01. Introduction
jinIX is a global ecosystem where patients, physicians, data specialists, and healthcare companies collaborate through blockchain-verified data, and AI-driven clinical innovation to transform rare disease care and medical breakthroughs.
We understand that you are aware of and care about your own personal privacy interests, especially when it comes to sensitive health information, and we take that seriously. This Privacy Policy describes jinIX's policies and practices regarding its collection and use of your personal data, including health-related data, and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Policy as we undertake new personal data practices or adopt new privacy controls.
02. Data Protection Officer
jinIX is headquartered in the United States. To ensure transparency and compliance with data protection laws, jinIX has appointed a Data Protection Officer (DPO) to oversee its privacy and data security practices.
If you have any questions, concerns, or requests related to your personal data and how it is handled, please contact our DPO at:
Email: contact@jinix.io
03. How We Collect and Use (Process) Your Personal Information
jinIX collects personal information from individuals who visit our website, use our platform, or participate in our healthcare-related services. This may include, but is not limited to:
Name
Email address
Affiliated organization (e.g., hospital, research institution, or patient advocacy group)
Medical data (such as health records, diagnostic history, treatment information, or data shared through integrations with healthcare providers or personal health devices)
Feedback and consent records
We collect and process this information to:
Provide secure access to medical records and services
Enable patients, caregivers, and clinicians to collaborate effectively
Support rare disease research and clinical trial recruitment
Communicate with users about platform updates, health-related insights, or support needs
Improve the functionality, security, and user experience of the jinIX platform
We do not sell personal information to anyone. We only share it with third-party providers who help us deliver core services, such as consent-based data sharing with verified researchers or medical professionals.
From time to time, jinIX may also receive personal information from third parties—such as your healthcare provider, research partner, or data integration platform—where you have given appropriate consent. This may include additional health data or demographic context necessary for personalized care or research facilitation.
04. Use of the jinIX Website
As with most websites, the jinIX website automatically collects certain information and stores it in log files. This may include:
Internet Protocol (IP) address
Browser type and version
Operating system
Device type
Pages visited and time spent on the site
Referring URLs and general geolocation data
We use this information to help us understand how users interact with our website, diagnose server issues, analyze trends, track visitor behavior, and improve website performance and usability.
jinIX has a legitimate interest in understanding how patients, caregivers, clinicians, and researchers engage with our website. This helps us tailor our services, allocate resources effectively, and improve the accessibility and relevance of our tools for rare disease diagnosis and clinical research.
Please note that the jinIX website may contain links to third-party services (e.g., patient support communities, research portals, or secure data sharing platforms). If you choose to engage with these services, we recommend reviewing their respective privacy policies to understand how they handle your data.
05. Sharing Information with Third Parties
The personal information jinIX collects from you—including health-related data—is stored in one or more secure databases hosted by trusted third-party cloud providers located in the United States. These third parties do not use or access your personal information for any purpose other than secure storage, backup, and retrieval on jinIX's behalf.
From time to time, jinIX may engage third-party service providers to help us:
Deliver core services such as secure login, encrypted data transfer, or communication tools
Send information about platform updates, clinical research participation opportunities, or health-related services
Analyze usage trends to improve platform functionality and patient outcomes
A list of our current sub-processors, including our cloud service provider (e.g., AWS), can be provided upon request.
We do not sell your personal information to anyone. We will only disclose your personal data to third parties under one or more of the following conditions:
You have given explicit consent, for example to share data with a medical provider or research team.
Legal compliance, such as responding to lawful subpoenas, search warrants, or court orders.
To enforce agreements or investigate potential violations of our Terms of Use.
To protect the rights, property, or safety of jinIX, its users, or the public.
To authorized agents, vendors, or service providers acting on our behalf, under binding confidentiality agreements.
To address emergencies, including threats to life, health, or data integrity.
To resolve disputes or in response to verified legal authority acting on your behalf.
We may also collect and share aggregated or de-identified data—which does not contain personally identifiable information—with research institutions, healthcare organizations, or partners to support rare disease discovery, policy development, and system improvement. This data cannot be used to identify individual users.
The jinIX platform may offer integrations with third-party applications or services (e.g., wearable health devices, patient portals, or external EMR systems). If you choose to use these features, your interactions are also subject to the privacy policies of those third parties. We recommend reviewing their terms before use.
06. Transferring Personal Data to the U.S.
jinIX has its headquarters in the United States. Information we collect about you—including health-related data—will be processed and stored in the United States. By using jinIX's services, you acknowledge that your personal data will be transferred to and processed in the United States.
The United States has not received a finding of “adequacy” from the European Union under Article 45 of the General Data Protection Regulation (GDPR). However, pursuant to Article 46 of the GDPR, jinIX ensures appropriate safeguards for such transfers by entering into binding standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses are updated based on the guidance of the European Data Protection Board and will be revised in accordance with any new model clauses that are approved.
Depending on the context, jinIX may also collect and transfer personal data to the U.S. on the basis of:
Your consent
A contract with you (e.g., user agreement or research participation)
A compelling legitimate interest that does not override your data protection rights
jinIX applies strong safeguards to protect the confidentiality, integrity, and availability of your personal data. This includes end-to-end encryption, role-based access controls, blockchain record immutability, and contractual obligations with any subprocessors or service providers handling data on our behalf.
Where feasible and appropriate, jinIX enters into data processing agreements and incorporates model contractual clauses with third-party vendors to ensure lawful and secure cross-border data handling.
Since its establishment, jinIX has received zero government requests for user data.
If you have questions about how your data is transferred or wish to understand your rights under GDPR or similar international frameworks, please contact us at contact@jinix.io.
07. Data Subject Rights
The European Union’s General Data Protection Regulation (GDPR), along with other applicable global privacy laws, grants certain rights to individuals regarding their personal data. These rights apply to any personal and health-related information processed by jinIX.
As a data subject, you may be entitled to the following rights under GDPR:
Right to be informed – You have the right to know what data we collect, how we use it, who we share it with, and how long we retain it.
Right of access – You may request access to any personal data jinIX holds about you.
Right to rectification – You may request corrections to inaccurate or incomplete data.
Right to erasure (“right to be forgotten”) – You can request deletion of your personal data, subject to legal or operational exceptions.
Right to restrict processing – You can request a temporary halt to the processing of your data under specific circumstances.
Right to data portability – You may request that your data be provided to you or a third party in a structured, commonly used, and machine-readable format.
Right to object – You may object to the processing of your data, particularly where data is processed for direct marketing or based on legitimate interest.
This Privacy Policy is designed to inform you of jinIX’s practices regarding the collection and use of your personal and health-related data. If you wish to confirm whether jinIX is processing your personal data, or to exercise any of the rights listed above, please contact us at contact@jinix.io.
You may also request:
The purpose of processing
The categories of personal data involved
The recipients (or categories of recipients) to whom your data has been disclosed
The source of the data, if not provided directly by you
The anticipated storage duration
If we hold personal data that is inaccurate or incomplete, you may ask us to correct it. You may also request deletion of your data or ask us to stop processing it in certain cases (e.g., when the processing is no longer necessary for the purpose it was collected).
You may also request that we cease processing your data for research or direct communication. In most jurisdictions, including EU member states, you also have the right to lodge a complaint with your national or regional data protection authority.
Where technically feasible, jinIX will, at your request, provide your personal data directly to you or to a designated third party.
Reasonable access to your personal data will be provided at no charge. If we are unable to comply with your request within a reasonable timeframe, we will provide you with an expected completion date. If access is denied, we will provide a legally supported explanation.
For any questions, concerns, or formal complaints regarding your personal data, please contact contact@jinix.io. If you reside in the European Union, you may also escalate unresolved issues to the European Data Protection Supervisor or your local Data Protection Authority (DPA).
08. Data Storage and Retention
Your personal data is stored by jinIX on secure servers and blockchain-based systems, as well as on the servers of cloud-based database providers engaged by jinIX, located in the United States.
jinIX retains service data—including medical records, access logs, and consent records—for the duration of your active relationship with the platform, and for a period of time thereafter, as needed to:
Comply with legal, contractual, or audit obligations
Analyze the data for operations and platform improvements
Preserve access logs for transparency and dispute resolution
Support rare disease research, where explicitly consented
We also retain de-identified or aggregated data as part of our commitment to supporting long-term clinical research and population-level health analysis.
Prospect and marketing-related data is retained only while it has business value and is regularly purged when no longer needed.
All personal data under jinIX control can be permanently deleted upon verified request from data subjects or their legally authorized representatives. To learn more about data retention timelines or to submit a deletion or portability request, please contact us at contact@jinix.io.
09. Privacy of Children
We recognize the importance of protecting children’s privacy, especially when handling sensitive health information.
jinIX does not knowingly request, collect, or process personal data from individuals under the age of 18. Our platform is intended solely for adult patients, researchers, clinicians, and authorized caregivers.
If you are a parent or legal guardian and believe that your child has provided personal data to jinIX without your consent, please contact us immediately at contact@jinix.io, and we will take appropriate action to delete the information.
10. Questions, Concerns, or Complaints
If you have any questions about this Privacy Policy or how jinIX collects, processes, and protects your personal data—including health-related information—please contact us at:
Email: contact@jinix.io