Genbu Health operates as a Business-to-Business (B2B) platform. We do not sell your personal information and do not use your data for advertising. This policy describes what information we collect from visitors to this website (genbuhealth.com) and from our business customers and their authorized users.

1. Who We Are

Genbu Health ("Company," "we," "us," or "our") is a healthcare technology company incorporated in California. We provide an AI-powered patient outreach platform to health plans, provider groups, and other healthcare organizations. Our principal place of business is in California.

For questions about this Privacy Policy, contact us at privacy@genbuhealth.com.

Please do not include any health information or other sensitive personal details in your emails.

2. Information We Collect

From website visitors (genbuhealth.com):

From business customers and their authorized users:

Protected Health Information (PHI): Our platform processes PHI on behalf of our healthcare customers under the terms of a Business Associate Agreement (BAA). PHI is governed by our HIPAA Policy and applicable federal and state law — not by this general Privacy Policy. See our HIPAA Policy for details.

3. How We Use Your Information

We do not sell, rent, or share your personal information with third parties for their marketing purposes. We do not use your information for advertising or behavioral profiling.

4. Legal Basis for Processing (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific rights regarding your personal information.

Your California privacy rights include:

To exercise these rights, contact us at privacy@genbuhealth.com. We respond to verifiable consumer rights requests within the time required by applicable law (currently 45 days, which may be extended by an additional 45 days where permitted, with notice to you).

How to Submit a Privacy or Data Deletion Request

You can submit a request to access, correct, or delete your personal information by email to privacy@genbuhealth.com.

To help us locate your information and verify your request, please include:

Please do not include any health information or other sensitive personal details in your request. We only need enough information to locate your records and confirm your identity. Requests are received and recorded in our privacy mailbox, which serves as our record of consumer requests.

We will acknowledge and process verifiable requests within the time required by applicable law (currently 45 days, which may be extended by an additional 45 days where permitted, with notice to you). We may need to verify your identity before completing your request, and certain information may be retained where an exception applies (for example, to comply with a legal obligation or complete a transaction you requested). Where your request concerns Protected Health Information processed on behalf of a healthcare customer, please see our HIPAA Policy, as such requests are generally directed through the relevant healthcare provider or health plan.

5. Cookies and Tracking Technologies

This website (genbuhealth.com) uses essential technical cookies necessary for basic website operation and security, including cookies set by our hosting/CDN provider. We do not use advertising cookies, cross-site tracking cookies, or behavioral analytics cookies.

We use Google Fonts, a service provided by Google LLC, to display typography. When your browser loads our website, it may make a request to Google's servers to load font files. Google's privacy policy governs any data collected in this process. You can learn more at policies.google.com/privacy.

Our website is served through a third-party hosting and content-delivery network (CDN) provider, which may process limited technical information (such as IP address and request metadata) for security, fraud prevention, and performance purposes. See Section 8 for the categories of service providers we use.

Do Not Sell or Share My Personal Information: We do not sell or share your personal information as defined under the CCPA/CPRA. No opt-out mechanism is required at this time because no such selling or sharing occurs.

6. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this policy, to comply with our legal obligations, resolve disputes, and enforce our agreements. Website inquiry data is retained for as long as necessary to respond to and document the inquiry and to comply with applicable legal, regulatory, and contractual obligations. Account and platform data is retained for the duration of the customer relationship and for as long as needed thereafter to meet applicable legal, regulatory, and contractual obligations.

7. Data Security

We implement administrative, physical, and technical safeguards appropriate to the sensitivity of the information we process. Our platform uses strong encryption for data at rest and for data in transit. Access to personal information is restricted to authorized personnel on a need-to-know basis. We log access to personal information within our platform.

8. Third-Party Service Providers

We use third-party service providers who may process information on our behalf. Where a provider processes Protected Health Information, it does so only under a HIPAA Business Associate Agreement. Our platform's PHI-processing functions — cloud infrastructure and hosting, speech-to-text and text-to-speech, AI language model processing, and telephony — are provided by Microsoft Azure under Microsoft's HIPAA Business Associate Agreement. Our public website (genbuhealth.com) uses a hosting/CDN provider and a web-font provider that handle only limited technical website data and no PHI.

9. Children's Privacy

Our platform and website are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately at privacy@genbuhealth.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website or platform after changes are posted constitutes acceptance of the updated policy.

11. Contact Us

Privacy Inquiries

For privacy-related requests, questions, or complaints (please do not include any personal information for general inquiries):

Email: privacy@genbuhealth.com

Mail: Genbu Health, Attn: Privacy Officer, 100 N. Barranca St, Unit 7068, West Covina, CA 91791, USA

We respond to verifiable consumer rights requests within the timeframe required by applicable law; other inquiries are addressed as promptly as reasonably practicable. For requests relating to Protected Health Information, please refer to our HIPAA Policy.