SomaIQBack to site

Privacy Policy

Effective June 28, 2026

1. Who we are

SomaIQ is operated by Salvador Villagomez, doing business as SomaIQ, a Texas sole proprietorship (“SomaIQ,” “we,” “us,” or “our”). SomaIQ is a clinical decision-support tool for licensed practitioners that helps interpret laboratory results. This policy explains what information we collect through the somaiq.ai website and application, how we use it, and the choices you have. If you have questions, contact us at hello@somaiq.ai.

2. Current operating status

SomaIQ is early-stage and runs on demo data only

We are a new product. Today the service operates on demonstration and synthetic data only. The HIPAA safeguards and Business Associate Agreements (BAAs) required to process real patient health information are being put in place before any actual patient data is uploaded to or processed by the service. We will not solicit or accept real protected health information until those agreements and controls are in force. This policy describes our current practices and will be updated as those safeguards go live.

3. Who this policy covers

This policy applies to two groups: people who visit somaiq.ai, and licensed practitioners (and their authorized staff) who create an account. Once the service processes real patient data on a practitioner’s behalf, that data is handled under a separate agreement with the practitioner’s practice, and the practice — not SomaIQ — is the party responsible to the patient for it.

4. Information we collect

  • Account information. When a practitioner signs up, we collect a name, email address, password (stored only as a salted hash by our authentication provider), and practice or organization name.
  • Demo and inquiry information. If you request a demo or book a call, the scheduling is handled by cal.com and we receive the name, email, and any message you provide.
  • Communications. If you email us, we keep your message and contact details so we can respond.
  • Essential cookies and server logs. We use a single strictly-necessary session cookie to keep you signed in, and our hosting provider keeps standard server logs (such as IP address and request time) for security and reliability.
  • No analytics, advertising, or tracking. We do not use Google Analytics, advertising pixels, or any third-party analytics or tracking cookies on somaiq.ai.
  • Patient and health data. Currently synthetic and for demonstration only (see “Current operating status” above).

5. How we use information

We use the information above to:

  • provide, operate, secure, and improve the service;
  • authenticate accounts and keep them signed in;
  • respond to demo requests, support questions, and other inquiries;
  • send service-related messages about your account; and
  • comply with legal obligations.

We do not sell your personal information, and we do not use it for advertising.

6. Cookies

We use only a single essential session cookie, which is required to keep you signed in. Because we use no analytics, advertising, or tracking cookies, no cookie-consent banner is required. If we ever add non-essential cookies, we will update this policy and provide the appropriate controls first.

7. Service providers we share data with

We use a small set of vendors (subprocessors) to run the service. Each processes only the data needed for its function:

  • Supabase — database, authentication, and storage.
  • Vercel — application hosting and delivery.
  • Anthropic — the AI models that assist with lab interpretation.
  • cal.com — demo and call scheduling.
  • Namecheap Private Email — our email service for the somaiq.ai domain.

About AI processing. When the service interprets labs, the relevant lab values and clinical context are sent to Anthropic’s models. We send the minimum information necessary and avoid including direct patient identifiers in that text. We will only process real patient data through this pipeline once the appropriate Business Associate Agreement and data-handling terms with our AI provider are in force; until then this pipeline runs on demonstration data.

We may also disclose information if required by law, to protect our rights or the safety of others, or in connection with a business transfer.

8. Data retention

We keep account and communication information for as long as your account is active or as needed to provide the service and meet legal obligations, and then delete or de-identify it. You can ask us to delete your account information by emailing hello@somaiq.ai.

9. Security

We protect information with encryption in transit (TLS) and at rest, access controls, and audit logging through our infrastructure providers. We are candid that the full set of HIPAA-grade controls is still being implemented, which is why the service operates on demonstration data until those controls and the supporting agreements are complete. No method of transmission or storage is perfectly secure, but we work to protect your information.

10. Your privacy rights

Depending on where you live — including under the Texas Data Privacy and Security Act (TDPSA) and the California Consumer Privacy Act (CCPA) — you may have the right to access, correct, or delete the personal information we hold about you, and to appeal a decision about such a request. We do not sell personal information or use it for targeted advertising. To exercise any of these rights, email hello@somaiq.ai and we will respond as required by applicable law.

11. Children's privacy

SomaIQ is a professional tool and is not directed to anyone under 18. We do not knowingly collect personal information directly from children. Where a practitioner uses the service in connection with a minor patient, the practitioner is responsible for having a lawful basis and any necessary consent for that patient’s data.

12. Where we operate

SomaIQ is operated from the United States, and information is processed and stored in the United States.

13. Changes to this policy

We may update this policy as the product and our safeguards evolve. We will revise the effective date above when we do, and material changes will be reflected here.

14. Contact us

Questions about this policy or your information? Email hello@somaiq.ai. See also our Terms of Service and Medical Disclaimer.