Privacy Policy

Effective Date: May 1, 2025

‍

1. Introduction

Phases Innovations Inc. (“Phases,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, protect, and disclose your personal data through our website at https://phases.ai and related services (“Services”).

By accessing or using our Services, you agree to the practices described in this Privacy Policy and any applicable data protection laws.

‍

2. Notice at Collection

At or before the point of collection, we inform users about:

Categories of personal information to be collected;
The purposes for which the categories will be used;
Whether that information is sold or shared;
The retention period for each category.

‍

3. Information We Collect

Personal data you provide: If you choose to share personal data with Phases, it may include your contact information.

How we use this personal data: We use your personal data to evaluate clinical trial eligibility, meet regulatory requirements, conduct internal auditing, reporting, and quality assurance, and for any other purpose described on the page where you provided your personal data. We do not share your personal data with any third parties except our service providers.

‍

4. Legal Basis and Use of Personal Data

We process personal data for the following purposes and lawful bases:

Consent – to contact you or add you to our trial matching program;
Contract – to fulfill requests or respond to inquiries;
Legal obligation – to comply with applicable laws;
Legitimate interest – to improve Services, perform analytics, and ensure security.

Uses include:

Matching individuals with clinical trial opportunities;
Communications regarding study opportunities;
Platform improvement and analytics;
Compliance with applicable laws.

‍

5. Sharing and Disclosure

We do not sell your personal data. We may share data with service providers under written agreements for purposes aligned with this Policy. We may also disclose data:

If required by law or legal process;
In the context of a business transfer such as a merger or acquisition.

‍

6. Cookies and Tracking

We use essential and analytics cookies to operate and analyze the site.

Users may disable cookies through browser settings. See our Cookie Policy (if applicable) for more information.

‍

7. Data Retention and Accuracy

We retain data only as long as needed to fulfill our services or comply with legal obligations. For health-related data, we generally retain it for no more than 24 months after last user interaction unless a longer period is required by law.

You may request correction or deletion of your data at any time.

‍

8. Data Security

We implement reasonable technical and organizational measures, including encryption, role-based access, secure servers, and periodic audits to protect data against unauthorized access or loss.

‍

9. Your Privacy Rights (U.S.)

Depending on your state, you may have rights to:

Know what data we collect and why;
Access or delete your personal data;
Correct inaccurate data;
Opt out of data “sale” or “sharing” (we do not sell);
Limit use of sensitive personal information.

To make a request, contact founders@phases.ai. We may need to verify your identity. Authorized agents may submit requests on your behalf with proper documentation.

‍

10. California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA/CPRA), including the right to:

Receive a Notice at Collection;
Know what personal information is collected and shared;
Delete your information;
Opt out of selling/sharing (we do not sell or share);
Non-discrimination for exercising privacy rights.

‍

11. Children’s Privacy

Our Services are not intended for children under 18. We do not knowingly collect or process personal data from anyone under 18. If we learn that such data has been collected, we will delete it promptly.

‍

12. International Use

Our Services are intended for users in the U.S. and U.K. Data is stored and processed in those countries. By using our Services from outside these regions, you consent to this transfer.

‍

13. Updates to This Policy

We may revise this Policy from time to time. Updates will be posted here with a new effective date. If changes materially affect how we use your data, we will notify you in advance.

‍

14. Contact Us

For any privacy-related questions, concerns, or to exercise your rights, contact:

Patiently Innovations Inc.

Email: founders@phases.ai

‍

Email Agent Data Usage

‍Effective Date: January 30, 2026

This addendum explains how the Phases Email Agent accesses and uses email data when you authorize the service to connect to your email account (including, but not limited to, Gmail, Outlook and other supported email providers).

‍

Email Data We Access

When you authorize the Email Agent, the application may access email data only as needed to perform user-initiated actions, including:

Email message content (subject lines, body content, sender and recipient information)
Limited email metadata (timestamps, thread context, read/unread status)
Message identifiers used to reference emails within the connected email provider

The Email Agent does not perform bulk mailbox export, backup, or archival, and does not continuously synchronize mailboxes.

‍

How We Use Email Data

Email data is accessed solely to provide user-requested email assistance, including:

Analyzing individual emails to generate draft responses or suggestions
Presenting AI-generated draft replies for user review
Performing actions explicitly initiated by the user (such as drafting an email)

The Email Agent does not autonomously send emails. All outbound messages require explicit user action before sending.

‍

Data Retention

Email content: Not stored persistently. Retrieved email content is processed ephemerally at runtime and discarded immediately after the requested operation completes.
Email metadata: Message identifiers may be stored to reference emails, but email content and attachments are not retained.
Operational logs: Limited system and processing logs (excluding email content) may be retained for up to 30 days for troubleshooting, security, and reliability purposes.

‍

Data Security

Phases applies administrative, technical, and organizational safeguards designed to protect email data, including:

Encryption in transit using TLS 1.2 or higher
Role-based access controls
Access restricted to authorized systems and personnel

Email data is:

Not used for advertising
Not sold or shared with third parties except as required by law
Not used to train AI models

‍

Revoking Access

You may revoke the Email Agent’s access to your email account at any time through your email provider’s account permissions or security settings.

After access is revoked, any remaining operational data is deleted in accordance with this policy.

‍

Questions

For questions about Gmail data usage, contact us at founders@phases.ai.

‍