Qiorazen

Privacy Policy

Last updated: April 14, 2026

1. Information We Collect

  • Account information (email, display name)
  • Wellness screening questionnaire responses
  • Constitution assessment results
  • Questions submitted for wellness guidance
  • Tongue images (if voluntarily uploaded)
  • Usage data (pages visited, features used)

2. How We Use Your Data

  • To provide personalized wellness insights
  • To facilitate wellness advisor review
  • To improve our services (anonymized data only)
  • We NEVER sell personal data to third parties

3. Data Storage & Security

All data is stored on U.S.-based servers, encrypted at rest and in transit (TLS 1.2+). Access is restricted to authorized personnel only.

4. Tongue Images

Tongue images are stored in encrypted private storage, accessible only to your assigned wellness advisor. They are auto-deleted after 90 days (user configurable) and are never shared externally or used for facial recognition.

5. Your Rights

  • Access: Request a copy of all your data
  • Deletion: Request complete deletion of your account and data
  • Opt-out: Withdraw consent for data processing at any time
  • Contact: hello@qiorazen.com

6. Not HIPAA Covered

Qiorazen is a wellness platform, not a healthcare provider. We implement strong security practices but do not claim HIPAA compliance.

7. Breach Notification

In the event of unauthorized access to health-related data, we will notify affected users within 60 days per the FTC Health Breach Notification Rule.

8. California Residents (CCPA)

California residents have additional rights including the right to know, delete, and opt-out. We do not sell personal data.

9. Changes

We may update this policy periodically. Material changes will be notified via email or platform notice.