Last updated: March 6, 2026
Allebor Health, LLC ("Allebor," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our website and services at allebor.com (the "Service").
By using the Service, you consent to the data practices described in this policy. If you do not agree, please discontinue use of the Service.
When you use Allebor, you may voluntarily provide:
Account Information: Name, email address, and password when you create an account.
Health Information: Symptoms, medical history, medications, allergies, family history, and other health-related information you share during AI conversations or enter in your health profile.
Payment Information: Billing details processed securely through Stripe. We do not store your full credit card number on our servers.
Usage Data: Pages visited, features used, conversation counts, and timestamps.
Device Information: Browser type, operating system, device type, and IP address.
We use your information to:
Provide the Service: Conduct AI health conversations, generate visit summaries, and maintain your health profile.
Improve the Service: Analyze usage patterns to enhance features and user experience. We do not use your individual health conversations to train AI models.
Process Payments: Manage subscriptions and billing through Stripe.
Communicate: Send service-related emails including account verification, subscription confirmations, and important updates.
Ensure Safety: Detect emergency symptoms and direct users to appropriate emergency services.
We implement industry-standard security measures including:
Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
Access Controls: Row Level Security (RLS) ensures users can only access their own data. Administrative access is restricted and logged.
Secure Infrastructure: We use trusted cloud providers with SOC 2 compliance for data hosting and processing.
Payment Security: All payment processing is handled by Stripe, which is PCI DSS Level 1 certified.
We do not sell your personal or health information.
We may share information with:
Service Providers: Trusted third parties that help us operate the Service (e.g., Supabase for database hosting, Stripe for payments, Anthropic for AI processing, Resend for email delivery). These providers are contractually obligated to protect your data.
Legal Requirements: When required by law, regulation, legal process, or governmental request.
Safety: When we believe disclosure is necessary to protect the safety of our users or the public.
Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
Your health conversations are processed by AI models provided by Anthropic to generate responses and visit summaries. We do not use your individual conversations to train or fine-tune AI models. Conversation data sent to AI providers is processed in real-time and not retained by the AI provider beyond the immediate request.
Access: You can access your health profile, conversation history, and visit summaries through your account at any time.
Correction: You can update your account and health profile information at any time through the Service.
Deletion: You may request deletion of your account and all associated data by emailing support@allebor.com. We will process deletion requests within 30 days.
Data Export: You can download your visit summaries at any time through the Service.
If you are a California resident, you have the right to: (a) know what personal information we collect about you; (b) request deletion of your personal information; (c) opt out of the sale of your personal information (we do not sell personal information); and (d) not be discriminated against for exercising your privacy rights.
To exercise these rights, contact us at support@allebor.com.
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at support@allebor.com and we will delete such information.
We retain your account information and health data for as long as your account is active. Conversation data and visit summaries are retained until you request deletion. If you delete your account, we will remove your data within 30 days, except where retention is required by law.
We use essential cookies to maintain your session and authentication state. We do not use advertising cookies or third-party tracking pixels. We do not sell data to advertisers.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.
If you have questions about this Privacy Policy or our data practices, contact us at:
Allebor Health, LLC
Email: support@allebor.com
Website: allebor.com