Your privacy matters to us. This policy explains what we collect, why we collect it, how we use it, and what rights you have.

Last updated: April 22, 2026

1. Who We Are

Healthcare Discovery AI is operated by Healthcare Discovery, LLC (“we”, “us”, “our”), a limited liability company organized in the United States. Our website is located at https://healthcarediscovery.ai. For the purposes of the European General Data Protection Regulation (GDPR) and the United Kingdom Data Protection Act, Healthcare Discovery, LLC is the data controller for personal information collected through this website.

2. Scope of This Policy

This Privacy Policy applies to personal information we collect through healthcarediscovery.ai, our newsletters, our AI wellness coach (branded as Zach Roberts), any forms you submit to us, and any other services we provide that link to this policy. It does not apply to third-party websites that we link to, which have their own privacy policies.

3. Information We Collect

3.1 Information You Provide Directly

We collect personal information when you voluntarily provide it, including:

  • Newsletter signups: your name and email address when you subscribe to the Daily Discovery Brief or any other newsletter we publish.
  • Contact forms and emails: your name, email address, and the content of any message you send us.
  • AI wellness coach conversations: the messages you send to our AI coach, plus the name and email address you provide when registering to continue a conversation beyond the free preview.
  • Comments: if you submit a comment on an article, we collect your name, email address, and the comment content. Your IP address and browser user agent string are collected to help detect spam.
  • Optional profile information: any additional information you choose to provide when personalizing your experience, such as wellness goals or areas of interest.

3.2 Information Collected Automatically

When you visit the site, we automatically collect certain information through cookies and similar technologies:

  • Log data: your IP address, browser type and version, operating system, referring URL, pages visited, time and date of your visit, time spent on pages, and other diagnostic data.
  • Device data: device type, screen resolution, and language preferences.
  • Analytics data: aggregated information about how visitors use the site, collected through web analytics services such as Google Analytics.
  • Cookies: small data files stored on your device. See the Cookies section below.

3.3 Information From Third Parties

If you sign in or interact with us through a social media account or third-party service, we may receive information from that service in accordance with your settings on that service.

4. How We Use Your Information

We use personal information for the following purposes:

  • To deliver our newsletter and other content you have requested.
  • To operate the AI wellness coach and personalize its responses based on the conversation history you provide.
  • To respond to your inquiries, correct editorial errors you flag, and provide customer support.
  • To improve the site, our content, and our products based on how readers use them.
  • To protect against fraud, spam, abuse, and unauthorized access.
  • To comply with legal obligations, including tax, accounting, and regulatory requirements.
  • With your consent, to send you marketing communications about new features or offerings. You can opt out of marketing at any time.

5. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, our legal bases for processing your personal data are:

  • Consent: where you have given us explicit consent, such as subscribing to a newsletter or opting into marketing.
  • Contract: where processing is necessary to provide a service you have requested, such as responding to a contact form or continuing an AI coach conversation.
  • Legitimate interests: where we have a legitimate business interest that is not overridden by your rights, such as improving the site, preventing fraud, and maintaining security.
  • Legal obligation: where we are required by law to process certain information.

6. How We Share Information

We do not sell personal information. We share information only in the following circumstances:

6.1 Service Providers

We share information with third-party service providers who help us run the site and our services. These include:

  • Hosting and infrastructure: our web host, content delivery network, and database providers, who process data on our behalf to deliver the site.
  • Email delivery: our email service providers for delivering newsletters and transactional email.
  • Analytics: providers such as Google Analytics that help us understand aggregate site usage.
  • AI inference: our AI wellness coach routes conversations through API providers, including OpenRouter and the underlying model providers (Google and Anthropic) for inference. These providers process conversation content solely to generate responses and in accordance with their own contractual and privacy commitments to us. We have selected providers with strong data handling practices and do not authorize them to use your conversations to train their public models.
  • Customer relationship management: a CRM platform for managing subscriber communications and nurture sequences.
  • Security and fraud prevention: services that help us protect the site against attack and abuse.

These service providers are bound by contractual obligations to protect your information and to use it only for the purposes we authorize.

6.2 Legal and Safety

We may disclose information if required by law, subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, to investigate fraud, or to respond to a government request.

6.3 Business Transfers

If we are involved in a merger, acquisition, reorganization, bankruptcy, or sale of all or part of our assets, your information may be transferred as part of that transaction. We will provide notice before your information is subject to a different privacy policy.

6.4 With Your Consent

We may share information with third parties when you have given us explicit consent to do so.

7. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

  • Essential cookies: required for the site to function, such as session cookies that keep you logged in.
  • Preference cookies: remember your preferences, such as language.
  • Analytics cookies: collect aggregate data about site usage to help us improve content and performance.
  • Marketing cookies: where applicable, measure the performance of marketing campaigns. We only set marketing cookies with your consent where required by law.

Most web browsers let you control cookies through their settings. You can delete existing cookies, block new cookies, or set your browser to alert you when a site attempts to place a cookie. Blocking cookies may affect the functionality of this site.

8. Your Privacy Rights

8.1 Rights Under GDPR and UK Data Protection Law

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights regarding your personal information:

  • Right of access: request a copy of the personal information we hold about you.
  • Right to rectification: request correction of inaccurate or incomplete information.
  • Right to erasure: request deletion of your personal information, subject to certain legal exceptions.
  • Right to restrict processing: request that we stop or restrict processing under certain circumstances.
  • Right to data portability: request a copy of your information in a structured, machine-readable format.
  • Right to object: object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, withdraw that consent at any time.
  • Right to lodge a complaint: file a complaint with a supervisory authority if you believe we have violated your rights.

8.2 Rights Under the California Consumer Privacy Act

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) give you additional rights:

  • Right to know: what personal information we collect, the sources, the purposes, and the categories of third parties we share it with.
  • Right to delete: request deletion of personal information we have collected, subject to exceptions.
  • Right to correct: request correction of inaccurate personal information.
  • Right to opt out of sale or sharing: we do not sell personal information, and we do not share personal information for cross-context behavioral advertising.
  • Right to limit use of sensitive personal information: where applicable.
  • Right to non-discrimination: we will not discriminate against you for exercising any of these rights.

8.3 Rights Under Other State Laws

Residents of other United States states with comprehensive privacy laws, including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and others, have similar rights to access, correct, delete, and opt out of certain processing. We honor these rights in line with applicable law.

8.4 Exercising Your Rights

To exercise any of these rights, email privacy@healthcarediscovery.ai with your request. We may need to verify your identity before responding. We will respond within the time frame required by applicable law, typically within 30 to 45 days, and we will not charge you for exercising your rights except where permitted by law.

9. Children’s Privacy

Healthcare Discovery AI is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and you believe your child has provided us with personal information, please contact us at privacy@healthcarediscovery.ai and we will promptly delete the information. For United States users, we comply with the Children’s Online Privacy Protection Act (COPPA), which imposes specific protections for children under 13.

10. Data Retention

We retain personal information only as long as necessary to fulfill the purposes described in this policy, to comply with legal obligations, to resolve disputes, and to enforce our agreements. Specifically:

  • Newsletter subscriber data is retained until you unsubscribe and request deletion.
  • AI wellness coach conversation history is retained while your account is active and for a limited period afterward to improve the service and comply with legal requirements.
  • Contact form submissions are retained long enough to resolve your inquiry, typically no more than 24 months.
  • Analytics data is retained in aggregated form for up to 26 months.
  • Comment submissions and their associated metadata are retained to maintain the integrity of public comment threads, unless you request deletion.

11. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information, including encryption of data in transit, access controls, and regular security reviews. No method of transmission over the internet or electronic storage is 100 percent secure, and we cannot guarantee absolute security. If we learn of a security incident that affects your information, we will notify you as required by law.

12. International Data Transfers

Healthcare Discovery, LLC is based in the United States. If you access our site or services from outside the United States, your information will be transferred to, stored, and processed in the United States and potentially in other countries where our service providers operate. These countries may have data protection laws different from those in your country. By using our site, you acknowledge this transfer. Where required by law, we use Standard Contractual Clauses or other lawful transfer mechanisms to protect your information during international transfers.

13. Do Not Track

Some browsers transmit Do Not Track signals. Because there is no common industry standard for responding to these signals, we do not currently respond to Do Not Track browser signals. We honor specific opt-outs described in this policy regardless of any Do Not Track signal.

14. Third-Party Links

Our content and emails may link to third-party websites, products, or services that we do not control. This Privacy Policy does not apply to those third parties. Please review the privacy policies of any third-party site you visit.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Last updated” date at the top of this policy, and where appropriate we will notify you via email or a prominent notice on the site.

16. Contact Us

For questions about this Privacy Policy, to exercise your rights, or to submit a privacy-related complaint, contact us at:

Healthcare Discovery, LLC
Privacy Office
Phoenix, Arizona
United States
Email: privacy@healthcarediscovery.ai

If you are in the European Economic Area or the United Kingdom and are unable to resolve a privacy concern with us directly, you have the right to lodge a complaint with your local data protection supervisory authority.