Privacy Policy

Depending on your location, different legal agreements apply.

Please review the terms relevant to you. Users located in the United Arab Emirates are subject to the UAE versions of the End User License Agreement (EULA), Terms of Service (ToS), and Privacy Policy (PP). Users located in the United States are subject to the U.S. versions of the End User License Agreement (EULA), Terms of Service (ToS), and Privacy Policy (PP).

By creating an Orva account or using Orva’s services, you acknowledge and agree to the applicable terms for your region.

Privacy Policy (PP) — Orva (UAE Version)

Effective Date: April 22, 2025

1. Introduction
Orva is committed to protecting healthcare data in compliance with ADHICS and UAE data protection laws.

2. Data Collection
Orva collects surgical milestones, timestamps, patient identifiers (PHI/PII), session data, and voice samples triggered by wake words.

3. Consent
Patient consent for voice activation and use is incorporated into general surgical consent led by healthcare providers.

4. Data Usage
Data is used exclusively for surgical tracking, workflow analytics, and system improvement.

5. Data Residency
All PHI and PII remain within UAE-approved cloud environments.

6. Data Sharing
Data is shared only within the healthcare facility, and no PHI/PII is transmitted outside the UAE unless anonymized.

7. Data Security
Data at rest is encrypted using AES-256 and data in transit is protected using TLS 1.2/1.3 protocols.

8. User Rights
Users may access, correct, or delete their personal information. Consent to voice recording can be withdrawn at any time.

9. Tracking and Analytics
In-app usage and system logs are collected anonymously for performance monitoring.

10. Updates
Policy updates will be communicated to users in advance of changes.

11. Contact
RAIN Technology ME LTD.
Level 14, Al Sarab Tower, ADGM Square
Al Maryah Island, Abu Dhabi, UAE
Email: hello@rain.agency


---------------------

Privacy Policy (PP) — Orva (U.S. Version)

Effective Date: April 22, 2025

1. Introduction
Orva complies with HIPAA regulations and applicable U.S. privacy laws to protect healthcare information.

2. Data Collection
Orva collects surgical milestones, timestamps, PHI, PII, session data, and voice samples after wake word activation.

3. Consent
Consent for voice and audio data is obtained through account setup and general surgical consents administered by healthcare facilities.

4. Data Usage
Collected data supports surgical milestone tracking, operational analytics, and platform improvement.

5. Data Residency
Data is securely stored in U.S. or equivalently compliant jurisdictions, with international transfers safeguarded.

6. Data Sharing
Data is accessed internally within healthcare facilities only and is not shared externally without anonymization.

7. Data Security
AES-256 encryption for data at rest and TLS 1.2/1.3 for data in transit are enforced. Regular HIPAA-compliant audits are performed.

8. User Rights
Users can request access, correction, or deletion of their data. Consent for voice recording can be revoked at any time.

9. Tracking and Analytics
Anonymized usage data and system logs are collected strictly for system performance analysis.

10. Updates
Policy changes will be notified to users ahead of implementation.

11. Contact
RAIN Technology, Inc.
5526 W 13400 S #60
Herriman, UT 84096
Email: hello@rain.agency



###
OrvaTerms of ServicePrivacy PolicyEnd User License Agreement