← Back to Satya

Satya

Privacy Policy

Last updated: May 2026

About Satya

Satya is an AI-powered health information assistant. It helps you have conversations about health topics. Satya does not replace professional medical care and should not be used for medical emergencies.

1. Information we collect

  • Account information: Name, email, password (hashed), language, age, and (if you choose) gender. Age and gender help us tailor health information (e.g. dosages, risk factors).
  • Health-related inputs: Messages, voice recordings and transcripts, uploaded documents, and care preferences you choose to share.
  • Subscription & billing: If you subscribe to Premium, we store your Stripe customer ID, subscription ID, plan, status, and renewal date. We do not store card numbers, CVV, or full payment details — those are held by Stripe.
  • Usage counters: Daily counts of chat messages, TTS playbacks, voice minutes, and file uploads (used to enforce plan limits).
  • Device & technical data: Model, OS, app version, basic crash logs, and IP address (for abuse prevention).
  • How we protect identity: Before sending data to our AI provider (Microsoft Azure), we remove direct identifiers (name, email, phone, date of birth) and use placeholders. Age and gender are kept so responses can be tailored safely.

2. How we use your information

  • To generate helpful health information and answers.
  • To personalize your experience (language, age-appropriate guidance, saved preferences).
  • To enforce daily plan limits and bill subscriptions.
  • To keep your account secure and prevent misuse.
  • To respond to support requests and improve the app.

3. AI processing

We use Microsoft Azure OpenAI to power the assistant and Microsoft Azure Speech / Sarvam AI for voice features. Data is processed in line with our agreements with these providers (including HIPAA-ready terms with Microsoft where applicable). Data is used only to generate your responses and is not used to train general-purpose models.

4. Subscriptions & payment processing

Satya Premium is billed by Stripe. We never see or store your card details — your card data is collected by Stripe’s hosted checkout and is subject to Stripe’s privacy policy (stripe.com/privacy). Stripe may use the data it collects to process payments, prevent fraud, and meet regulatory obligations.

From Stripe we receive: subscription status, renewal date, last 4 digits of the card (for display only), and country/postal code (for tax). We do not receive the full card number.

5. Data sharing

We do not sell your data. We may share data only:

  • With trusted service providers that help us run the app: Microsoft Azure (hosting, AI), Stripe (billing), LiveKit (voice transport), Azure Speech / Sarvam (TTS).
  • When required by law (e.g. court order, regulator request).
  • With your consent.

6. Data security

  • In transit: TLS 1.2+ for every API request.
  • At rest: column-level AES-128 (Fernet) over medications, health conditions, care preferences, chat content, voice transcripts, and uploaded health files. Azure SQL adds Transparent Data Encryption (TDE) at the storage layer.
  • Passwords: hashed with Argon2id (memory-hard, GPU-resistant). We never store or transmit your plaintext password.
  • Mobile tokens: stored in iOS Keychain / Android EncryptedSharedPreferences.
  • Audit log: every PHI access is recorded per HIPAA 45 CFR 164.312(b).
  • Billing: Stripe (PCI-DSS Level 1). We never see your card data.
  • Access control: Limited to authorized staff and service accounts under role-based controls.

7. Data retention

  • Chat history: Premium users keep full history. Free users see the last 7 days in their sidebar; older sessions remain in our database but are not surfaced unless you upgrade.
  • Voice transcripts: Stored for the lifetime of your account. Audio recordings are deleted after transcription (within minutes).
  • Account data: Stored until you delete your account. After deletion, data is removed within 30 days except where retention is required by law (e.g. tax records of past payments).
  • Subscription records: Past invoices are retained by Stripe per their policy and applicable tax law.

8. Your rights

  • Access, update, or delete your account from in-app settings.
  • Request a data export by emailing support.
  • Cancel your Premium subscription at any time via “Manage subscription” in your profile (opens Stripe Customer Portal).
  • Withdraw consent for non-essential processing.
  • If you are in the EU/UK, you have additional rights under the GDPR (right to object, restrict, port). Contact us to exercise them.

9. Children

Satya is not intended for users under 16. We do not knowingly collect data from children under 16. If you believe a child has signed up, contact support and we will delete the account.

10. Changes to this policy

We may update this policy. Material changes will be notified in-app or by email. The “Last updated” date at the top reflects the most recent revision.

11. Contact

Email: support@satya-ai.com