Privacy Policy

AuditLog.AI ("AuditLog.AI", "we", "our", "us") is a product and service operated by Cardiovascular Diagnostic Audit & AI Pty Ltd (CDA AI).

We are committed to protecting your privacy and handling your data in a transparent, secure, and minimal manner.

This Privacy Policy explains how we collect, use, and protect information when you use AuditLog.AI.

AuditLog.AI is designed with a zero-custody architecture:

• We do not store your raw evidence or source data on our servers (unless explicitly required and consented)
• We process cryptographic hashes and proofs, not underlying files
• You retain full control of your original data at all times

In most cases, your sensitive data never leaves your environment in raw form.

We only collect information necessary to operate the service.

a. Account Information

• Name
• Email address
• Organisation name
• User ID

b. Usage Data

• Log data (timestamps, actions performed)
• Device and browser information
• IP address (for security and abuse prevention)

c. Cryptographic Data

We process and may store:

• File hashes (e.g. SHA-256, RIPEMD-160)
• Proof artifacts (e.g. .hash, .2ha, .ots)
• Audit logs and associated metadata

These are one-way cryptographic representations and cannot be used to reconstruct original data.

d. Communications

• Emails and support requests
• Feedback submissions

• Store raw evidence files by default
• Access your systems without your control
• Sell personal data
• Use invasive tracking technologies

• Provide and operate AuditLog.AI services
• Generate verifiable audit trails and cryptographic proofs
• Anchor proof data to public ledgers (e.g. Bitcoin)
• Maintain system security and integrity
• Communicate with users (support, updates, alerts)

AuditLog.AI may anchor proof data to public blockchain networks.

• Only hashed representations are anchored
• No raw or personal data is written to the blockchain
• Anchored data is immutable and publicly verifiable

We retain only what is necessary:

• Account data: retained while your account is active
• Audit logs: retained for integrity, verification, and compliance
• Hashes and proofs: retained as part of audit validation records

You may request deletion of your personal data, subject to legal and operational requirements.

We implement strong security controls, including:

• Encryption in transit (HTTPS/TLS)
• Access control and authentication safeguards
• Secure handling of cryptographic processes
• Deterministic audit logging for traceability

No system is completely secure, and you are responsible for safeguarding your credentials.

We may use third-party providers for:

• Hosting and infrastructure
• Transactional email delivery
• Operational analytics (privacy-conscious where possible)

These providers are required to handle data securely and in accordance with applicable laws.

Data may be processed in jurisdictions outside Australia.

We take reasonable steps to ensure appropriate safeguards are in place.

Under applicable laws (including the Australian Privacy Act and, where applicable, GDPR), you may have rights to:

• Access your personal data
• Request correction
• Request deletion
• Object to certain processing
• Request data portability

To exercise these rights, contact: dr.telles@aihumansynergy.org

We use minimal cookies for:

• Authentication and session management
• Essential service functionality

We do not sell behavioural data or use invasive tracking.

AuditLog.AI is not intended for individuals under 18.

We do not knowingly collect data from children.

We may update this Privacy Policy from time to time.

Updates will be published on this page with a revised "Last updated" date.