Security & Privacy Hub

Your health data, protected by design.

Cira combines advanced medical reasoning with camera-based vitals from a short face scan. The whole system is built so your information stays yours — private, secured, and under your control.

What we collect

Only what helps you decide what to do next.

To give you useful guidance, Cira needs a small, focused set of information. Here's exactly what that looks like.

What you tell us in chat

Conversation

What you tell us in chat

Health questions, symptoms, and the context you choose to share so Cira can give relevant guidance.

Vitals from your face scan

Face scan

Vitals from your face scan

Metrics like heart rate signals estimated from a short Shen AI face scan, used to build a clearer picture of your health.

Only what's needed

Next step

Only what's needed

We follow a minimum-necessary principle: we collect what helps you decide what to do next — nothing more.

What we don't keep

We don't keep your face.

The face scan is a measurement tool, not an identity record. Frames are processed to compute your vitals and then discarded. Nothing is added to a facial database or identity profile.

  • No raw face video stored

    The video from your camera is never written to our storage.

  • Image data deleted after processing

    Once vitals are computed, the underlying image data is discarded.

  • No facial recognition profile

    We do not build a facial template, and we do not use your face to identify you.

How Cira protects your data

Layered protection, in plain language.

On-device processing

Shen AI runs on your device where possible to extract vitals, so raw camera frames don't need to leave your phone.

Encryption in transit

Your data is protected while it travels between your device and our servers using modern transport encryption.

Encryption at rest

Information stored on our infrastructure is encrypted, so it isn't readable in raw form.

MFA & role-based access

Internal access requires multi-factor authentication and is limited to specific roles that need it.

Least-privilege philosophy

We design access so people and systems only see what they need, and we review this regularly.

How your information is used

Used to help you. Not sold. Not hidden.

Your information powers Cira's guidance in the moment, and — only when you choose — the connection to a real doctor through Air Doctor's global network.

We use your data to:

  • Run your conversation and the face-scan experience
  • Generate personalized health insights and next-step guidance
  • Connect you, when you ask, to Air Doctor's network of licensed physicians

What we don't do:

  • ×We do not sell your health data.
  • ×We do not use your data to train generic, public AI models.
  • ×We do not reuse your data for new purposes without clear notice and consent.

Retention & deletion

Honest about what we're still finalizing.

We are finalizing our detailed retention and deletion schedule and will publish it here, rather than over-promising.

Retention period

[To be confirmed]

How long different types of data are kept will be published here.

Deletion process

[To be confirmed]

The exact steps and timeline for deleting your data on request.

Your rights

Request access, correction, or deletion

You will be able to ask us to access, correct, or delete the data you've shared.

Compliance & partners

Built with trusted partners.

Compliance status

[To be confirmed]

Specific frameworks and certifications will be listed here once confirmed. We'd rather wait than overclaim.

Infrastructure & subprocessors

[To be confirmed]

A full list of vendors and subprocessors that help operate Cira will be published here.

Air Doctor — 20,000+ doctors in 180 countries

Air Doctor operates the licensed physician network used when you choose to see a real doctor. Cira shares only the information necessary for that visit, under appropriate safeguards. Your medical conversation in Cira stays separate from advertising or third-party resale.

FAQ — Privacy first

Straight answers to the questions that matter.

Talk to us. We'll respond.

Privacy is a relationship, not a checkbox. Reach out anytime — we welcome questions and feedback.

Security contact

[security@ — to be confirmed]

For responsible disclosure of security issues.

Privacy contact

[privacy@ — to be confirmed]

For data, retention, or deletion questions.