legal obligations.
  • Portability — receive your data in a structured, machine-readable format.
  • Opt-out of marketing — click "unsubscribe" in any marketing email or contact us directly.
  • Do Not Sell / Do Not Share — we do not sell personal information; no action required.

To exercise any right, contact privacy@atmanlabs.ai. We will respond within 30 days.

6. Cookies

We use the following cookie categories:

  • Strictly necessary — required for core functionality (authentication, security).
  • Analytics — aggregate data to understand how visitors use our site (e.g., Google Analytics 4 with IP anonymization).
  • Preferences — remember your settings and display choices.

You can control cookies through your browser settings. Disabling analytics cookies will not affect core functionality.

7. Security

We implement industry-standard safeguards including TLS 1.3 encryption in transit, AES-256 encryption at rest, SOC 2 Type II controls, penetration testing, and a formal incident response program. No system is completely secure; if you discover a vulnerability, please report it to security@atmanlabs.ai.

8. Children's Privacy

Our Services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such data, contact us and we will delete it promptly.

9. International Transfers

We are based in the United States. If you access our Services from outside the US, your data may be transferred to and processed in the US. For EEA/UK users, we rely on Standard Contractual Clauses as the transfer mechanism.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or prominent notice in the platform at least 14 days before changes take effect. Continued use of the Services after the effective date constitutes acceptance.

11. Contact Us

If you have questions or concerns about this Privacy Policy:

Atman Labs, Inc.
Attn: Privacy Team
privacy@atmanlabs.ai
© 2026 Jiva. All rights reserved.
Privacy Policy Terms of Service Contact