ensemble

Privacy Policy

How we handle personal and sensitive data

This Privacy Policy explains how Informant Holdings Group Inc, a Delaware corporation doing business as Ensemble Neuroscience, collects, uses, discloses, and protects personal information in connection with our websites, waitlists, products, research, assessments, models, applications, and related services.

Last updated: May 24, 2026

Ensemble works with brain-health and neuroscience data. Depending on the feature, program, or workflow you use, we may collect sensitive personal information such as health, clinical, neural, biometric, voice, audio, protected-classification, professional, employment-related, and inference data. Not every service collects every category.

Information We Collect

We collect information you provide directly, information generated through your use of the services, information provided by clinicians, care teams, research partners, employers, institutions, or other authorized users, and information created by our systems when processing data.

The categories below describe what we may collect when a corresponding feature, assessment, research program, onboarding flow, product workflow, or professional use case is available and used.

Notice at Collection

This table summarizes the categories of personal information and sensitive personal information we may collect, why we collect it, how long we generally keep it, and whether we sell or share it for cross-context behavioral advertising.

Category Examples Purposes Retention Sale or sharing
Identifiers and contact information Name, email address, phone number, account identifiers, mailing address, organization, username, login data. Create accounts, respond to requests, send waitlist/product updates, authenticate users, provide support. For the account, relationship, or request lifecycle, then as needed for legal, security, audit, or backup purposes. Not sold. Not shared for cross-context behavioral advertising.
Internet, device, and usage information IP address, browser type, device data, pages viewed, referrers, click and form interaction data, session replay data when enabled, cookies, analytics events. Operate the website, secure the services, measure performance, debug errors, understand product usage, improve experience. Generally retained according to analytics, security-log, and backup settings unless longer retention is needed for security or legal reasons. Not sold. Not shared for cross-context behavioral advertising.
Commercial and waitlist information Waitlist signup details, source/referrer, location or city if provided, preferences, support requests, product interest, transaction or billing information if paid services are offered. Manage waitlists, communicate with you, provide services, process payments, manage subscriptions or purchases, forecast demand. For as long as needed to manage the relationship, transaction, accounting, tax, support, and legal obligations. Not sold. Not shared for cross-context behavioral advertising.
Professional or employment-related information Employer, role, credentials, specialty, professional biography, work history, institution, applicant data, clinician or researcher affiliation. Evaluate partnerships, provide professional workflows, verify eligibility, manage recruiting, support clinical or research programs. For the professional relationship, application process, or program lifecycle, then as needed for legal, audit, or business records. Not sold. Not shared for cross-context behavioral advertising.
Protected classification characteristics Age, date of birth, sex, gender, race, ethnicity, national origin, disability status, veteran status, marital status, or other demographic information if provided or required for a program. Support clinical, research, eligibility, safety, fairness, bias evaluation, accessibility, reporting, or compliance workflows. For the relevant program, research, product, or legal retention period, subject to deletion or de-identification where appropriate. Not sold. Not shared for cross-context behavioral advertising.
Health, clinical, and neural data Health history, symptoms, diagnoses, medications, treatment history, care-plan information, MRI, EEG, neural data, clinical notes, assessment results, outcomes, and related records. Provide and improve brain-health products, assessments, modeling, research, support, clinical or research collaboration, quality, safety, and compliance. For the clinical, product, research, or contractual purpose and applicable legal retention periods; may be de-identified or aggregated where appropriate. Not sold. Not shared for cross-context behavioral advertising.
Audio, electronic, sensory, or similar information Voice recordings, call recordings, audio samples, video, sensor outputs, signal data, interaction recordings, and similar electronic or sensory information. Enable voice/audio features, support services, derive product signals, train or evaluate models where permitted, quality assurance, security, and support. For the feature, consent, research, contractual, or legal period that applies; may be deleted, de-identified, or retained as required. Not sold. Not shared for cross-context behavioral advertising.
Biometric information Voiceprints, voice-derived features, facial or other biometric identifiers if a feature is enabled to identify, verify, authenticate, or characterize a person. Identity verification, authentication, personalization, safety, research, model development, or product functionality where permitted and with required notices or consent. For the applicable consent, feature, verification, research, contractual, or legal period; may be deleted or de-identified when no longer needed. Not sold. Not shared for cross-context behavioral advertising.
Inferences and profiles Model outputs, risk scores, inferred traits, preferences, care-pathway insights, predicted response patterns, segmentation, quality metrics, and derived brain-model features. Generate insights, personalize services, support decision workflows, improve models, evaluate safety and performance, research and analytics. For the relevant product, research, contractual, or legal purpose; may be retained in de-identified or aggregated form. Not sold. Not shared for cross-context behavioral advertising.
Communications and user content Messages, support requests, survey answers, uploaded files, assessment responses, feedback, notes, and other content you submit. Respond to you, provide services, operate assessments, support users, improve products, document requests, and maintain records. For the relationship, request, assessment, or program lifecycle, then as needed for legal, audit, backup, or security purposes. Not sold. Not shared for cross-context behavioral advertising.
Sensitive personal information Health, neural, biometric, precise location if collected, protected-classification data, account credentials, contents of communications you direct to us, and similar sensitive data. Provide requested services, operate and secure products, comply with law, protect rights and safety, conduct research or model development where permitted, and other disclosed or consented purposes. For the applicable product, consent, research, contractual, legal, security, or compliance period, then deleted, de-identified, or aggregated where appropriate. Not sold. Not shared for cross-context behavioral advertising.

Sources of Information

  • You, when you sign up, contact us, use a product, complete an assessment, upload data, or participate in research.
  • Clinicians, care teams, researchers, institutions, employers, study sponsors, or other authorized users who provide information in connection with services or programs.
  • Devices, software, sensors, browsers, analytics tools, and security systems used to operate our services.
  • Service providers and partners such as hosting, analytics, bot protection, email delivery, payment, support, AI infrastructure, and research vendors.
  • Publicly available sources, professional directories, publications, or other lawful sources where relevant to partnerships, recruiting, research, or business operations.

How We Use Information

  • To provide, operate, secure, troubleshoot, and improve the services.
  • To build, test, validate, and improve whole-brain models, assessments, AI systems, and related product features where permitted.
  • To communicate with you about waitlists, product updates, support, partnerships, research, and services.
  • To personalize or configure experiences, workflows, insights, or model outputs.
  • To conduct research, analytics, model evaluation, quality assurance, and safety reviews.
  • To verify identity, eligibility, authorization, consent, credentials, or account access.
  • To comply with laws, contracts, audits, legal process, security obligations, and regulatory obligations.
  • To protect the rights, privacy, safety, and security of Ensemble, users, patients, participants, partners, and the public.

How We Disclose Information

We disclose personal information only as needed for the purposes described in this policy, as directed by you or an authorized organization, or as required or permitted by law.

  • Service providers that host, secure, analyze, email, process payments, provide AI infrastructure, manage data, or support the services.
  • Professional, clinical, research, institutional, or enterprise customers and partners when you participate in or are connected to their workflow, study, service, or account.
  • Advisors, auditors, lawyers, insurers, and compliance professionals.
  • Government, law enforcement, regulators, courts, or other parties when required by law or necessary to protect rights, safety, and security.
  • Successors or counterparties in a merger, acquisition, financing, reorganization, sale, or similar business transaction.
  • Other parties with your direction, consent, or authorization.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

AI, Models, and Derived Data

Some Ensemble services may use machine learning, statistical modeling, simulation, or AI-enabled systems to process MRI, EEG, clinical, voice, assessment, sensor, or other data. These systems may create derived features, predictions, model outputs, quality metrics, risk indicators, or other inferences.

We may use third-party AI or infrastructure providers to process data on our behalf, subject to contracts and technical controls intended to protect the data. We may also use de-identified, aggregated, or otherwise privacy-protective data to evaluate, validate, or improve models where permitted by law and applicable agreements.

Some data may be subject to additional healthcare, research, enterprise, or data processing obligations when we process it for a covered entity, business associate, clinical partner, research sponsor, institution, or employer under a separate written agreement. If a separate agreement or applicable law provides stronger protections for specific data, that agreement or law controls for that data.

Sensitive Personal Information

We may collect and process sensitive personal information, including health, neural, biometric, voice, audio, protected-classification, and similar data. We use and disclose sensitive personal information only to provide requested services, operate and secure our products, perform research or product development where permitted, comply with law, protect rights and safety, with your consent, or for other purposes disclosed at the time of collection.

If applicable law gives you the right to limit the use or disclosure of sensitive personal information, you may contact us using the information below.

Your Choices and Rights

Depending on where you live and how you interact with us, you may have rights to request access, correction, deletion, portability, restriction, withdrawal of consent, objection, or information about how we use and disclose personal information. You may also have the right to limit certain uses of sensitive personal information and to opt out of certain sale, sharing, targeted advertising, or profiling activities.

To exercise rights, email hello@ensembleneuro.com. We may need to verify your identity or authority before fulfilling a request. We will not discriminate against you for exercising privacy rights.

You can unsubscribe from marketing emails using the unsubscribe link in those emails. Browser settings and privacy tools may also let you block or delete cookies, limit tracking, or send Global Privacy Control signals.

Security and Retention

We use administrative, technical, and organizational safeguards designed to protect personal information. No system is completely secure, and we cannot guarantee that information will always remain secure.

We retain personal information for as long as reasonably necessary for the purposes described in this policy, including to provide services, maintain records, comply with law, resolve disputes, enforce agreements, protect security, conduct research where permitted, and maintain backups. We may de-identify, aggregate, or delete information when it is no longer needed.

Children

Our services are not directed to children under 13, and we do not knowingly collect personal information from children under 13 without required consent. If you believe a child has provided us information without required consent, contact us so we can review and take appropriate action.

Changes to This Policy

We may update this Privacy Policy as our services, data practices, or legal obligations change. The updated policy will be posted on this page with a new "Last updated" date.

Contact

Informant Holdings Group Inc, a Delaware corporation
Doing business as Ensemble Neuroscience
Email: hello@ensembleneuro.com
United States

This policy is intended to describe our current data practices. If you use Ensemble through a healthcare, research, enterprise, or institutional partner, additional notices or agreements may apply.