Privacy Policy
Last updated: March 1, 2026
1. Introduction
AURUM Longevity Institute (“AURUM,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, store, and share information when you visit our website, use our services, or interact with us in any way.
By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services.
2. Information We Collect
Personal Information You Provide
- Name, email address, and phone number (including WhatsApp)
- Age, biological sex, and health-related information submitted through the Biological Age Assessment
- Blood test results and medical documents you upload
- Information provided during consultations or correspondence
Information Collected Automatically
- Device information (browser type, operating system, screen resolution)
- IP address and approximate geographic location
- Pages visited, time spent, and navigation patterns
- Cookies and similar tracking technologies (see Section 7)
3. How We Use Your Information
We use your information for the following purposes:
- To process and respond to your Biological Age Assessment submission
- To connect you with a physician for consultation
- To personalize your longevity protocol and treatment recommendations
- To communicate with you regarding appointments, results, and membership
- To improve our website, services, and user experience
- To comply with legal obligations and regulatory requirements
We will never use your health data for advertising purposes or sell it to third parties.
4. Data Retention
We retain personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law. Health-related data is retained in accordance with applicable medical record retention requirements.
- Assessment data: retained for 24 months after submission, or for the duration of your membership
- Medical records: retained for a minimum of 10 years per Dubai Health Authority requirements
- Marketing preferences: retained until you opt out
- Website analytics: anonymized and retained for 26 months
5. HIPAA-Aligned Protections
While AURUM operates under the regulatory framework of the Dubai Health Authority (DHA), we voluntarily align our data protection practices with the standards set forth by the U.S. Health Insurance Portability and Accountability Act (HIPAA). This includes:
- Encryption of all health data at rest (AES-256) and in transit (TLS 1.3)
- Access controls limiting data visibility to your designated care team
- Audit logging of all access to protected health information
- Regular security assessments and penetration testing
- Business associate agreements with all third-party service providers who handle health data
6. International Data Transfers
Your information may be processed and stored in servers located in the United Arab Emirates, European Union, or other jurisdictions. Where data is transferred outside the UAE, we ensure appropriate safeguards are in place, including standard contractual clauses approved by relevant data protection authorities.
7. Cookies and Tracking
We use cookies and similar technologies to enhance your experience. You can manage your cookie preferences at any time through the cookie banner or your browser settings.
- Essential cookies: Required for the website to function (session management, security)
- Analytics cookies: Help us understand how visitors interact with our website
- Marketing cookies: Used to deliver relevant content and measure campaign effectiveness
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal information we hold about you
- Request correction of inaccurate or incomplete data
- Request deletion of your personal information
- Object to or restrict certain processing activities
- Receive your data in a portable, machine-readable format
- Withdraw consent at any time (where processing is based on consent)
To exercise any of these rights, contact us at privacy@auruminstitute.com. We will respond within 30 days.
9. Contact
For questions or concerns about this Privacy Policy or our data practices, please contact:
AURUM Longevity Institute
Data Protection Officer
DIFC, Dubai, United Arab Emirates
privacy@auruminstitute.com