Privacy Policy

Last updated: June 21, 2026

The short version

Practices using NutriMedAI control the patient and clinical information they enter. NutriMedAI processes that information to provide the service. Other customers cannot see your practice's data. Authorized NutriMedAI personnel may have technical access across customer accounts, but may use it only when necessary to operate, secure, troubleshoot, support, or comply with law. We do not sell personal information or use patient health information for advertising.

1. Scope and who we are

This Privacy Policy explains how NutriMedAI ("NutriMedAI," "we," "us," or "our") handles personal information through our websites, applications, public booking pages, communications, and practice-management services (the "Service"). NutriMedAI is operated from Lebanon and currently serves the Lebanese market. Contact us at nutrimedai@outlook.com.

2. Our role and the practice's role

For account, billing, security, website, sales, and direct support data, NutriMedAI generally acts as the data controller or business responsible for deciding why and how that information is used. For patient records and clinical information entered by a dietitian or practice, the practice generally acts as the controller and NutriMedAI acts as its processor or service provider. The practice is responsible for having a lawful basis to collect and use patient information, providing any required patient notices, managing staff permissions, and responding to patient requests. Our processing of this data should also be governed by a Data Processing Agreement with the practice.

3. Information we process

Account and practice information: names, email addresses, telephone numbers, credentials, professional profile, practice and clinic details, language, settings, subscription status, and communications. Patient and health information: identity and contact details, date of birth, gender, appointments, allergies, medical conditions, medications, dietary preferences, goals, measurements, body composition, laboratory results, consultation notes, documents, meal plans, recommendations, and related clinical records. Operational information: login sessions, IP address, browser and device information, user agent, security events, audit records, feature activity, support requests, and diagnostic logs. Financial information: consultation prices, payment status and method, practice transactions and expenses. If card payments are introduced, payment-card details should be handled by the named payment provider rather than stored by NutriMedAI. Public and optional information: profile details, booking-page content, social links, uploaded files, contact-form messages, and any other information a user chooses to provide.

4. Where information comes from

We receive information directly from account holders, practice staff, patients using public booking pages, uploaded files, and communications with us. We also generate technical and usage information when the Service is used. Practices may enter information about patients or invite staff members; in those cases, the practice is responsible for being permitted to provide that information to us.

5. How we use information

We use information to create and administer accounts; provide patient, appointment, consultation, document, meal-plan, financial, communication, and AI features; authenticate users; maintain tenant isolation; send service and appointment messages; provide support; prevent abuse and fraud; monitor reliability and security; back up and restore the Service; improve product workflows using appropriately limited analytics; enforce agreements; and comply with legal obligations. We do not sell patient or user information. We do not use patient health information for targeted advertising. We do not permit AI providers to use patient information for our own advertising purposes.

6. Legal bases

We process information under applicable Lebanese law, including Law No. 81/2018 where applicable, to provide the Service, protect accounts and systems, prevent fraud, support customers, comply with legal obligations, and based on consent where the law requires it. Health information is sensitive. The practice must have a lawful professional and legal basis to collect and use patient information. NutriMedAI processes that information to provide the Service on the practice's instructions and does not treat acceptance of this Privacy Policy as patient consent.

7. Who can see data inside NutriMedAI

A practice's authorized users can access information according to their role and clinic assignments. Tenant controls are designed to prevent ordinary users of one customer from accessing another customer's records. NutriMedAI SUPER_ADMIN accounts currently have technical capability to access data across tenants. Access by founders, employees, or contractors is limited to authorized personnel with a genuine need—for example, support requested by the customer, incident response, security investigation, service maintenance, or legal compliance. Such personnel are subject to confidentiality obligations. Many account and data changes are recorded in audit logs; logging of every administrative view and download is not yet comprehensive.

8. Service providers and disclosures

We disclose information only as needed to operate the Service, including to infrastructure and hosting providers, database providers, Cloudflare for file storage and security services, Google for Gemini API features, Resend for transactional email, PostHog and Vercel for configured analytics and performance services, and professional advisers or authorities where legally required. For current information about subprocessors, purposes, processing locations, and safeguards, contact nutrimedai@outlook.com. Providers may process only the information needed for their function and are expected to follow applicable data-protection and confidentiality terms. We may also disclose information in a corporate transaction, with notice and appropriate protections, or at a customer's documented direction. We do not disclose patient records to other customers.

9. Artificial intelligence

NutriMedAI uses Google's paid Gemini API to provide optional AI-assisted features. When an authorized user requests an AI feature, we send only the information needed to complete that request. Depending on the feature, this may include selected patient context, consultation information, a meal plan, or an uploaded document. Under Google's terms for paid Gemini API services, submitted prompts, files, and responses are not used to train models or improve Google's products. Google processes this information to provide and protect the service and may retain limited records temporarily for security, abuse prevention, and legal obligations. AI features are designed to support—not replace—the dietitian. Results remain under the dietitian's control and must be reviewed by a qualified professional before they are applied, relied upon, or shared with a patient. NutriMedAI records limited technical and usage information to maintain reliability, security, and service quality.

10. International data transfers

NutriMedAI is based in Lebanon. Our configured PostHog, MongoDB, Vercel, and Cloudflare R2 environments are hosted in Europe. Google Gemini, Resend, and other providers may process limited information in other locations according to their service configuration and terms. International processing is limited to what is needed to provide the Service, and we seek appropriate contractual and security safeguards.

11. Retention and deletion

We retain account and customer information while an account is active and afterward only as reasonably necessary for legal, security, dispute, and legitimate business purposes. Practices control retention of their patient records subject to professional and legal recordkeeping obligations. The current Service retains most active customer and clinical records until a user deletes individual records or an administrator performs an operational deletion. It does not yet provide a complete self-service account export and verified tenant-wide erasure workflow. Database backups are configured for approximately 7 days and notification records for approximately 30 days; other audit, AI, support, and application records need formally approved retention schedules. Deletion from live systems may not immediately remove information from encrypted or isolated backups. Backup copies should expire through the ordinary retention cycle and not be restored except for disaster recovery.

12. Security

We use role-based access controls, tenant-scoped queries, authentication, short-lived signed document links, encryption provided by our hosting and storage vendors, backups, rate limiting, audit records for many changes, and security monitoring. No method of storage or transmission is completely secure. Customers are responsible for choosing strong passwords, protecting credentials, limiting staff access, removing departed users, securing exported files, and promptly reporting suspected misuse. Security incidents involving personal information will be investigated and notified as required by applicable law and customer agreements.

13. Privacy rights and requests

Depending on location, individuals may have rights to access, correct, delete, restrict or object to processing, obtain a portable copy, withdraw consent, and complain to a data-protection authority. These rights are not absolute and may be limited by legal or professional recordkeeping duties. Patients should normally direct requests about their clinical records to their dietitian or practice, because the practice controls those records. We will assist the practice as required by our agreement and law. Account holders may contact nutrimedai@outlook.com. We may need to verify identity and authority before acting on a request.

14. Cookies and analytics

The Service uses essential storage and cookies for authentication, security, language, and preferences. It also currently initializes PostHog product analytics and Vercel analytics/performance tools. PostHog is configured to use cookies and local storage and may receive user ID, email, name, role, tenant ID, page URLs, and selected product events. Where consent is required, non-essential analytics must remain disabled until the user actively accepts them, refusal must be as easy as acceptance, and users must be able to change their choice. A separate cookie notice or preference center should list each technology, provider, purpose, and duration. Continuing to browse is not sufficient consent.

15. Children

NutriMedAI accounts are intended for qualified professionals and authorized adult staff, not for children to create independently. A practice may record information about a child patient when legally permitted and when the practice has the required parental or guardian authority and complies with applicable health and privacy laws.

16. Changes to this policy

We may update this Policy as the Service, providers, or legal requirements change. We will update the date above and provide additional notice for material changes when appropriate. Material changes will not retroactively change the purpose for which information was collected without a valid legal basis.

17. Contact us

For privacy questions, rights requests, security concerns, subprocessor information, or questions about a Data Processing Agreement, contact nutrimedai@outlook.com.