AIMPILO™ PRIVACY POLICY

Last Updated: February 12, 2026

This Privacy Policy describes how Aimpilo™, Inc. (“Aimpilo™,” “Company,” “we,” “us,” or “our”) collects, uses, discloses, and protects information when you access or use the Aimpilo™ platform, including any websites, mobile applications, features, tools, and related services (collectively, the “Services”).

This Privacy Policy is incorporated by reference into the Aimpilo™ Terms of Service. By accessing or using the Services, you acknowledge that you have read and understand this Privacy Policy.

1. IMPORTANT NOTICE REGARDING HEALTH INFORMATION

Aimpilo™ is a consumer-facing, non-clinical personal health information organization platform. Aimpilo™ is not a healthcare provider, is not a covered entity or business associate under the Health Insurance Portability and Accountability Act (“HIPAA”), and does not provide medical advice, diagnosis, or treatment.

Information you choose to store in the Services may include health-related information. Such information is handled in accordance with this Privacy Policy and applicable consumer privacy laws, not HIPAA, unless otherwise expressly agreed in writing.

2. INFORMATION WE COLLECT

2.1 Information You Provide Voluntarily

We collect information that you voluntarily submit or make available in connection with your use of the Services, including:

  • Account Information: such as your name, email address, account identifiers, authentication credentials, and other information necessary to create and manage your account, whether you are a primary account holder or an Authorized Viewer.
  • Profile and Preference Information: including settings, preferences, and any optional demographic or descriptive information you choose to provide.
  • User Content: including notes, documents, files, text, images, audio recordings, transcriptions, summaries, health-related information, and other materials you submit, upload, transmit, store, or otherwise make available through the Services.
  • Communications: including emails, support inquiries, feedback, and other communications you send to us.
  • Payment and Transaction Information: limited billing and transaction details necessary to process payments through third-party payment processors. Aimpilo™ does not store full payment card numbers or sensitive payment authentication data.

2.2 AI Scribe and Recording-Related Information

If you elect to use AI-enabled features, including the AI Scribe, we may process information you choose to provide, including:

  • Audio recordings that you upload or record through the Services;
  • Transcriptions, summaries, and organizational outputs generated from such recordings; and
  • Associated metadata, such as timestamps, duration, and technical identifiers.

You acknowledge and agree that you are solely responsible for determining whether recording or uploading conversations is lawful in your jurisdiction and for obtaining all required consents, authorizations, and permissions prior to recording or submission.

2.3 Information Relating to Minors (Provided by Adult Users)

The Services may be used by adult users to organize and manage information relating to minors for whom the adult user is a parent, legal guardian, or otherwise authorized caregiver.

  • Aimpilo™ does not knowingly collect personal information directly from minors.
  • Any information relating to a minor is submitted and managed exclusively through an adult user’s account.
  • The adult user is solely responsible for compliance with applicable laws governing the collection, use, and sharing of minors’ information.

Aimpilo™ does not independently verify parental or guardian status and does not establish a direct relationship with minors.

2.4 Information Collected Automatically

When you access or use the Services, we may automatically collect certain technical and usage information, including:

  • Device and browser information (such as device type, operating system, and browser type);
  • Internet protocol (IP) address and approximate geographic location.
  • Usage and interaction data (such as features accessed, session duration, and interaction patterns); and
  • Log files, error reports, and diagnostic or performance data. This information is collected through cookies and similar technologies and is used to operate, secure, analyze, and improve the Services.

3. HOW WE USE INFORMATION

We use information collected through the Services for legitimate business and operational purposes, including to:

  • Provide and Operate the Services: to make the Services available, maintain functionality, ensure reliability, and perform internal operations necessary to deliver the Services.
  • Create and Administer Accounts: to establish, authenticate, manage, and support user accounts and account-related features.
  • Enable AI-Powered Features: to process User Content and generate AI Outputs at your direction, including through AI-enabled organizational, transcription, and summarization tools.
  • Process Transactions: to facilitate payments, manage subscriptions, process refunds where applicable, and administer billing-related functions through authorized payment processors.
  • Communicate with Users: to respond to inquiries, provide customer support, deliver service-related notices, and communicate regarding account status, updates, or changes to the Services.
  • Improve and Develop the Services: to analyze usage trends, evaluate performance, troubleshoot issues, and enhance functionality, usability, and user experience.
  • Protect Security and Integrity: to detect, investigate, prevent, and respond to fraud, misuse, unauthorized activity, security incidents, or violations of our Terms or applicable law.
  • Comply with Legal and Regulatory Obligations: to comply with applicable laws, regulations, legal processes, and governmental requests, and to enforce our Terms and other agreements.

We do not use information for purposes that are materially inconsistent with those described in this Privacy Policy without providing notice or obtaining consent where required by law.

3.1 Commercial Use of De-identified and Aggregated Data

We may de-identify and/or aggregate User Content and other information so that it can no longer reasonably be used to identify you. We reserve the right to use, license, and disclose such de-identified and/or aggregated data for any lawful commercial purpose, including but not limited to:

  • Market Research & Analytics: Providing insights into population health trends, wellness patterns, and technology usage within the health tech sector.
  • Product Benchmarking: Helping third-party partners compare health metrics and organizational efficiency against industry standards.
  • Strategic Partnerships: Collaborating with healthcare and technology organizations to develop new tools, features, or services.

We maintain such data in de-identified form and will not attempt to re-identify the information except as permitted by law. We require any third-party recipients of such data to agree to similar non-re-identification and security obligations.

4. COOKIES AND SIMILAR TECHNOLOGIES

4.1 Cookies and Tracking Technologies We Use

Aimpilo™ uses cookies and similar tracking technologies, including pixels, web beacons, local storage objects, software development kits (“SDKs”), and comparable technologies (collectively, “Cookies”), to operate, maintain, and improve the Services.

Cookies are small data files placed on your device that enable the Services to recognize your browser or device, remember certain information, and collect data regarding usage of the Services, including interactions, preferences, and technical activity.

The Services may utilize the following categories of Cookies:

  • Strictly Necessary Cookies: Cookies that are essential to enable core functionality of the Services, including user authentication, session management, security features, and prevention of fraudulent or unauthorized activity. These Cookies are required for the Services to function properly.
  • Functional Cookies: Cookies that allow the Services to remember your preferences and settings, such as language selection or display preferences, to enhance usability and provide a more personalized experience.
  • Analytics Cookies: Cookies that collect aggregated and de-identified information about how users interact with the Services, including pages viewed, features used, and performance metrics, to help us analyze usage patterns and improve the functionality and performance of the Services.
  • Security Cookies: Cookies used to support security-related functions, including detection of suspicious activity, protection against abuse, and safeguarding of user accounts and data.
  • At this time, Aimpilo™ does not use Cookies for targeted advertising, cross-context behavioral advertising, or the sale or sharing of personal information for advertising purposes.

4.2 Cookie Consent and User Controls

Where required by applicable law, Aimpilo™ will obtain your consent prior to placing cookies or similar tracking technologies on your device that are not strictly necessary to operate the Services. Such consent may be obtained through a cookie banner, preference center, or other consent mechanism made available through the Services.

You may control or limit the use of cookies through your browser or device settings, or through any cookie-management tools provided within the Services. Please note that blocking or disabling certain cookies may impair the functionality, performance, or availability of some features of the Services, including account access and personalization features.

Your cookie preferences may need to be reset if you clear cookies or access the Services from a different browser or device.

4.3 Do Not Track Signals

Some web browsers transmit “Do Not Track” (“DNT”) signals to websites and online services. Because there is currently no industry-standard definition or regulatory framework governing how DNT signals should be interpreted, the Services do not respond to or honor Do Not Track signals at this time.

We will continue to monitor developments regarding DNT standards and may update our practices if a uniform standard is adopted.

5. AI AND AUTOMATED PROCESSING

Certain features of the Services utilize artificial intelligence and automated processing technologies to generate outputs based on User Content that you elect to submit, upload, or make available through the Services (“AI Outputs”).

AI Outputs are generated through automated, probabilistic processes and you acknowledge and agree that:

  • AI Outputs are provided solely for informational, educational and organizational purposes;
  • AI Outputs are not reviewed, verified, validated, or approved by human reviewers prior to delivery;
  • AI Outputs may be inaccurate, incomplete, outdated, misleading, or taken out of context; and
  • Aimpilo™ makes no representations or warranties regarding the accuracy, completeness, reliability, timeliness, or suitability of any AI Output for any purpose.

You assume all risk associated with reliance on AI Outputs, and AI Outputs must not be used as a substitute for professional judgment, including medical, legal, financial, or other regulated professional advice.

5.1 Model Improvement and Training

To the extent Aimpilo™ uses information to evaluate, improve, maintain, or develop AI-enabled features, such use will be conducted in accordance with this Privacy Policy and any additional disclosures required by applicable law.

Aimpilo™ does not sell User Content or personal information for artificial intelligence or machine learning training purposes. Any internal use of information for model improvement, if applicable, is intended solely to enhance the functionality, performance, and reliability of the Services and does not alter the non-clinical, non-diagnostic nature of the Services.

6. HOW WE SHARE INFORMATION

Aimpilo™ does not sell personal information. We may disclose information only as described below and in accordance with this Privacy Policy.

6.1 Service Providers and Commercial Partners

We may share information with third-party vendors, contractors, and service providers that perform services on our behalf, such as cloud hosting, data storage, analytics, customer support, communications, and payment processing, and commercial partners who receive de-identified data.

Such third parties are authorized to access information solely as necessary to perform services for Aimpilo™ or as otherwise permitted under this Privacy Policy, and are subject to contractual obligations requiring confidentiality, data protection, and appropriate security safeguards

6.2 Authorized Viewers (Caregivers and Family Members)

We may share information with Authorized Viewers only when and to the extent you direct us to do so through the Services. Because Authorized Viewers must maintain their own Account and are bound by the Terms of Service as Users, their access and use of shared information are subject to the same privacy and conduct obligations as a primary User. Aimpilo™ does not control, monitor, or supervise how Authorized Viewers interpret or use shared information beyond the technical permissions you establish.

6.3 Legal, Safety, and Compliance Disclosures

  • We may disclose information where we reasonably believe disclosure is necessary to:
  • Comply with applicable law, regulation, legal process, subpoena, court order, or governmental request;
  • Enforce our Terms of Service or other agreements;
  • Protect the rights, property, safety, or security of Aimpilo™, our users, Authorized Viewers, or others; or
  • Detect, prevent, investigate, or address fraud, misuse, security incidents, or technical issues.

6.4 Business Transactions and Corporate Changes

We may disclose or transfer information in connection with a corporate transaction, including a financing, merger, acquisition, reorganization, bankruptcy, dissolution, or sale of all or substantially all of Aimpilo’s assets. In such events, information may be transferred as part of the transaction, subject to applicable law and appropriate confidentiality protections.

7. TEXT AND SMS COMMUNICATIONS (PLANNED)

Aimpilo™ may, in the future, offer users the option to receive text message or short message service (“SMS”) communications in connection with the Services, including account-related alerts, security notifications, authentication messages, service updates, or other operational or informational messages.

Participation in SMS communications will be voluntary and opt-in only. Prior to enrollment, Aimpilo™ will provide additional disclosures describing the nature, frequency, and purpose of such messages, as required by applicable law.

You acknowledge and agree that:

  • Enrollment in SMS communications will require your affirmative consent, which may be obtained through the Services or other permitted means;
  • Message frequency may vary depending on account activity and service-related events;
  • Message and data rates may apply, as determined by your mobile carrier;
  • Consent to receive SMS messages is not a condition of purchase or use of the Services; and
  • You may withdraw your consent and opt out of SMS communications at any time by following the instructions provided in the message or through the Services.

Aimpilo™ does not guarantee the availability, timeliness, or delivery of SMS messages and disclaims liability for delays, delivery failures, or errors attributable to mobile carriers, third-party messaging providers, or factors outside Aimpilo’s reasonable control.

SMS communications, if offered, are intended for convenience and informational purposes only and do not replace required notices provided through other means.

8. DATA RETENTION

Aimpilo™ retains personal information and User Content only for as long as reasonably necessary to fulfill the purposes for which the information was collected or processed, including to:

  • Provide, operate, maintain, and improve the Services;
  • Create and manage user Accounts and deliver requested features;
  • Comply with applicable legal, regulatory, accounting, or reporting obligations;
  • Resolve disputes, investigate or prevent fraud or misuse, and enforce agreements;
  • Protect the security and integrity of the Services, including through the maintenance of logs, backups, and audit records consistent with standard industry practices.

Retention periods may vary depending on the nature of the information, the context in which it was collected, applicable legal requirements, and operational needs.

You may delete certain User Content through available account controls or by contacting us, subject to applicable legal or contractual retention obligations. Please note that deleted information may persist for a limited period in backups or archival systems maintained for security, compliance, disaster recovery, or business continuity purposes, and will be securely deleted or anonymized in accordance with our retention practices once no longer required.

8.1 Retention of De-identified Data

Notwithstanding Section 8, Aimpilo™ may retain, use, and disclose de-identified and aggregated data indefinitely for the commercial and operational purposes described in Section 3.1. Because de-identified data does not constitute personal information, the deletion of your Account or personal information will not result in the deletion of data that has already been de-identified prior to the processing of your request

9. DATA SECURITY

Aimpilo™ maintains commercially reasonable administrative, technical, and physical safeguards designed to protect personal information and User Content against unauthorized access, acquisition, disclosure, alteration, or destruction.

These safeguards are implemented in accordance with industry-recognized security practices and are intended to provide a level of protection appropriate to the nature of the information and the risks presented by processing activities. Such measures may include access controls, encryption, monitoring, and security policies and procedures, as appropriate.

You acknowledge and agree that no data transmission, storage system, or security measure can be guaranteed to be completely secure. Accordingly, Aimpilo™ cannot and does not guarantee the absolute security of information and disclaims liability for unauthorized access, disclosure, loss, or misuse resulting from circumstances beyond Aimpilo’s reasonable control, including acts of third parties, cyberattacks, or other unforeseen events.

You are responsible for safeguarding your account credentials and for taking reasonable steps to prevent unauthorized access to your account. Any compromise of your credentials may result in unauthorized access to your information, for which Aimpilo™ shall not be responsible to the extent permitted by law.

10. YOUR PRIVACY RIGHTS

10.1 U.S. State Privacy Rights

Depending on your state of residence and subject to applicable law, you may have certain rights with respect to your personal information, which may include the right to:

  • Access personal information we maintain about you, including the categories and specific pieces of personal information collected and the purposes for which it is used;
  • Request deletion of personal information, subject to statutory exceptions (such as where retention is required for legal compliance, security, or internal business purposes);
  • Request correction of inaccurate personal information;
  • Limit or restrict certain processing of sensitive personal information, where such rights are provided by law;
  • Opt out of certain disclosures or processing activities, including sales or sharing of personal information for targeted advertising, where applicable (Aimpilo™ does not sell personal information as defined by applicable law);
  • Right to opt-out of de-identification for commercial purposes.
  • Receive information regarding our data practices, including categories of personal information collected, sources, and categories of third parties to whom information is disclosed.
  • Right to opt-out of the use of your personal information for de-identification and subsequent commercial or research purposes, as described in Section 3.1.

To exercise your rights, you or your authorized agent may submit a request by contacting us at contactus@aimpilo.com. We will take reasonable steps to verify your identity and the validity of the request in accordance with applicable law before responding.

We will respond to verifiable consumer requests within the timeframes required by law and will not discriminate against you for exercising your privacy rights. Certain requests may be denied or limited where permitted or required by law, and we will explain the basis for any such decision in our response.

11. THIRD-PARTY LINKS AND SERVICES

The Services may include links to, integrations with, or access to websites, applications, platforms, tools, or services operated or controlled by third parties (“Third-Party Services”).

Such links or integrations are provided solely for your convenience and do not constitute an endorsement, sponsorship, or recommendation by Aimpilo™.

Aimpilo™ does not own, operate, control, or monitor Third-Party Services and is not responsible for their content, availability, functionality, security practices, or privacy policies. Your interactions with Third-Party Services, including the submission of personal information or User Content, are governed by the terms, conditions, and privacy policies of the applicable third party, not by these Terms or Aimpilo’s Privacy Policy.

To the fullest extent permitted by law, Aimpilo™ disclaims all liability arising from or related to your access to or use of any Third-Party Services, including any loss, damage, unauthorized access, or misuse of information attributable to such Third-Party Services. You acknowledge and agree that you access and use Third-Party Services at your own risk

12. CHILDREN’S PRIVACY

The Services are intended for use by adults and are not directed to children under the age of eighteen (18). Aimpilo™ does not knowingly solicit, collect, or process personal information directly from children in their individual capacity.

The Services may, however, be used by adult users—such as parents, legal guardians, or authorized caregivers—to organize, store, or manage information relating to minors under their care. In such cases, any information relating to a minor is provided, controlled, and managed solely through the adult user’s Account, and the adult user represents and warrants that they have the legal authority and all necessary rights and consents to provide such information and to use the Services in this manner.

If Aimpilo™ becomes aware that it has inadvertently collected personal information directly from a child without appropriate authority or consent, Aimpilo™ will take reasonable steps to promptly delete or de-identify such information, consistent with applicable law.

If you believe that personal information relating to a child has been collected or processed in a manner inconsistent with this Section, please contact us at contactus@aimpilo.com so that we may investigate and take appropriate action.

13. INTERNATIONAL USERS

The Services are owned and operated by Aimpilo™ from the United States. If you access or use the Services from outside the United States, you acknowledge and agree that your information, including personal information and User Content, may be transferred to, stored in, and processed within the United States and other jurisdictions where Aimpilo™ or its service providers operate.

Such jurisdictions may have data protection and privacy laws that differ from, and may be less protective than, the laws of your country of residence. By accessing or using the Services, you expressly consent to the transfer, storage, and processing of your information in the United States and in such other jurisdictions in accordance with these Terms and the Privacy Policy.

Aimpilo™ does not represent that the Services are appropriate or available for use in all jurisdictions and does not knowingly target users in jurisdictions where the Services or their use would be prohibited by law. You are solely responsible for complying with all local laws applicable to your access to and use of the Services.

14. CHANGES TO THIS PRIVACY POLICY; STATE-SPECIFIC PRIVACY DISCLOSURES

14.1 Changes to This Privacy Policy

We may revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we do so, we will update the “Last Updated” date at the top of this Privacy Policy.

If we make material changes, we will provide notice in accordance with applicable law, which may include posting a prominent notice through the Services or providing notice by email.

Unless otherwise stated, any updated Privacy Policy will be effective as of the date of posting.

Your continued access to or use of the Services after the effective date of an updated Privacy Policy constitutes your acknowledgment of and agreement to the revised Privacy Policy.

14.2 State-Specific Privacy Disclosures

This section supplements the Privacy Policy and applies solely to residents of U.S. states that have enacted comprehensive consumer privacy laws, including California, Virginia, Colorado, Connecticut, and Texas. Where this section conflicts with any other provision of this Privacy Policy, this section governs for residents of the applicable state.

14.2.1 California Privacy Rights (CCPA / CPRA)

If you are a California resident, you may have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), subject to verification and applicable legal limitations:

  • The right to know the categories and specific pieces of personal information we collect, use, and disclose
  • The right to request deletion of personal information, subject to statutory exceptions
  • The right to correct inaccurate personal information
  • The right to limit the use or disclosure of sensitive personal information, where applicable
  • The right not to receive discriminatory treatment for exercising privacy rights

Categories of Personal Information Collected:

  • Identifiers, internet or network activity information, user-provided content, and other categories of information described in this Privacy Policy.

Sensitive Personal Information:

  • Aimpilo™ does not use sensitive personal information for purposes that require a “Limit the Use” opt-out under the CPRA.

Sale or Sharing of Personal Information:

  • Aimpilo™ does not sell personal information and does not share personal information for cross-context behavioral advertising, as those terms are defined under the CPRA.

14.2.2 Virginia Privacy Rights (VCDPA)

If you are a Virginia resident, you may have the right to:

  • Access your personal data
  • Correct inaccuracies in your personal data
  • Delete personal data
  • Obtain a copy of your personal data in a portable format
  • Opt out of targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects

Aimpilo™ does not sell personal data, engage in targeted advertising, or conduct profiling as defined under the Virginia Consumer Data Protection Act.

14.2.3 Colorado Privacy Rights (CPA)

If you are a Colorado resident, you may have the right to:

  • Access, correct, or delete your personal data
  • Obtain a portable copy of your personal data
  • Opt out of the processing of personal data for targeted advertising, sale, or profiling

Aimpilo™ does not sell personal data and does not process personal data for targeted advertising.

14.2.4 Connecticut Privacy Rights (CTDPA)

If you are a Connecticut resident, you may have the right to:

  • Access your personal data
  • Correct inaccuracies
  • Delete personal data
  • Obtain a copy of personal data
  • Opt out of targeted advertising, sale of personal data, or profiling

Aimpilo™ does not sell personal data and does not engage in targeted advertising or profiling under the Connecticut Data Privacy Act.

14.2.5 Texas Privacy Rights (TDPSA)

If you are a Texas resident, you may have the right to:

  • Confirm whether we process your personal data
  • Access, correct, or delete personal data
  • Obtain a portable copy of personal data
  • Opt out of the sale of personal data or targeted advertising

Aimpilo™ does not sell personal data and does not process personal data for targeted advertising under the Texas Data Privacy and Security Act.

14.3 Exercising State Privacy Rights

To exercise any applicable state privacy rights, you may submit a request by contacting us at contactus@aimpilo.com. We may require verification of your identity before processing a request, consistent with applicable law.

If your request is denied, you may appeal the decision by contacting us using the same method.

We will respond to appeals within the timeframe required by applicable law.

15. CONTACT INFORMATION
Aimpilo, Inc. Email: contactus@aimpilo.com