Join AverCare
Join AverCare

Privacy Policy

This Privacy Policy outlines how AUO Holding Limited trading as Avercare ("we," "us," or "our") collects, uses, discloses, and safeguards your personal information when you access or use our website, mobile application, and related services (collectively, the "Services"). We are committed to protecting your privacy and complying with applicable data protection laws.

Definitions

For purposes of this Privacy Policy, the following terms are defined as follows:

  • "Applicable Law" refers to the relevant data protection legislation in force in the jurisdictions where we operate, including but not limited to the GDPR, UK GDPR, CCPA/CPRA, UAE PDPL, POPIA, and other regional privacy regulations.

  • "Consent" means any freely given, specific, informed, and unambiguous indication of your wishes by which you signify agreement to the processing of personal data relating to you.

  • "Cookies" are small data files stored on your device that help us enhance user experience and track usage behaviour on our platform.

  • "Personal Data" refers to any information that identifies or can be used to identify an individual, including but not limited to names, contact details, identification numbers, and health-related information.

  • "Processing" means any operation performed on personal data, including collection, use, storage, transfer, or deletion.

  • "Sensitive Personal Data" includes data relating to health, biometrics, facial scans, medical records, genetics, or other categories of information classified as sensitive under applicable law.

  • “CCPA/CPRA” refers to the California Consumer Privacy Act and its amendment, the California Privacy Rights Act, which provide privacy rights to residents of California, United States.

  • “GDPR” refers to the General Data Protection Regulation (EU) 2016/679, which governs data protection and privacy in the European Union and the European Economic Area.

  • “POPIA” refers to the Protection of Personal Information Act, No. 4 of 2013, which governs data protection in South Africa.

  • “UAE PDPL” refers to the United Arab Emirates Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data, which regulates personal data processing within the United Arab Emirates (UAE).

  • “UK GDPR” refers to the United Kingdom General Data Protection Regulation, which is the retained version of the EU GDPR applicable in the United Kingdom after Brexit.

1. Information We Collect

We collect personal data to provide and improve our services, communicate with you, and comply with legal obligations. This includes information you provide directly, and data collected automatically through your use of our Services.

We may collect the following categories of personal and sensitive personal data:

  • Identification Information: Full name, email address, contact details, date of birth.

  • Health and Biometric Data: Medical history, symptoms, biometric identifiers, facial imagery.

  • Location Data: IP address, geolocation data from your device.

  • Account Credentials: Usernames, passwords, and usage data.

  • Device Data: Device type, operating system and application interaction data.

2. Purposes of Processing

We use your personal data for the following purposes:

  • To deliver, maintain, and improve the Services.

  • To personalise your experience and provide tailored content.

  • To conduct diagnostics, analytics, and research.

  • To comply with legal and regulatory obligations.

  • With your consent, to send marketing and promotional communications.

3. Legal Basis for Processing

We process your personal data based on the following legal grounds, as applicable:

  • Your explicit consent.

  • Fulfilment of contractual obligations.

  • Compliance with legal requirements.

  • Our legitimate interests provided these do not override your rights.

4. User Control and Consent

You have control over how your personal data is used. Where consent is the basis for processing your data, you may withdraw your consent at any time without affecting the lawfulness of prior processing.

You may also:

  • Manage your communication preferences or opt out of marketing communications.

  • Adjust settings on your device to limit location sharing or cookies.

  • Access, correct, or delete your data by contacting us directly.

Please note that withdrawing consent or limiting certain data uses may affect your access to some features of our Services.

5. Cookies and Tracking Technologies

We employ cookies and similar technologies to enhance functionality, monitor usage patterns, and improve your experience. You may control the use of cookies through your browser or device settings.

6. Disclosure of Personal Data and Third-Party Sharing

We do not sell your personal data. We may disclose information to:

  • Third-party service providers under strict contractual obligations, including cloud hosting providers, analytics providers, customer service providers, and medical professionals. These providers are required to process your data only on our instructions and in compliance with applicable law.

  • Regulatory and governmental authorities, where legally required.

  • Authorised healthcare professionals, with your explicit consent, for the purpose of providing medical services.

All third parties are required to handle your data in accordance with applicable privacy laws and to use it solely for the purposes specified by us.

7. Data Retention

We retain your personal data only for as long as necessary for the purposes outlined in this policy, or as required by applicable laws and regulations. Retention periods may vary depending on data type and legal obligations.

8. Data Subject Rights

Subject to applicable laws, you may have the following rights:

  • Right to access your personal data.

  • Right to rectification of inaccurate information.

  • Right to erasure ("right to be forgotten").

  • Right to restrict or object to processing.

  • Right to data portability.

  • Right to withdraw consent at any time.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption, access controls, secure data storage, and regular security assessments.

10. Children’s Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children without verifiable parental consent.

11. International Data Transfers

Your personal data may be transferred to and processed in countries other than your own. We ensure such transfers comply with applicable data protection laws and implement appropriate safeguards to protect your data.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact us at:

AUO Holding Limited (Avercare)

Email: [Insert Email]

13. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes and indicate the date of the latest version.

Regional Privacy Addendums

This section provides jurisdiction-specific information required by applicable privacy laws. If you are a resident of one of the countries listed below, the following terms apply in addition to the general provisions of our Privacy Policy.

United Kingdom (UK GDPR)

Under the UK General Data Protection Regulation:

  • Data Controller: AUO Holding Limited t/a Avercare is the Data Controller.

  • Data Subject Rights: You have the right to access, rectify, erase, or restrict the use of data, object to processing, and request data portability.

  • International Transfers: If your data is transferred outside the UK, we ensure appropriate safeguards are in place.

  • Complaints: You may lodge a complaint with the Information Commissioner's Office (ICO) at https://ico.org.uk.

United States (CCPA/CPRA – California only)

If you are a California resident:

  • You have the right to know, access, delete, and opt out of the sale of personal data.

  • Sensitive Data Use: We only collect and process sensitive data (e.g., biometrics, health) with your consent and never for discriminatory profiling.

  • Data Sale: We do not sell personal data as defined by the CCPA/CPRA.

  • Authorised Agent: You may designate an agent to act on your behalf for data requests.

United Arab Emirates (UAE PDPL)

Under the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021):

  • Consent: Explicit consent is required for processing Sensitive Personal Data.

  • Data Localisation: Health and biometric data may be stored in accordance with UAE data hosting regulations.

  • Rights: You may request access, correction, deletion, and restriction of personal data.

  • Transfer Abroad: Cross-border transfers are only made in compliance with UAE regulatory requirements.

  • Supervisory Authority: UAE Data Office.

Australia (Privacy Act 1988 & APPs)

In compliance with the Australian Privacy Principles (APPs):

  • Collection Notice: We collect personal and sensitive information directly from you or your device.

  • Overseas Disclosure: Your data may be stored or processed offshore. We take reasonable steps to ensure it is treated in accordance with APPs.

  • Rights: You may access or correct your information and lodge complaints with the Office of the Australian Information Commissioner (OAIC).

France (GDPR & CNIL)

As a resident of France:

  • Data Protection Authority: You may contact the Commission Nationale de l’Informatique et des Libertés (CNIL) for complaints.

  • Language Preference: This policy is provided in English.

  • Special Categories: We process health and biometric data only with your explicit consent and under appropriate safeguards.

Italy (GDPR & Garante)

In Italy, under GDPR and Garante guidelines:

  • Consent: Explicit consent is required before collecting sensitive information.

  • Data Rights: Requests for access or correction can be made.

  • Authority: Complaints may be filed with the Garante per la protezione dei dati personali at https://www.garanteprivacy.it.

Germany (GDPR & BDSG)

In Germany:

  • Joint Regulation: The Federal Data Protection Act (BDSG) complements the GDPR.

  • Sensitive Data Handling: Processing biometric or health-related data is only done with strict technical and organizational measures.

  • Supervisory Authority: You may submit complaints to your regional Data Protection Authority.

Spain (GDPR & AEPD)

Under Spanish law and the GDPR:

  • Regulator: Complaints should be directed to the Agencia Española de Protección de Datos (AEPD).

  • Profiling: We do not engage in automated decision-making or profiling with legal effects.

  • Data Portability and Deletion: These rights are enforced under GDPR Articles 17 and 20.

South Africa (POPIA)

In compliance with the Protection of Personal Information Act (POPIA):

  • Responsible Party: AUO Holding Limited is the Responsible Party for personal data processing.

  • Data Subject Rights: You may request access to, correction, deletion, or restriction of your personal information.

  • Special Personal Information: Health and biometric data are collected with express consent under Sections 26–28 of POPIA.

  • Regulator: Complaints can be lodged with the Information Regulator at https://www.justice.gov.za/inforeg

Contact

info@avercare.global

© 2025. All rights reserved.

About
Services
Legal

Disclaimer

Privacy Policy

Our Mission

Team

App

Android (Coming Soon)

Apple (Coming Soon)

Device

AverCare Smart Device

Terms of Use

PO BOX 463017

Dubai, UAE