Privacy Policy
Last updated: 2026-05-18
⚠️ This page is a pre-launch draft. Legal review by counsel is required before publication. Apple App Privacy and Google Play Data Safety entries must match this page exactly at submission time.
1. Operator information
| Item | Detail |
|---|---|
| Operator | crealize.llc |
| Representative | CHEN Yi (Representative Member, Crealize LLC) |
| Address | Han’ei Building 402, 3-8-4 Ryūsen, Taitō-ku, Tokyo 110-0012, Japan |
| Contact | support@mairi.health |
2. Information we collect
- Email address, user ID (OAuth subject or anonymous ID)
- Payment-related metadata (handled by Apple, Google, or Stripe — Mairi never stores card numbers)
- Vital and medication data synced from HealthKit / Google Fit (used solely for the patient’s own PHR display, never sold or shared)
- Device information, IP address, cookies and local storage
- Free-text answers entered during AI symptom check
3. Purposes of use
- Storing and displaying your Personal Health Record (PHR)
- Personalising AI symptom-check responses
- Generating the visit-prep QR code
- Aggregate, anonymised statistics to improve the service
- Important notices and incident communications
- Legal compliance
4. Sharing with third parties
We do not share personal data with third parties as a rule. Exceptions, only with your explicit consent:
- Online-consultation handoffs (Phase 1.5+, e.g. CLINICS / LX Doctor)
- Disclosure required by law (court orders, etc.)
5. International transfers
For operational reasons, personal data may transit servers operated by the following providers:
- Cloudflare Workers (US / global edge)
- Google AI Studio (US, AI symptom-check processing)
- Anthropic API (US, fallback AI)
- Apple App Store / Google Play (US, payment processing)
All transfers are governed by GDPR / APPI standard contractual clauses or equivalent safeguards.
6. Safeguards
- TLS 1.3 in transit
- AES-256-GCM at rest
- Access logs and audit trails retained
- Multi-factor authentication for administrators
- Regular security audits
7. Access, correction, deletion
You may request:
- Disclosure of your data (exported as FHIR / CSV / PDF)
- Correction or deletion
- Suspension of use
Send requests to support@mairi.health. We respond within 30 days after identity verification.
8. HealthKit data handling (Apple alignment)
- HealthKit data is used solely for displaying your own PHR.
- Never used for advertising.
- Never sold to third parties.
- This page mirrors the Apple App Privacy data-collection disclosure exactly.
9. Inquiries and complaints
| Channel | Contact |
|---|---|
| Personal Information Protection Manager | support@mairi.health (subject: “Privacy”) |
| Complaints | support@mairi.health |
| Japan PPC | https://www.ppc.go.jp/en/ |
10. Updates
We may update this policy. We will announce updates on this page and surface material changes inside the app.
Mairi is not a medical device (SaMD under Japan's PMD Act). Consult a licensed clinician for diagnosis, treatment, or prescription.