Privacy Policy

Effective date: 17 December 2025

This Privacy Policy explains how Rhazes AI Ltd ("Rhazes", "we", "us", or "our") collects, uses, and protects personal data when you visit www.rhazes.ai (the "Website").

This policy applies only to the public Rhazes website. It does not apply to the Rhazes Clinician platform or any other Rhazes products or services, which are governed by separate privacy notices and contractual agreements.

1. Who We Are

Controller: Rhazes AI Ltd
Registered in England and Wales
Website: https://www.rhazes.ai
Contact email: contact@rhazes.ai

Rhazes AI Ltd is the data controller responsible for personal data collected via the Website.

2. Personal Data We Collect

We collect limited personal data through the Website:

2.1 Information You Provide

When you use the contact form or otherwise contact us, we may collect:

  • Name

  • Email address

  • Organisation and role (if provided)

  • Message content and any information you choose to share

You should not submit sensitive personal data or patient data via the Website.

2.2 Automatically Collected Data (Google Analytics)

We use Google Analytics across the Website to collect information about how visitors use the site.

This includes:

  • IP address (processed and stored by Google)

  • Device and browser type

  • Operating system

  • Pages visited, time spent, and navigation paths

  • Referring URLs

  • Approximate location (country / city level)

This data is collected via cookies and similar technologies.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To respond to enquiries submitted via the contact form

  • To communicate with you about Rhazes and its products or services

  • To understand how visitors use the Website

  • To improve Website performance, content, and user experience

  • To maintain Website security and prevent misuse

We do not sell personal data collected via the Website.

4. Legal Bases for Processing (UK GDPR / GDPR)

We rely on the following legal bases:

  • Legitimate interests: operating, securing, and improving our Website; responding to business enquiries; analytics and measurement

  • Consent: where required for cookies and analytics under applicable law

  • Contractual steps: where you contact us in connection with potential business relationships

5. Cookies and Analytics

5.1 Google Analytics

We use Google Analytics to analyse Website usage.

Google Analytics uses cookies and similar technologies to collect usage information and generate reports on Website activity. Google may process this data on servers outside the UK or EEA.

We use Google Analytics for:

  • Audience measurement

  • Website optimisation

  • Performance monitoring

You can learn more about how Google processes data here:
https://policies.google.com/privacy

5.2 Managing Cookies

You can control or disable cookies via:

  • Your browser settings

  • Any cookie consent tools provided on the Website (if applicable)

Disabling cookies may affect Website functionality.

6. Data Sharing

We may share personal data with trusted third parties only where necessary, including:

  • Website hosting and infrastructure providers

  • Analytics providers (Google)

  • Professional advisers (legal, accounting)

All third parties are required to protect personal data and process it only on our instructions or under their own lawful obligations.

7. International Data Transfers

Some service providers (including Google) may process data outside the UK or EEA.

Where this occurs, we rely on appropriate safeguards, such as:

  • UK International Data Transfer Addendum

  • Standard Contractual Clauses

  • Adequacy decisions where applicable

8. Data Retention

We retain personal data only for as long as necessary:

  • Contact enquiries: retained as needed to manage communications and business relationships

  • Analytics data: retained according to Google Analytics retention settings

We periodically review and delete data that is no longer required.

9. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • Secure hosting infrastructure

  • Access controls

  • Encryption in transit where applicable

However, no website or transmission method is completely secure.

10. Your Rights

Depending on your location, you may have rights including:

  • Access to your personal data

  • Correction of inaccurate data

  • Deletion of personal data

  • Restriction or objection to processing

  • Data portability

  • Withdrawal of consent (where applicable)

To exercise your rights, contact contact@rhazes.ai.

You also have the right to lodge a complaint with your local data protection authority, including the UK Information Commissioner’s Office (ICO).

11. Children

The Website is not directed at children. We do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date.

13. Contact

If you have questions about this Privacy Policy or our data practices, contact:

Rhazes AI Ltd
Email: contact@rhazes.ai
Website: www.rhazes.ai

‹ Terms of Service