Privacy Policy
Your privacy is important to us. It is Dry Runz's policy to respect your privacy and comply with any applicable law and regulation regarding any personal information we may collect about you, including across our website, our AI role-playing simulator technology for corporate and healthcare training, and other services we own and operate.
Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use a website or online service. Where our site links to third-party sites, those sites have their own privacy policies; this policy does not apply to your activities after you leave our site.
Our AI services
Our platform uses artificial intelligence technologies, including multiple Large Language Models (LLMs), to provide AI role-playing simulation services for corporate and healthcare training. In connection with these AI services:
- AI training and improvement. Content you submit may be used to improve our AI models and services, subject to your privacy settings — including training scenario inputs and responses, interactions with AI systems, assessment and feedback data, and usage and performance metrics.
- Synthetic data requirement. Our services are designed to work exclusively with synthetic, anonymized, or fictional data. You must not upload live patient data, personal health information (PHI), or confidential client information. We do not intentionally collect or process such restricted data.
- AI output processing. AI-generated content — grades, feedback, and scenarios — is processed and stored as part of service delivery, solely for educational and training purposes.
- Anonymization and protection. Where technically feasible, we anonymize personal data used for AI training, and we implement safeguards to prevent extraction of personal information from our models.
Information we collect
Information we collect falls into two categories. "Voluntarily provided" information is anything you knowingly and actively provide when using our services. "Automatically collected" information is anything automatically sent by your devices when you access our products and services.
Professional training data
Alongside standard website data, we collect information related to professional and healthcare training: training completion records, assessment scores and feedback, professional development progress, certification tracking data, and supervisor review records.
Log & device data
Our servers may automatically log standard data provided by your browser — IP address, browser type and version, pages visited, and the time, date, and duration of visits — as well as error data when problems occur. We may also collect device type, operating system, unique device identifiers, device settings, and geo-location data. While this may not be personally identifying by itself, it may be combined with other data to identify individuals.
Personal information & user content
We may ask for personal information — for example when you submit content, subscribe, or register an account — including name, email, phone number, professional credentials and licensing information, and organization and role details. User-generated content you submit for publication may become public after review. Training content submitted for AI simulations is processed per your privacy settings and our synthetic-data requirements and is not made public unless you choose to share it.
How and why we use information
We only collect and use personal information when we have a legitimate reason, and only what is reasonably necessary to provide our services — to deliver core features, personalize your experience, keep internal records, improve our AI models (subject to your settings), and provide training, assessment, and certification tracking. We may combine voluntarily provided and automatically collected information with general information from trusted sources to enhance your experience.
Third-party service providers
We may disclose personal information to third-party service providers so they can provide their services. Current third parties with direct access to data include (partial list):
- AI & technology: Anthropic, OpenAI, and Perplexity (AI language models), LLM gateway providers, and Bubble.io and associated plugins (platform services).
- Analytics & support: Google Analytics and Twilio.
- Additional providers may include IT services, data storage and hosting, analytics and error logging, maintenance, marketing, professional advisors, and payment systems operators.
Healthcare & professional compliance
As an Israeli company, we comply with the Israeli Privacy Protection Law and regulations issued by the Israeli Privacy Protection Authority. For healthcare training applications we apply additional safeguards: all training data must be synthetic, fictional, or appropriately de-identified; no live patient data or PHI is permitted; and professional licensing and certification data is handled with enhanced security. We maintain professional development records in line with industry standards and regulatory requirements.
Security & retention
While we retain your information, we protect it within commercially acceptable means against loss, theft, and unauthorized access, disclosure, copying, use, or modification, including encryption of training data and access controls for AI interactions. No method of electronic transmission or storage is 100% secure. We keep personal information only for as long as we need it — for example, for the duration of your account — and then delete it or make it anonymous, unless a longer period is required for legal, accounting, professional-licensing, or reporting obligations.
Children's privacy
We do not aim any of our products or services directly at children under 13, and we do not knowingly collect personal information about children under 13.
Your rights and choices
Depending on your location, you have rights over your personal information, including to:
- Access the personal information we hold about you.
- Correct information that is inaccurate, out of date, incomplete, or misleading.
- Delete your personal information (subject to certain legal exceptions). If you delete your account, we delete your personal information within 14 days.
- Port a copy of your data in a machine-readable format where technically feasible.
- Restrict or object to processing based on our legitimate interests.
- Unsubscribe from marketing at any time, and be free from discrimination for exercising your rights.
We comply with applicable laws in respect of any data breach, and you may lodge a complaint with a relevant regulatory body or data protection authority. If we or our assets are acquired, your personal information may be transferred as part of that business transfer, subject to this policy.
Regional disclosures
United States (CA, CO, DE, FL, VA, UT). Residents of these states have rights to know the categories and specific pieces of personal information we collect, the sources and purposes, and the categories of third parties to whom it is disclosed, plus the right to request deletion. In the past 12 months we have collected identifiers such as name, email, phone number, account name, and IP address. We do not respond to browser "Do Not Track" signals.
EU & UK (GDPR / UK GDPR). Dry Runz is a Data Controller and/or Processor with respect to the personal information you provide. Our lawful bases are your consent, performance of a contract, our legitimate interests, and compliance with law. You have rights to be informed, of access, to rectification, to erasure, to restrict processing, to object, and to portability. International transfers are protected by appropriate safeguards such as Standard Contractual Clauses. In the UK you may contact the Information Commissioner's Office (ico.org.uk).
Israel. As a company registered in Israel, we comply with the Israeli Privacy Protection Law (1981) and related regulations. Israeli residents have rights to access, correction, and deletion, and may file a complaint with the Israeli Privacy Protection Authority.
Changes to this policy
At our discretion we may change this privacy policy to reflect updates to our processes or legal changes. We will post changes at this same link, and if changes are significant or required by law, we will contact registered users with the updated details.
Contact us
For any questions or concerns regarding your privacy, or matters related to data protection and AI data processing, contact our Data Protection Officer at admin@dryrunz.ai.