Request a Demo

May 28, 2026

Centralive Privacy Policy

Centralive Privacy Policy

Effective: 5/28/2026

Last Updated: 5/28/2026

 

This Privacy Policy (“Policy”) describes how Integrated AI Systems Inc. (d/b/a Centralive) and our subsidiaries and affiliates (collectively, “Centralive,” “we,” “us,” or “our”) collect, use, and disclose certain personal information obtained through our website (https://centralive.health) (“Site”), our web and mobile applications (the “App”), and any other services that we own or control and which post or link to this Policy (collectively with the Site and the App, the “Services”), and the rights and choices available to individuals with respect to their information.

We provide important information for individuals located in the European Union, European Economic Area (EEA), United Kingdom, and Switzerland (collectively, “Europe” or “European”) in the International Data Transfers section and in the Centralive Data Privacy Framework Statement below.

 

Table of Contents

  • Scope
  • Personal Information We Collect
  • How We Use Your Personal Information
  • How We Share Your Personal Information
  • Your Choices
  • Cookies and Tracking Technologies
  • Other Sites, Mobile Apps and Services
  • Security Practices
  • International Data Transfers
  • Children
  • Changes to this Privacy Policy
  • How to Contact Us
  • Centralive Data Privacy Framework Statement

 

Scope

This Policy applies to the information we process in our role as a data controller. It does not govern information we process in our role as a service provider to clinical trials or research sites. Information we process in relation to a clinical trial itself is governed by the “Common Rule” (45 CFR part 46, subpart A), other applicable research regulations, and the relevant informed consent of participants.

Personal Information We Collect

Information you provide to us

We collect personal information you provide to us through the Services or otherwise. With respect to researchers who use our Services (each, a “Researcher”), this includes:

  • Business and personal contact information, such as your first and last name, email and mailing addresses, phone number, professional title, affiliated institution or company, and country.
  • Account and registration information, such as login credentials and information related to studies you design or manage on Centralive.
  • Content you choose to upload to the Services, such as study protocols, text, images, audio, and video, along with the metadata associated with the files you upload.
  • Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
  • Transaction information, such as information about payments to and from you and other details of products or services you have purchased from us.
  • Usage information, such as information about how you use the Services and interact with us, including any content you upload or otherwise submit to us.
  • Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Policy or as otherwise disclosed at the time of collection.

With respect to participants who participate in studies, experiments, or projects (collectively, “Studies”) hosted, sponsored, or conducted by Researchers (each, a “Participant”), we may collect:

  • Content you choose to upload to the Services, such as text, images, audio, and video, along with the metadata associated with the files you upload.
  • Study Data, such as information collected from you during your participation in a Study, including data collected through wearable or mobile devices (e.g., physiological data such as heart rate, activity, and sleep quality), demographic data, performance data, and responses to Study questions, including free-text responses you choose to provide.
  • Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
  • Usage information, such as information about how you use the Services and interact with us.
  • Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Policy or as otherwise disclosed at the time of collection.

Information collected automatically

We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Services. The information that may be collected automatically includes your computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, IP address, the website you visited before browsing to our Site, general location information such as city, state, or geographic area, and information about your use of and actions on the Services, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, access times, and length of access.

On our Site, this information is collected using cookies and similar technologies, and our emails may also contain web beacons. We do not use third-party analytics or advertising trackers within the Centralive web App or mobile App. See the Cookies and Tracking Technologies section below for details and opt-out options.

How We Use Your Personal Information

We use your personal information for the following purposes and as otherwise described in this Policy or at the time of collection. Where required by law, we rely on one or more of the following legal bases under the GDPR and UK GDPR: our legitimate interests in operating and improving our business, performance of a contract with you, your consent, and compliance with legal obligations.

To operate the Services

  • Provide, operate, and improve the Services, including through analytics and quality assurance.
  • Establish and maintain your user profile on the Services.
  • Enable security features of the Services, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in.
  • Communicate with you about the Services, including by sending you announcements, updates, security alerts, and support and administrative messages.
  • Understand your needs and interests, personalize your experience with the Services and our communications, and provide support and maintenance for the Services.
  • Respond to your requests, questions, and feedback.

For research and development

We analyze use of the Services to improve them and to develop new products and services. We may also use data to train and improve our artificial intelligence and machine learning models. Where required by law, we will rely on appropriate legal bases for such processing, including obtaining your consent.

To send you marketing and promotional communications

We may send you Centralive-related marketing communications as permitted by law. You will have the ability to opt out of our marketing and promotional communications as described in the Your Choices section below.

To comply with law

We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

For compliance, fraud prevention, and safety

We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your, or others’ rights, privacy, safety, or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Services; and (c) protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity.

With your consent

In some cases we may specifically ask for your consent to collect, use, or share your personal information, such as when required by law.

To create anonymous, aggregated, or de-identified data

We may create anonymous, aggregated, or de-identified data from personal information by removing information that makes the data personally identifiable. We may use and share such data with third parties for our lawful business purposes, including to analyze and improve the Services and promote our business.

How We Share Your Personal Information

We do not share your personal information with third parties without your consent, except in the following circumstances or as described in this Policy:

Affiliates

We may share your personal information with our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Policy.

Service providers

We may share your personal information with third-party companies and individuals that provide services on our behalf or help us operate the Services (such as hosting, database management, analytics, email delivery, customer support, and marketing). These third parties may use your personal information only as directed or authorized by us and in a manner consistent with this Policy. Our principal service providers include Amazon Web Services (hosting and infrastructure), MongoDB Atlas (database), GitHub (source-code repository), HubSpot (marketing automation and CRM), Google (analytics on our Site), Meta (advertising on our Site), and LinkedIn (advertising on our Site).

Researchers

If you are a Participant, we may share your personal information with Researchers who have procured your access to our Services on your behalf, or enable such Researchers to collect information directly via our Services.

Professional advisors

We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors, and insurers, where necessary in the course of the professional services they render to us.

For compliance, fraud prevention, and safety

We may share your personal information for the compliance, fraud-prevention, and safety purposes described above.

Business transfers

We may sell, transfer, or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization, or sale of assets, or in the event of bankruptcy or dissolution.

Your Choices

In this section, we describe the rights and choices available to all users. Users located in Europe can find additional information about their rights in the International Data Transfers and Centralive Data Privacy Framework Statement sections below.

Access or update your information

If you have registered for an account with us, you may review and update certain personal information in your account profile by logging into the account, or by contacting us at the address provided in the How to Contact Us section.

Marketing communications

You may opt out of receiving marketing emails from us by following the instructions in those emails or by emailing us at privacy@centralive.health.

Cookies and browser web storage

You can manage cookies and similar technologies through your browser settings. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. See the Cookies and Tracking Technologies section below for additional opt-out options.

Privacy settings and location data

Users of our mobile App also have the choice whether to allow us to access precise location data. Your device settings may provide the ability for you to revoke our ability to access location data.

Do Not Track

Some internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals.

Choosing not to share your personal information

Where we are required by law to collect your personal information, or where we need your personal information in order to provide the Services to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our Services. We will tell you what information you must provide to receive the Services by designating it as required at the time of collection or through other appropriate means.

Your rights

If you are a resident of a jurisdiction with an applicable data privacy law, you may have certain rights available to you in relation to your personal information. These rights may include:

  • The right to access your personal information (including a data portability request).
  • The right to correct or amend any personal information we have on file about you.
  • The right to delete your personal information.
  • The right to limit the use of your “sensitive” personal information.
  • The right to opt out of the sale or “sharing” of your personal information.
  • The right to opt out of the use of your personal information for targeted advertising purposes.
  • The right to restrict or object to the processing of your personal information (such as for direct marketing purposes).
  • The right to restrict or opt out of the use of your personal information for certain automated decision-making (including profiling in furtherance of decisions that produce legal or similarly significant effects).
  • The right to revoke your consent (to the extent applicable).
  • The right to confirm whether personal information about you is being processed.
  • The right to obtain a list of specific third parties (or categories of third parties) to which we have disclosed your personal information.
  • For European users: the right to lodge a complaint with your local data protection supervisory authority.

To exercise any of the rights listed above, please contact us via email at privacy@centralive.health. We will respond to your request as soon as reasonably possible and within the timeframe required under applicable law. We will allow you to appeal any decision we make in response to such request in accordance with applicable law. Appeals may be submitted to privacy@centralive.health with the subject line “Appeal of Decision Related to Privacy Rights Request.” Prior to complying with your request, we will first verify your identity by comparing the information you provide with the information we have on file for you. You may authorize an agent to make a request on your behalf.

Cookies and Tracking Technologies

We use cookies and similar technologies on our marketing Site at centralive.health. We do not use third-party analytics or advertising trackers within the Centralive web App or mobile App. Cookies and similar technologies on the Site fall into the following categories:

  • Strictly necessary cookies, which are required for the Site to function (e.g., session management).
  • Analytics cookies, which help us understand how visitors use the Site. We use Google Analytics for this purpose.
  • Marketing and advertising cookies, which help us measure and improve our marketing campaigns. We use the Meta Pixel and the LinkedIn Insight Tag for this purpose.
  • Functional cookies, which support marketing forms, live chat, and CRM features. We use HubSpot for this purpose.

You may opt out of certain cookies and similar technologies directly through the providers’ tools: Google Analytics Opt-Out, Your Online Choices (EU), Network Advertising Initiative, and Digital Advertising Alliance. Most browsers also allow you to remove or reject cookies through their settings. Please note that if you set your browser to disable cookies, certain features of the Site may not function correctly.

Other Sites, Mobile Apps and Services

The Services may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. We do not control third-party websites, mobile applications, or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use, and sharing of your personal information. We encourage you to read the privacy policies of the other websites, mobile applications, and online services you use.

Security Practices

We employ a comprehensive set of organizational, technical, and physical safeguards designed to protect the personal information we collect, including encryption of data in transit and at rest, role-based access controls with multi-factor authentication, continuous logging and monitoring, regular vulnerability assessments, third-party penetration testing, and a documented incident-response program. However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your personal information.

International Data Transfers

We are headquartered in the United States and have service providers in multiple countries. Your personal information may be transferred to the United States or other locations outside of your state, province, or country where privacy laws may not be as protective as those in your jurisdiction.

For transfers of personal data from the European Union, the European Economic Area, the United Kingdom (and Gibraltar), and Switzerland to the United States, Centralive relies on the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework. Please see the Centralive Data Privacy Framework Statement below for more information.

Children

As a general rule, children are not allowed to use the Services, and we do not collect personal information from them. We define “children” as follows:

  • Residents outside of Europe: anyone under 13 years old.
  • Residents of Europe: anyone under 16 years old, or the age needed to consent to the processing of personal information in your country of residence.

If we learn that we have collected personal information of a child without the consent of the child’s parent or guardian, we will delete it. We encourage parents with concerns to contact us at privacy@centralive.health.

Changes to this Privacy Policy

We reserve the right to modify this Policy at any time. If we make material changes to this Policy, we will notify you by updating the date of this Policy and posting it on the Services. We may, and where required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email (if you have an account where we have your contact information) or another manner through the Services. Any modifications to this Policy will be effective upon our posting the new terms or upon implementation of the new changes on the Services (or as otherwise indicated at the time of posting). Your continued use of the Services after the posting of any modified Policy indicates your acceptance of the modified Policy.

How to Contact Us

Please direct any questions or comments about this Policy or our privacy practices to privacy@centralive.health. You may also write to us via postal mail at:

Integrated AI Systems Inc.

Attn: Legal – Privacy

C/O UCI Beall Applied Innovation

5270 California Ave., Suite 350

Irvine, CA 92617, USA

 

Centralive Data Privacy Framework Statement

Effective: 5/28/2026

 

1. Introduction

Integrated AI Systems Inc. (d/b/a Centralive) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce regarding the processing of personal data received from the European Union, the United Kingdom (and Gibraltar), and Switzerland in reliance on the respective DPF frameworks.

Centralive has certified to the U.S. Department of Commerce its adherence to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Centralive has also certified to the U.S. Department of Commerce its adherence to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.

If there is any conflict between the terms in this Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, please visit the Data Privacy Framework website at https://www.dataprivacyframework.gov/, where you can view our certification.

2. Scope

This Data Privacy Framework Statement applies to all personal data received by Integrated AI Systems Inc. (d/b/a Centralive) in the United States from the European Union, the United Kingdom (and Gibraltar), and Switzerland, in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. This includes personal data collected through our Site, our web and mobile applications, and our services related to research projects, data collection, and user communications. This Statement supplements our Privacy Policy.

3. Definitions

  • Personal Data: Any information relating to an identified or identifiable individual.
  • Processing: Any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
  • Data Subject: An individual who is the subject of personal data.

4. Processing of Personal Data

As outlined in our Privacy Policy, Centralive’s Services enable researchers to design and run studies, and to collect, aggregate, and analyze data from participants using various devices and platforms. We gather certain information directly from researchers, including details necessary to create and manage their accounts, such as names, email addresses, and organizational affiliations. With participants’ consent, Centralive also receives personal data from participants and their devices, such as physiological metrics (e.g., heart rate, activity, sleep patterns, and other biometric data), demographic information, and responses to study questions, including free-text responses participants choose to provide. This personal data, along with analytical tools provided by Centralive, is made accessible to researchers through our Services. For a comprehensive overview of the personal data processed by Centralive and the third parties with whom it may be shared, please refer to our main Privacy Policy.

5. Privacy Principles

A detailed description of the Privacy Framework Principles can be found on the website of the U.S. Department of Commerce at https://www.dataprivacyframework.gov/.

6. Notice

Centralive ensures that individuals are informed about the purposes for which we collect and use personal data, the categories or identities of third parties who act as controllers or agents and to whom Centralive may disclose personal data, and the purposes for such disclosures. We also explain the options and methods available to individuals for restricting the use and sharing of their personal data, as well as their rights to access this data. This information is provided to researchers at the time they are first requested to submit personal data to Centralive, or as soon as feasible thereafter. While Centralive does not have a direct relationship with participants, researchers are required to share Centralive’s Terms of Use and Privacy Policy with participants before transferring their personal data to Centralive’s Services.

7. Choice

As outlined in our Privacy Policy, the personal data of Centralive users and participants is treated with strict confidentiality and is not shared or sold to third parties except as necessary to provide Centralive’s Services. If it becomes necessary to share personal data beyond our standard services, we will offer individuals the opportunity to choose (opt out) whether their personal data is to be (a) disclosed to a third party acting as a controller, or (b) used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by the individual. For sensitive data, Centralive will obtain explicit consent (opt in) from individuals before sharing the data with third parties or using it for purposes other than those for which it was originally collected or subsequently authorized. Researchers are responsible for ensuring participants are informed about and consent to any potential future uses of their personal data at the beginning of their respective studies.

8. Accountability for Onward Transfer

Centralive complies with the Data Privacy Framework Principles for all onward transfers of personal data from the EU, UK, and Switzerland. This means that we ensure any third parties to whom we transfer personal data are obligated to provide at least the same level of privacy protection as required by these Principles. Centralive requires third-party service providers to sign data processing agreements that stipulate their obligations to protect personal data and to only process it for specified purposes. We conduct due diligence on our third-party data processors to verify their compliance with these standards. In the event that a third party fails to uphold their data protection obligations, Centralive will take appropriate steps to remedy the situation, including potentially terminating the relationship. Additionally, Centralive can provide a Data Processing Agreement (DPA) for specific customers upon request to further ensure compliance with data protection requirements. Centralive may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Centralive remains liable under the DPF Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Centralive proves that it is not responsible for the event giving rise to the damage.

9. Security

At Centralive, safeguarding your personal data is a top priority. We implement and uphold a comprehensive set of technological and organizational measures designed to protect your personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Our security measures include, but are not limited to:

  • Encryption: We use industry-standard encryption protocols to protect data in transit and at rest.
  • Access Controls: Strict role-based access controls with multi-factor authentication are in place to ensure that only authorized personnel have access to sensitive data.
  • Regular Audits: We conduct regular security audits, vulnerability assessments, and third-party penetration tests to identify and mitigate potential vulnerabilities.
  • Incident Response: We maintain a documented incident-response program for responding to data breaches and other security incidents to minimize impact and restore security swiftly.

10. Data Integrity and Purpose Limitation

We process personal data in a way that is consistent with the purposes for which it was collected or subsequently authorized by the individual. We take reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete, and current. For more detailed information, please refer to our Privacy Policy.

11. Access

Centralive grants individuals the ability to access their personal data held by us upon request. We are committed to enabling individuals to correct, update, or delete their personal data that is proven to be incorrect, incomplete, or processed in violation of the Data Privacy Framework Principles. In some cases, Centralive may limit access if the burden or cost of providing access is disproportionate to the privacy risk to the individual or if it would compromise the rights of others. Additionally, to maintain the integrity of ongoing research, there may be situations where access to certain personal data is restricted. For further details on accessing your personal data and our related procedures, please visit our Privacy Policy.

12. Recourse, Enforcement, and Liability

Integrated AI Systems Inc. (d/b/a Centralive) is committed to ensuring compliance with the Data Privacy Framework Principles through established mechanisms for addressing and resolving complaints and verifying our adherence to privacy commitments. If individuals from the European Union, United Kingdom, or Switzerland have inquiries or complaints regarding our DPF policy, they should first contact Centralive at privacy@centralive.health.

Centralive has further committed to refer unresolved complaints to JAMS, an independent dispute-resolution mechanism. If you do not receive a timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, you can submit your complaint to JAMS for resolution. For more information and to file a complaint, please visit the JAMS DPF Dispute Resolution website: https://www.jamsadr.com/DPF-Dispute-Resolution. This service is provided at no cost to you.

Under certain conditions, more fully described on the DPF website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Integrated AI Systems Inc. (d/b/a Centralive) is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Centralive also conducts periodic internal reviews to verify our compliance with the DPF Principles. Additionally, we provide regular training and awareness programs for our employees to ensure they understand and comply with our data-protection obligations.

13. Contact Information

For any questions or concerns regarding this Data Privacy Framework Statement, please contact us at:

Integrated AI Systems Inc.

Attn: Legal – Privacy

C/O UCI Beall Applied Innovation

5270 California Ave., Suite 350

Irvine, CA 92617, USA

Email: privacy@centralive.health