Genbu Health ("Company," "we," "us," or "our") is a healthcare technology company incorporated in California. We provide an AI-powered patient outreach platform to health plans, provider groups, and other healthcare organizations. Our principal place of business is in California.
For questions about this Privacy Policy, contact us at privacy@genbuhealth.com.
Please do not include any health information or other sensitive personal details in your emails.
From website visitors (genbuhealth.com):
From business customers and their authorized users:
Protected Health Information (PHI): Our platform processes PHI on behalf of our healthcare customers under the terms of a Business Associate Agreement (BAA). PHI is governed by our HIPAA Policy and applicable federal and state law — not by this general Privacy Policy. See our HIPAA Policy for details.
We do not sell, rent, or share your personal information with third parties for their marketing purposes. We do not use your information for advertising or behavioral profiling.
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific rights regarding your personal information.
Your California privacy rights include:
To exercise these rights, contact us at privacy@genbuhealth.com. We respond to verifiable consumer rights requests within the time required by applicable law (currently 45 days, which may be extended by an additional 45 days where permitted, with notice to you).
You can submit a request to access, correct, or delete your personal information by email to privacy@genbuhealth.com.
To help us locate your information and verify your request, please include:
Please do not include any health information or other sensitive personal details in your request. We only need enough information to locate your records and confirm your identity. Requests are received and recorded in our privacy mailbox, which serves as our record of consumer requests.
We will acknowledge and process verifiable requests within the time required by applicable law (currently 45 days, which may be extended by an additional 45 days where permitted, with notice to you). We may need to verify your identity before completing your request, and certain information may be retained where an exception applies (for example, to comply with a legal obligation or complete a transaction you requested). Where your request concerns Protected Health Information processed on behalf of a healthcare customer, please see our HIPAA Policy, as such requests are generally directed through the relevant healthcare provider or health plan.
This website (genbuhealth.com) uses essential technical cookies necessary for basic website operation and security, including cookies set by our hosting/CDN provider. We do not use advertising cookies, cross-site tracking cookies, or behavioral analytics cookies.
We use Google Fonts, a service provided by Google LLC, to display typography. When your browser loads our website, it may make a request to Google's servers to load font files. Google's privacy policy governs any data collected in this process. You can learn more at policies.google.com/privacy.
Our website is served through a third-party hosting and content-delivery network (CDN) provider, which may process limited technical information (such as IP address and request metadata) for security, fraud prevention, and performance purposes. See Section 8 for the categories of service providers we use.
Do Not Sell or Share My Personal Information: We do not sell or share your personal information as defined under the CCPA/CPRA. No opt-out mechanism is required at this time because no such selling or sharing occurs.
We retain personal information for as long as necessary to fulfill the purposes described in this policy, to comply with our legal obligations, resolve disputes, and enforce our agreements. Website inquiry data is retained for as long as necessary to respond to and document the inquiry and to comply with applicable legal, regulatory, and contractual obligations. Account and platform data is retained for the duration of the customer relationship and for as long as needed thereafter to meet applicable legal, regulatory, and contractual obligations.
We implement administrative, physical, and technical safeguards appropriate to the sensitivity of the information we process. Our platform uses strong encryption for data at rest and for data in transit. Access to personal information is restricted to authorized personnel on a need-to-know basis. We log access to personal information within our platform.
We use third-party service providers who may process information on our behalf. Where a provider processes Protected Health Information, it does so only under a HIPAA Business Associate Agreement. Our platform's PHI-processing functions — cloud infrastructure and hosting, speech-to-text and text-to-speech, AI language model processing, and telephony — are provided by Microsoft Azure under Microsoft's HIPAA Business Associate Agreement. Our public website (genbuhealth.com) uses a hosting/CDN provider and a web-font provider that handle only limited technical website data and no PHI.
Our platform and website are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us immediately at privacy@genbuhealth.com.
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website or platform after changes are posted constitutes acceptance of the updated policy.
For privacy-related requests, questions, or complaints (please do not include any personal information for general inquiries):
Email: privacy@genbuhealth.com
Mail: Genbu Health, Attn: Privacy Officer, 100 N. Barranca St, Unit 7068, West Covina, CA 91791, USA
We respond to verifiable consumer rights requests within the timeframe required by applicable law; other inquiries are addressed as promptly as reasonably practicable. For requests relating to Protected Health Information, please refer to our HIPAA Policy.