Privacy Policy

1. Introduction and Acceptance

This Privacy Policy ("Policy") governs the collection, use, storage, processing, sharing, transfer, disclosure, and handling of all information and data by EagleBridge ("EagleBridge," "we," "us," or "our"), operated by EagleBridge Inc. and its affiliates, subsidiaries, successors, and assigns, through the EagleBridge mobile application, website, web application, APIs, and all related services, tools, features, and functionalities (collectively, the "Platform").

By accessing, downloading, installing, registering for, or using the Platform in any manner, you ("User," "you," or "your") expressly acknowledge that you have read, understood, and agree to be bound by this Policy in its entirety. If you do not agree to every provision of this Policy, you must immediately cease all use of the Platform and delete your account.

Your continued use of the Platform after any modifications to this Policy constitutes your binding acceptance of such modifications. We reserve the right to modify, amend, update, or replace this Policy at any time, in our sole and absolute discretion, with or without prior notice to you. It is your sole responsibility to review this Policy periodically for changes.

This Policy applies to all users of the Platform worldwide, regardless of location, nationality, or jurisdiction. This Policy is incorporated into and forms part of the EagleBridge Terms of Service.

2. Definitions

For purposes of this Policy, the following definitions apply:

• "Personal Information" means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to you. This includes, without limitation, your name, email address, phone number, date of birth, gender, location, IP address, device identifiers, biometric data, photographs, and any other identifying information.
• "Health Information" means any information relating to your past, present, or future physical or mental health condition, medical history, surgical history, treatment, recovery, rehabilitation, medications, diagnoses, symptoms, prognosis, medical providers, insurance information, or any other health-related data you provide or that is generated through your use of the Platform. FOR THE AVOIDANCE OF DOUBT, HEALTH INFORMATION AS USED ON THIS PLATFORM IS NOT PROTECTED HEALTH INFORMATION ("PHI") AS DEFINED UNDER HIPAA, AND IS NOT AFFORDED ANY PROTECTIONS UNDER HIPAA OR ANY SIMILAR LAW.
• "Usage Data" means all data generated by or collected from your use of the Platform, including but not limited to interaction logs, click patterns, session duration, features accessed, pages viewed, search queries, in-app behavior, video call metadata, scheduling data, and any other behavioral or analytical data.
• "User Content" means any and all content, data, information, text, images, audio, video, communications, messages, feedback, reviews, ratings, comments, or other materials you create, upload, transmit, share, or otherwise make available through the Platform.
• "Aggregated Data" means data that has been combined with data from other users or sources such that it may or may not be individually identifiable. We make no guarantees regarding de-identification or anonymization of any data.
• "Platform Data" means all Personal Information, Health Information, Usage Data, User Content, Aggregated Data, and any other data or information of any kind collected, generated, derived, or inferred through your use of the Platform.

3. HIPAA Non-Compliance Disclosure

3.1. EagleBridge is NOT a "covered entity" or a "business associate" as those terms are defined under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), the Health Information Technology for Economic and Clinical Health Act ("HITECH Act"), or any implementing regulations promulgated thereunder (collectively, "HIPAA Regulations").

3.2. The Platform does NOT comply with the HIPAA Privacy Rule (45 CFR Part 160 and Part 164, Subparts A and E), the HIPAA Security Rule (45 CFR Part 160 and Part 164, Subparts A and C), the HIPAA Breach Notification Rule (45 CFR Part 164, Subpart D), or any other provision of HIPAA Regulations.

3.3. The Platform does NOT implement the administrative safeguards, physical safeguards, or technical safeguards required by the HIPAA Security Rule, including but not limited to: access controls, audit controls, integrity controls, transmission security, workstation security, device and media controls, facility access controls, workforce training, risk assessments, contingency planning, or Business Associate Agreements.

3.4. The Platform does NOT comply with any state health privacy laws, including but not limited to the California Confidentiality of Medical Information Act ("CMIA"), the New York SHIELD Act, the Texas Medical Records Privacy Act, the Illinois Health Care Right of Conscience Act, or any other state-level health information privacy statute.

3.5. The Platform does NOT comply with international health data protection regulations, including but not limited to the European Union General Data Protection Regulation ("GDPR") as it pertains to special categories of personal data (health data), the UK Data Protection Act 2018, Canada's Personal Information Protection and Electronic Documents Act ("PIPEDA"), Australia's Privacy Act 1988, or any other international health data protection law.

3.6. We do NOT enter into Business Associate Agreements ("BAAs") with any party. No agreement between you and EagleBridge, whether express or implied, shall be construed as a BAA.

3.7. Any health information, medical information, condition information, surgical information, recovery information, or treatment information you provide through the Platform is provided entirely at your own risk. You acknowledge and agree that such information will NOT receive any protections afforded by HIPAA or any similar law.

3.8. By using the Platform, you expressly and irrevocably waive any right, claim, or cause of action you may have against EagleBridge arising from or related to the non-compliance of the Platform with HIPAA, HITECH, or any healthcare privacy regulation. You acknowledge that you have been clearly and conspicuously informed of this non-compliance and have chosen to use the Platform with full knowledge thereof.

3.9. You are solely responsible for determining whether it is appropriate to provide any health-related information through the Platform. We strongly recommend that you do NOT provide any information through the Platform that you consider sensitive, confidential, or that you would not be comfortable being disclosed to third parties or made publicly available.

4. Not a Medical Service

4.1. EagleBridge is a peer-to-peer support platform that facilitates connections between individuals. EagleBridge is NOT a healthcare provider, medical device, medical practice, hospital, clinic, pharmacy, health plan, health insurance company, health care clearinghouse, or any other type of healthcare entity.

4.2. The Platform does NOT provide medical advice, diagnoses, treatment recommendations, treatment plans, clinical opinions, prescriptions, referrals, second opinions, or any other form of medical, clinical, therapeutic, psychiatric, psychological, or healthcare service.

4.3. No physician-patient relationship, therapist-patient relationship, counselor-client relationship, or any other healthcare provider-patient relationship is created between you and EagleBridge, or between you and any other user of the Platform, by virtue of your use of the Platform.

4.4. Any information shared by other users of the Platform, including information about medical conditions, surgeries, treatments, medications, recovery experiences, or outcomes, is provided for peer support purposes only and should NOT be relied upon as medical advice. Individual medical outcomes vary significantly, and another user's experience is not predictive of your own.

4.5. You should always consult with a qualified, licensed healthcare provider before making any medical decisions. Never disregard professional medical advice or delay seeking treatment because of information you received through the Platform.

4.6. In case of a medical emergency, call your local emergency number (such as 911 in the United States) immediately. Do not use the Platform to seek emergency medical assistance.

5. Information We Collect

We collect, and reserve the right to collect, ALL information and data of any kind that you provide to the Platform or that is generated through your use of the Platform. This includes, without limitation:

5.1. Information You Provide Directly

• Full legal name, display name, username, and any aliases
• Email address (primary and secondary)
• Phone number (mobile, home, and work)
• Date of birth, age, and gender
• Physical address, city, state, zip code, and country
• Profile photographs, avatars, and any uploaded images
• Account credentials, passwords, and security questions
• Medical conditions, diagnoses, symptoms, and health status
• Surgical history, including type of surgery, date of surgery, surgeon information, hospital or facility information, and surgical outcomes
• Recovery status, recovery timeline, and rehabilitation progress
• Medications, dosages, treatment plans, and therapy information
• Medical provider information, insurance information, and billing information
• Mental health information, emotional state, and psychological well-being
• Goals, preferences, interests, and recovery objectives
• Biographical information, personal stories, and narrative descriptions
• Feedback, reviews, ratings, surveys, and questionnaire responses
• Communications, messages, chat logs, and correspondence with us or other users
• Any other information you voluntarily provide through the Platform

5.2. Information Collected Automatically

• IP address (IPv4 and IPv6)
• Device type, model, manufacturer, and operating system version
• Unique device identifiers (IDFA, IDFV, Android Advertising ID, hardware serial numbers)
• Browser type, version, language, and configuration
• Screen resolution, display size, and device orientation
• Network information, including carrier, connection type (Wi-Fi, cellular), signal strength, and network speed
• Geolocation data (precise and approximate), including GPS coordinates, Wi-Fi-based location, and cell tower triangulation data
• Time zone, locale, and regional settings
• App version, installation date, and update history
• Session identifiers, session duration, and session frequency
• Pages viewed, screens accessed, features used, and navigation paths
• Click patterns, tap patterns, scroll behavior, and gesture data
• Search queries, filter selections, and sorting preferences
• Content viewed, content created, and content interactions
• Video call metadata, including call duration, call frequency, call participants, call quality metrics, and connection data
• Scheduling data, including appointment times, calendar interactions, and availability information
• Push notification interactions, including delivery status, open rates, and dismissal patterns
• App crashes, error logs, performance data, and diagnostic information
• Referral source, attribution data, and marketing campaign identifiers
• Accelerometer data, gyroscope data, and other sensor data available on your device
• Battery level, charging status, and available storage
• Installed applications list (where permitted by your device operating system)
• Clipboard data (where permitted by your device operating system)

5.3. Information from Third Parties

• Information from social media platforms if you connect your accounts (e.g., Apple, Google, Facebook)
• Information from analytics providers, advertising networks, and data brokers
• Information from publicly available sources, databases, and directories
• Information from other users about you (e.g., if another user mentions you or shares information about you)
• Information from our service providers, partners, and affiliates

5.4. Derived and Inferred Information

• Behavioral profiles, interest profiles, and preference profiles
• Health risk assessments and condition progression models
• Matching algorithms, compatibility scores, and recommendation models
• Predictive analytics and machine learning model outputs
• Sentiment analysis of your communications and content
• Any other information derived or inferred from the data described above using automated or manual processes

6. How We Use Your Information

We reserve the right to use all Platform Data for any purpose whatsoever, without limitation, restriction, or obligation to you. Without limiting the foregoing, we may use your information for the following purposes:

6.1. Platform Operations

• To create, maintain, and manage your account
• To provide, operate, maintain, improve, and optimize the Platform and its features
• To match you with other users based on your condition, goals, preferences, and other criteria
• To facilitate peer-to-peer connections, communications, and video calls
• To personalize your experience and provide tailored content and recommendations
• To process transactions and manage your subscriptions
• To provide customer support and respond to your inquiries

6.2. Research and Development

• To conduct research, analysis, and studies using your data, including health-related research
• To develop, train, improve, and refine machine learning models, artificial intelligence systems, algorithms, and data analytics tools
• To create datasets, reports, publications, and presentations using your data (which may or may not be anonymized or de-identified)
• To develop new products, services, features, and functionalities
• To conduct clinical research, outcomes research, real-world evidence studies, and health economics research
• To create and publish aggregate statistics, trends, insights, and benchmarks

6.3. Commercial Purposes

• To display targeted advertisements, sponsored content, and promotional materials
• To measure the effectiveness of advertising campaigns and marketing initiatives
• To sell, license, sublicense, or otherwise commercially exploit data, including data derived from your information
• To create data products, analytics products, and insights products for sale to third parties
• To support our business operations, including fundraising, investor relations, and corporate transactions

6.4. Communications

• To send you service-related communications, including account notifications, security alerts, and updates
• To send you marketing communications, promotional offers, newsletters, and surveys
• To communicate with you about new features, products, services, and events

6.5. Legal and Safety

• To comply with applicable laws, regulations, legal processes, or governmental requests
• To enforce our Terms of Service, this Policy, and other agreements
• To protect the rights, property, and safety of EagleBridge, our users, and the public
• To detect, prevent, investigate, and address fraud, security incidents, and illegal activities
• To respond to law enforcement requests, subpoenas, court orders, and regulatory inquiries

6.6. Any Other Purpose

We may use your information for any other purpose not specifically listed above, at our sole and absolute discretion, without further notice to or consent from you. By using the Platform, you consent to such use.

7. Information Sharing and Disclosure

We reserve the right to share, disclose, transfer, sell, license, sublicense, or otherwise make available all Platform Data to any third party, for any purpose, without limitation, restriction, or obligation to you. Without limiting the foregoing, we may share your information with:

• Other Users: Your profile information, condition information, and other information you provide may be visible to other users of the Platform as part of the peer matching and connection features.
• Service Providers: Third-party companies and individuals that provide services on our behalf, including hosting, analytics, payment processing, customer support, email delivery, and other operational services.
• Analytics Partners: Third-party analytics providers that help us understand how users interact with the Platform, including Google Analytics, Mixpanel, Amplitude, and similar services.
• Advertising Partners: Third-party advertising networks, demand-side platforms, and marketing partners for targeted advertising and attribution purposes.
• Research Partners: Academic institutions, research organizations, clinical research organizations, pharmaceutical companies, medical device companies, and other entities for research purposes.
• Data Brokers and Data Buyers: Third-party data brokers, data aggregators, and data purchasers who may further use, sell, or distribute the data.
• Business Partners: Companies with which we have commercial relationships, including joint ventures, strategic alliances, and co-branding arrangements.
• Investors and Advisors: Current and potential investors, financial advisors, legal advisors, accountants, and other professional advisors in connection with fundraising, due diligence, or corporate transactions.
• Acquirers: In connection with any merger, acquisition, reorganization, sale of assets, bankruptcy, or similar corporate transaction, your information may be transferred to the acquiring entity without your additional consent.
• Affiliates and Subsidiaries: Our parent companies, subsidiaries, affiliates, and related entities, including but not limited to Eagle Studio, TeddyBridge, and their respective successors and assigns.
• Government and Law Enforcement: Government agencies, law enforcement authorities, regulators, and other public authorities when required by law or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• Any Other Third Party: Any other person or entity, for any purpose, at our sole and absolute discretion.

8. Our Rights to Your Data

8.1. By using the Platform, you grant EagleBridge a perpetual, irrevocable, worldwide, royalty-free, fully paid-up, transferable, sublicensable (through multiple tiers), non-exclusive license to use, reproduce, modify, adapt, create derivative works from, distribute, publicly display, publicly perform, transmit, broadcast, sell, license, sublicense, commercialize, and otherwise exploit all Platform Data, in any form, medium, or technology now known or hereafter developed, for any purpose whatsoever.

8.2. This license survives termination of your account and this Policy. Even after you delete your account, we retain the right to continue using all data previously collected from you.

8.3. You acknowledge and agree that we own all right, title, and interest in and to all Aggregated Data, derived data, inferred data, analytical outputs, models, algorithms, and other intellectual property created using or derived from your data.

8.4. You waive any and all moral rights, privacy rights (to the maximum extent permitted by applicable law), and any other rights that may limit our ability to use your data as described in this Policy.

8.5. You represent and warrant that you have the legal right and authority to grant the licenses and permissions described in this Policy, and that doing so does not violate any third party's rights.

9. Security Limitations

9.1. THE PLATFORM IS PROVIDED ON AN "AS-IS" AND "AS-AVAILABLE" BASIS WITH RESPECT TO SECURITY. WE MAKE NO REPRESENTATIONS, WARRANTIES, OR GUARANTEES, EXPRESS OR IMPLIED, REGARDING THE SECURITY, CONFIDENTIALITY, INTEGRITY, OR AVAILABILITY OF YOUR DATA OR THE PLATFORM.

9.2. The Platform does NOT implement the following security measures that would typically be expected for a platform handling health-related information:

• End-to-end encryption of data at rest or in transit beyond standard HTTPS
• HIPAA-compliant encryption standards (AES-256 at rest, TLS 1.2+ in transit)
• Role-based access controls or minimum necessary access principles
• Comprehensive audit trails and access logging
• Regular security audits, penetration testing, or vulnerability assessments
• Data loss prevention (DLP) systems
• Intrusion detection and prevention systems (IDS/IPS)
• SOC 2 Type II compliance or certification
• ISO 27001 certification
• Business continuity and disaster recovery plans specific to data protection
• Employee background checks and security training programs
• Physical security controls for data centers
• Data classification and handling procedures
• Incident response plans specific to health data breaches

9.3. You acknowledge that no method of electronic transmission or storage is 100% secure, and we cannot guarantee the absolute security of your data. Any data you transmit to or through the Platform is done at your own risk.

9.4. In the event of a data breach, security incident, unauthorized access, or other compromise of your data, we are under no obligation to notify you, except as strictly required by applicable law. We make no commitments regarding the timeliness or completeness of any such notification.

9.5. You are solely responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account. You agree to notify us immediately of any unauthorized use of your account.

10. Data Retention

10.1. We retain all Platform Data indefinitely, unless we determine, in our sole and absolute discretion, to delete certain data. There is no maximum retention period.

10.2. Even after you delete your account or request deletion of your data, we may retain copies of your data in our systems, backups, archives, logs, analytics systems, machine learning models, derived datasets, and any other storage systems, for any period of time and for any purpose.

10.3. Data that has been shared with third parties prior to your deletion request is not subject to deletion, as we have no control over third-party data retention practices.

10.4. Data that has been incorporated into aggregated datasets, analytical models, research outputs, or derivative works is not subject to deletion, as it may not be practicable to identify and remove individual data contributions.

11. Cookies, Tracking, and Analytics

11.1. We use cookies, web beacons, pixel tags, local storage, session storage, fingerprinting techniques, and similar tracking technologies to collect information about your interactions with the Platform.

11.2. We use both first-party and third-party cookies for the following purposes: essential platform functionality, performance and analytics, advertising and targeting, personalization, social media integration, and any other purpose we deem appropriate.

11.3. We may use the following categories of third-party analytics and tracking services: Google Analytics, Firebase Analytics, Facebook Pixel, Apple App Analytics, Mixpanel, Amplitude, Segment, Hotjar, and any other analytics service we choose to implement.

11.4. You may be able to disable certain cookies through your browser or device settings, but doing so may impair the functionality of the Platform. Your use of the Platform with cookies enabled constitutes consent to our use of cookies as described herein.

12. Third-Party Services and Links

12.1. The Platform may contain links to, integrations with, or references to third-party websites, services, applications, and content that are not owned or controlled by EagleBridge. This includes, without limitation, clinical trial databases, research publications, healthcare directories, social media platforms, and payment processors.

12.2. We are not responsible for the privacy practices, security measures, content, or availability of any third-party services. Your interactions with third-party services are governed solely by those third parties' privacy policies and terms of service.

12.3. We encourage you to review the privacy policies of any third-party services before providing them with your information. We make no representations or warranties regarding the privacy or security practices of any third party.

13. User-Generated Content

13.1. Any content you create, upload, share, or transmit through the Platform, including messages to other users, profile information, health information, images, and feedback, may be viewed by other users, our employees, contractors, service providers, partners, and any third party with whom we share data.

13.2. You should have no expectation of privacy or confidentiality with respect to any User Content you submit through the Platform.

13.3. We are not responsible for the actions of other users who may view, copy, screenshot, record, share, or redistribute your User Content. Once you share content on the Platform, you lose control over how it may be used by others.

14. Communications and Recordings

14.1. All communications made through the Platform, including text messages, chat messages, video calls, audio calls, and any other form of communication, may be monitored, recorded, stored, and analyzed by EagleBridge for any purpose, including quality assurance, research, safety, legal compliance, and business purposes.

14.2. By using the communication features of the Platform, you consent to the monitoring, recording, storage, and analysis of all your communications. You also represent that you have the authority to consent on behalf of any person whose communications may be captured.

14.3. You acknowledge that other users may also record, screenshot, or capture your communications without your knowledge or consent, and we are not responsible for any such recording by other users.

15. Children's Privacy

15.1. The Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age.

15.2. If you are under 18 years of age, you must not use the Platform or provide any information through the Platform.

15.3. If we become aware that we have collected personal information from a child under 18, we may, at our discretion, delete such information. However, we are under no obligation to do so.

16. International Data Transfers

16.1. Your data may be transferred to, stored in, and processed in any country in the world where we or our service providers maintain facilities. By using the Platform, you consent to the transfer of your data to countries outside your country of residence, including countries that may not provide the same level of data protection as your home jurisdiction.

16.2. We do not implement Standard Contractual Clauses, Binding Corporate Rules, Privacy Shield frameworks, or any other international data transfer mechanisms. Your data is transferred on the basis of your explicit consent provided by your acceptance of this Policy.

17. California Residents

17.1. If you are a California resident, the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA") may provide you with certain rights regarding your personal information, including the right to know, the right to delete, the right to opt out of the sale of personal information, and the right to non-discrimination.

17.2. We may "sell" or "share" (as those terms are defined under the CCPA/CPRA) your personal information to third parties as described in Section 7 of this Policy. You may exercise your right to opt out of the sale or sharing of your personal information by contacting us at the email address provided in Section 25.

17.3. We may collect the following categories of personal information as defined by the CCPA: identifiers; personal information categories listed in the California Customer Records statute; characteristics of protected classifications; commercial information; biometric information; internet or other electronic network activity; geolocation data; sensory data; professional or employment-related information; non-public education information; inferences drawn from other personal information; and sensitive personal information.

17.4. We collect and use "sensitive personal information" as defined under the CPRA, including health information. You have the right to limit the use and disclosure of sensitive personal information to the extent required by applicable law.

18. European Economic Area Residents

18.1. If you are located in the European Economic Area ("EEA"), the United Kingdom, or Switzerland, you may have certain rights under the General Data Protection Regulation ("GDPR") or equivalent local legislation.

18.2. Our legal basis for processing your personal data is your explicit consent, which you provide by accepting this Policy and using the Platform. For health data (which constitutes a "special category" of personal data under the GDPR), our legal basis is your explicit consent under Article 9(2)(a) of the GDPR.

18.3. You may have the right to access, rectify, erase, restrict processing, object to processing, and data portability with respect to your personal data. To exercise these rights, contact us at the email address provided in Section 25. We will respond to your request within the timeframe required by applicable law, though we may retain data as permitted by law.

19. Limitation of Liability

19.1. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL EAGLEBRIDGE, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AFFILIATES, SUCCESSORS, OR ASSIGNS BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, GOODWILL, DATA, USE, OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR IN CONNECTION WITH YOUR USE OF THE PLATFORM OR ANY BREACH OF THIS POLICY, REGARDLESS OF THE THEORY OF LIABILITY (CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE) AND EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

19.2. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, OUR TOTAL AGGREGATE LIABILITY TO YOU FOR ALL CLAIMS ARISING OUT OF OR RELATED TO THIS POLICY OR YOUR USE OF THE PLATFORM SHALL NOT EXCEED THE GREATER OF (A) THE TOTAL AMOUNT YOU HAVE PAID TO EAGLEBRIDGE IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR (B) ONE HUNDRED UNITED STATES DOLLARS (US $100.00).

19.3. WE SHALL NOT BE LIABLE FOR ANY DAMAGES ARISING FROM: (A) UNAUTHORIZED ACCESS TO OR USE OF YOUR DATA; (B) DATA BREACHES, SECURITY INCIDENTS, OR HACKING; (C) INTERRUPTION, SUSPENSION, OR TERMINATION OF THE PLATFORM; (D) BUGS, VIRUSES, OR OTHER HARMFUL CODE; (E) ERRORS, INACCURACIES, OR OMISSIONS IN ANY DATA; (F) THE ACTIONS OR INACTIONS OF OTHER USERS; OR (G) ANY OTHER MATTER RELATING TO THE PLATFORM.

20. Indemnification

You agree to indemnify, defend, and hold harmless EagleBridge and its officers, directors, employees, agents, affiliates, successors, and assigns from and against any and all claims, demands, actions, suits, proceedings, losses, damages, liabilities, costs, and expenses (including reasonable attorneys' fees and court costs) arising out of or in connection with: (a) your use of the Platform; (b) your violation of this Policy or any applicable law or regulation; (c) your violation of any third party's rights, including any privacy rights; (d) any data you submit to the Platform; (e) your interactions with other users; or (f) any dispute between you and any third party relating to the Platform or your data.

21. Assumption of Risk

21.1. You expressly assume all risks associated with your use of the Platform, including but not limited to: the risk that your health information or personal information may be disclosed, accessed, or used by unauthorized parties; the risk that your data may be lost, corrupted, or destroyed; the risk that your communications with other users may be intercepted or monitored; and the risk that information shared by other users may be inaccurate, misleading, or harmful.

21.2. You acknowledge that the Platform is in an early stage of development and may contain bugs, errors, defects, and security vulnerabilities. You accept the Platform in its current state and assume all risks associated with using an early-stage platform.

22. Dispute Resolution

22.1. Any dispute, claim, or controversy arising out of or relating to this Policy shall be resolved through binding arbitration administered by the American Arbitration Association ("AAA") in accordance with its Consumer Arbitration Rules, except as modified herein.

22.2. The arbitration shall be conducted by a single arbitrator in the Commonwealth of Massachusetts. The language of the arbitration shall be English. The arbitrator's decision shall be final and binding.

22.3. YOU AGREE THAT ANY DISPUTE RESOLUTION PROCEEDINGS WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS, CONSOLIDATED, OR REPRESENTATIVE ACTION. YOU WAIVE YOUR RIGHT TO PARTICIPATE IN A CLASS ACTION LAWSUIT OR CLASS-WIDE ARBITRATION.

22.4. This Policy shall be governed by and construed in accordance with the laws of the Commonwealth of Massachusetts, without regard to its conflict of laws principles.

23. Changes to This Policy

23.1. We reserve the right to modify, amend, update, or replace this Policy at any time, in our sole and absolute discretion. Changes will be effective immediately upon posting of the revised Policy on the Platform or our website.

23.2. We may, but are not obligated to, notify you of material changes to this Policy via email, in-app notification, or other means. It is your sole responsibility to review this Policy periodically.

23.3. Your continued use of the Platform after any changes to this Policy constitutes your acceptance of and agreement to the revised Policy.

24. Severability

If any provision of this Policy is found to be unlawful, void, or unenforceable by a court of competent jurisdiction, that provision shall be deemed severable from this Policy and shall not affect the validity and enforceability of the remaining provisions. The unenforceable provision shall be modified to the minimum extent necessary to make it enforceable while preserving the original intent of the parties.

25. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you may contact us at: