This Privacy Policy is designed for Ayamedica, a comprehensive SaaS platform integrating School Health Management Systems (SHMS) and Electronic Health Records (EHR) with AI-driven analytics. Given the complexity of handling both educational records and sensitive health data for minors, this policy is drafted to align with global standards including the principles of the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability

Act (HIPAA), and various student data privacy frameworks.

 

Ayamedica Privacy Policy

Last Updated: March 12, 2026

Effective Date: March 12, 2026

 

1. Introduction and Scope

Welcome to Ayamedica. Our mission is to revolutionize school health by providing an AI-powered, secure, and intuitive platform that bridges the gap between education and healthcare. We are committed to protecting the privacy and security of the students, parents, healthcare professionals, and educational institutions we serve.

This Privacy Policy (“Policy”) explains how Ayamedica collects, uses, discloses, and safeguards personal and health information when you use our School Health Management System (SHMS), Electronic Health Records (EHR) platform, and AI-powered health analytics tools (collectively, the “Platform”).

Scope: This Policy applies to all users of the Ayamedica Platform, including school administrators, nurses, healthcare providers, parents, legal guardians, and students. By accessing or using our services, you acknowledge that you have read and understood the practices described herein.

 

 

2. Definitions

To ensure transparency, we define the following key terms used throughout this Policy:

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Student Data: Personal data specifically relating to a student enrolled in a School Institution using the Platform.
  • Health Data: Sensitive personal data relating to the physical or mental health of an individual, including the provision of health care services, which reveal information about their health status.

  • Electronic Health Record (EHR): A digital version of a student’s paper chart, containing real-time, patient-centered records that make information available instantly and securely to authorized users.

  • SHMS (School Health Management System): The module of our Platform used by schools to manage daily health operations, clinic visits, and student wellness program
  • AI Processing: The use of machine learning algorithms and automated systems to analyze data patterns, generate health alerts, and provide decision-support insights.
  • School Institution: The educational entity (school, district, or university) that contracts with Ayamedica to provide health management services.
  • Platform: The Ayamedica website, mobile applications, and software-as-a-service (SaaS) infrastructure.

 

 

3. Categories of Information We Collect

Ayamedica collects information necessary to provide high-quality health management and ensure student safety.

3.1 Student Identification & Demographic Information 

  • Full name, date of birth, gender, and grade level. 
  • Student identification numbers (internal or school-issued). 
  • Primary language and nationality (where required for regulatory reporting).

3.2 Health Records and Medical History 

  • Medical diagnoses, chronic conditions (e.g., asthma, diabetes, allergies), and physical limitations. 
  • Medication administration records (MAR) and prescriptions. 
  • Surgical history and past hospitalizations.

3.3 Immunization and Screening Records 

  • Vaccination records and compliance status. 
  • Vision, hearing, dental, and scoliosis screening results. 
  • Height, weight, and Body Mass Index (BMI) tracking.

3.4 Health Incident and Nurse Reports 

  • Documentation of clinic visits, symptoms reported, and treatments administered. 
  • Accident and injury reports occurring on school grounds. 
  • Mental health observations or referrals made by qualified staff.

3.5 Contact and Administrative Information 

  • Parent/Guardian Information: Names, phone numbers, email addresses, and home addresses.
  • Emergency Contacts: Names and contact details of authorized third parties.
  • Staff Data: Name, professional credentials, and login credentials for nurses and administrators.

3.6 Technical and Usage Data 

  • Device Information: IP address, browser type, operating system, and device identifiers.
  • System Analytics: Log data, time spent on features, and interaction patterns to optimize platform performance. 
  • AI Interaction Data: Metadata regarding how users interact with AI-generated alerts and decision-support tools.

 

 

4. How We Use Information

We process data strictly for purposes related to the health and educational well-being of the students and the operational efficiency of the School Institution.

  • Clinical Management: To maintain accurate EHRs and facilitate the delivery of healthcare services by school nurses and authorized providers. 
  • AI-Powered Analytics: To identify health trends, generate automated alerts for critical conditions (e.g., missed medication or abnormal screening results), and provide decision-support. 
  • Emergency Response: To provide immediate access to life-saving information (allergies, emergency contacts) for authorized personnel during a crisis. 
  • Communication: To notify parents/guardians of clinic visits, health alerts, or required immunization updates. 
  • Regulatory Compliance: To assist schools in generating mandatory public health reports and maintaining compliance with educational standards. 
  • Platform Security: To detect and prevent unauthorized access, mitigate cyber threats, and ensure data integrity.

 

 

5. AI and Automated Processing

Ayamedica utilizes advanced Artificial Intelligence to enhance student care. However, we maintain a “Human-in-the-Loop” philosophy.

  • Role of AI: Our algorithms analyze vast sets of health data to flag potential risks, such as a cluster of similar symptoms in a classroom or a student’s declining health metrics. 
  • Decision Support vs. Diagnosis: The Platform does not provide medical diagnoses. AI outputs are intended solely as decision-support tools for qualified healthcare professionals. 
  • Human Oversight: All AI-generated alerts must be reviewed and validated by a school nurse or healthcare provider before any clinical action is taken. 
  • Transparency: We provide documentation on the logic behind our AI alerts to ensure that healthcare providers understand why a specific notification was triggered.

 

 

6. Legal Basis for Processing

We process data under the following legal frameworks:

  1. Consent: We rely on explicit consent from parents or legal guardians for the processing of student health data, especially in a SaaS context. 
  2. Contractual Necessity: Processing is required to fulfill our service agreement with the School Institution. 
  3. Legal Obligation: To comply with public health reporting laws and mandatory immunization tracking.
  4. Vital Interests: To protect the life or physical safety of a student in emergency situations. 
  5. Legitimate Interests: To improve our Platform’s security and functionality, provided these interests do not override the fundamental rights of the students.

 

 

7. Data Sharing and Disclosure

Ayamedica does not sell student or health data. We share information only in the following limited circumstances:

  • School Personnel: Access is granted only to authorized nurses, health staff, and administrators on a “need-to-know” basis. 
  • Parents/Guardians: Parents have access to their own child’s health records and AI-generated summaries via the parent portal. 
  • External Providers: With explicit parental consent, data may be shared with a student’s primary care physician or a local hospital. 
  • Service Providers: We use trusted third-party vendors (e.g., encrypted cloud storage providers) who are contractually bound to strict data protection standards. 
  • Legal Requirements: We may disclose data if required by a valid legal order, subpoena, or to protect the safety of our users.

 

 

8. Data Storage and Security

We employ industry-leading technical and organizational measures to protect sensitive data.

  • Encryption: All data is encrypted at rest using AES-256 and in transit via TLS 1.3.
  • Access Control: We utilize Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA) to ensure only verified personnel can view health records.
  • Security Monitoring: Our systems undergo continuous 24/7 monitoring and regular third-party penetration testing. 
  • Data Minimization: We only collect the minimum amount of data necessary to provide our services. 
  • Breach Response: In the event of a data breach, we have a rigorous incident response plan that includes timely notification to affected users and regulatory bodies.

 

 

9. Data Retention

Student health records are maintained for as long as the student is enrolled with the School Institution, or as required by applicable local laws (often ranging from 5 to 7 years after the student leaves the institution or reaches the age of majority). Upon termination of a contract with a School Institution, Ayamedica will either return or securely delete all personal data, subject to legal retention requirements.

 

 

10. Children’s Privacy and Student Protection

Protecting minors is our highest priority. 

  • Parental Consent: We require School Institutions to ensure that appropriate parental consent is obtained before students’ data is entered into the Platform. 
  • Direct Access: Students may only access the platform if permitted by their school and parent, and their view is limited to age-appropriate health education and their own basic profiles. 
  • COPPA/GDPR-K Compliance: We align our practices with the Children’s Online Privacy Protection Act (COPPA) and GDPR requirements for processing children’s data. 

 

 

11. User Rights and Data Protection Rights 

Users (or their legal guardians) have the following rights regarding their data: 

  • Right to Access: You may request a copy of the personal and health data we hold.
  • Right to Rectification: You can request the correction of inaccurate or incomplete information. 
  • Right to Erasure (“Right to be Forgotten”): You may request the deletion of data, subject to legal and medical record retention obligations. 
  • Right to Portability: You can request that your data be provided in a structured, commonly used, and machine-readable format. 
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

 

 

12. International Data Transfers 

Ayamedica is a global platform. Data may be stored in secure cloud servers located in the United States, the European Union, or the Middle East (specifically KSA or Egypt), depending on the location of the School Institution and local residency laws. We use Standard Contractual Clauses (SCCs) and other legal mechanisms to ensure data remains protected during cross-border transfers.

 

 

13. Cookies and Tracking Technologies

We use functional cookies to maintain user sessions and security. We use analytical cookies (in an anonymized format) to understand how the Platform is used. We do not use advertising or third-party behavioral tracking cookies on the SHMS/EHR platforms.

 

 

14. Third-Party Services and Integrations 

The Platform may integrate with school management systems (SMS) or laboratory systems. These integrations are governed by specific Data Processing Agreements (DPAs) to ensure that the third party maintains the same level of security as Ayamedica.

 

 

15. Changes to This Privacy Policy 

We may update this Policy to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Policy on our website and, where appropriate, sending an email notification or platform alert.

 

 

16. Contact Information 

If you have questions, concerns, or wish to exercise your data rights, please contact us: Privacy Officer: Attn: Data Privacy Department 

Ayamedica LLC 

Email: info@ayamedica.com 

General Support: Email: cs@ayamedica.com

Ayamedica is an innovative medical application specifically designed to enhance healthcare services .

Locations

Cairo, Egypt
Riyadh, Saudi Arabia
Irvine, California, USA

Subscribe Now

Contact: info@ayamedica.com

Copyright © 2025 Ayamedica. All rights reserved.

Privacy Policy
Terms of Service

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by