Legal

Privacy Policy

Last updated: April 6, 2026

1. Information We Collect

KAYU Health (“KAYU,” “we,” “us”) collects information you provide directly when you use our services, including:

  • Account information: name, email, phone number, date of birth, state of residence
  • Health information: symptoms, medical history, current medications, lab results, treatment goals (collected through our quiz, intake forms, and consult sessions)
  • Payment information: processed by Stripe — we do not store credit card numbers
  • Usage data: pages visited, device type, IP address, referring source
  • Consult data: video call recordings (with consent), AI-generated transcripts, clinical notes, protocol recommendations

2. How We Use Your Information

  • To provide and personalize your medical care (protocol development, lab review, prescriptions)
  • To communicate with you about your treatment, appointments, and refills
  • To improve our services and develop new features
  • To comply with legal obligations and healthcare regulations
  • To process payments and manage your subscription

We never sell your personal or health information to advertisers, data brokers, or any third party for marketing purposes.

3. AI and Transcription Disclosure

KAYU uses artificial intelligence to assist with:

  • Real-time transcription of video consults (via Daily.co with Deepgram, HIPAA-compliant)
  • Structured extraction of clinical data from consult transcripts
  • Protocol adjustment recommendations based on labs, symptoms, and medical literature
  • Patient recap generation after provider sign-off

Every AI-generated recommendation is reviewed and approved by a licensed clinician before reaching you. AI assists — it does not prescribe. You may opt out of AI transcription at any time without affecting your care quality.

4. Data Security

Your data is encrypted at rest and in transit. We use HIPAA-compliant infrastructure:

  • Database: Supabase (signed BAA, row-level security, audit logging)
  • Video: Daily.co (signed BAA, encrypted WebRTC)
  • E-prescribing: DoseSpot (HITRUST + SOC 2 Type II certified)
  • Payments: Stripe (PCI DSS Level 1)

5. Your Rights

You have the right to:

  • Access your personal and health information
  • Request correction of inaccurate data
  • Request deletion of your account and data (subject to legal retention requirements)
  • Opt out of AI transcription
  • Receive a copy of your medical records
  • File a complaint with the HHS Office for Civil Rights

6. Contact

For privacy questions or data requests:

KAYU Health
1106 N La Cienega Blvd, Suite 206
West Hollywood, CA 90069
privacy@kayuhealth.com