Privacy Policy

1. Introduction & Our Mission

Welcome to Dooor. We are the enterprise platform for building and deploying Private, Ownable, and Auditable AI solutions. Our mission is to empower organizations to transform their wisdom into value, while maintaining absolute sovereignty over their data and models.

This Privacy Policy explains how we handle information in the context of our technology and our Co-Development Partnerships. Our commitment to privacy is not just a policy; it is engineered into the core of our platform through our standard of Verifiable AI.

2. Our Core Privacy Principles: The Verifiable AI Standard

Our platform is founded on three pillars that define our approach to data privacy and security:

• Private & Ownable: Our decentralized architecture and self-hosted deployment options are designed to ensure that our partners' data and AI models remain within their own environment and under their absolute control.
• Verifiable: We use Zero-Knowledge Proofs to mathematically prove the integrity of AI-generated results without exposing the underlying sensitive source data. This makes trust a mathematical certainty, not just a belief.
• Auditable: We utilize immutable, blockchain-anchored logs to create a tamper-proof and time-stamped record of every AI action and data interaction, ensuring full auditability.

Our architecture is built to be compliant by design with regulations such as Brazil's LGPD and HIPAA.

3. Information We Process

As a provider of foundational infrastructure to enterprise partners, we process different types of information:

• Partner Information: To manage our Co-Development Partnerships, we collect business contact details and other information necessary to manage the partnership, deploy our teams, and define mission-aligned KPIs.
• Partner-Controlled Data: When our partners deploy our solutions, such as the "Kenna™ Al Scribe" or the "Veris™ Integrity Engine," data is generated and processed. This can include highly sensitive information, such as records of doctor-patient conversations, structured clinical notes, and claims data. This data remains under the absolute control of our partner. We process it within their environment according to our agreement, using our privacy-preserving architecture. Dooor does not own this data.

4. How We Use Information

Our use of information is strictly tied to the services we are co-developing with our partners:

• To Provide and Co-Develop Our Services: We use information to build and deploy bespoke solutions for our partners. For example, to generate compliant clinical notes with Kenna™ to reduce physician burnout or to use the verifiable data stream from those notes to streamline claims processing and detect fraud with Veris™.
• To Ensure Integrity and Security: We use our core technology to create verifiable audit trails for compliance and security purposes.
• To Innovate Responsibly: For future capabilities like Privacy-Preserving Analytics, our "Augur™" solution is designed to allow partners to run analytics without exposing or pooling raw patient data.

5. Data Sharing and Sovereignty

We do not sell partner or end-user data. Data sharing occurs only as directed by our partners within their own ecosystem, for example, to create synergies between a hospital and its insurance arm.

Our long-term vision includes empowering individuals with sovereignty over their own data through solutions like "Guardian™," which would enable patients to have cryptographic ownership of their verifiable medical records.

6. Your Rights and Choices

If you are an end-user of a Dooor-powered platform (e.g., a physician at a hospital using Kenna™), your data is controlled by the enterprise partner (the hospital). To exercise your rights under applicable data protection laws like LGPD (such as access, correction, or deletion), you should direct your request to that organization.

7. Contact Us

If you have any questions about this Privacy Policy or our privacy-by-design approach, please contact us at: partnerships@dooor.ai.