Privacy Policy
1. Overview
Innobot Health (“Innobot,” “we,” “our,” or “us”) is a U.S.-based healthcare-automation company that “puts existing workflows on autopilot”. We design low-code, AI-driven robotic-process-automation (RPA) and revenue-cycle solutions that help hospitals, physician groups, and payers reduce cost and administrative burden. This Privacy Policy governs all personal data processed through:
innobothealth.com and any sub-domain (the “Site”);
demo tenants, APIs, and mobile apps (collectively, the “Services”); and
offline interactions such as events, webinars, sales calls, and recruiting.
The Site is informational only; we do not collect or process payment card data or conduct e-commerce on the public website.
When Innobot acts as a Business Associate under the U.S. Health Insurance Portability and Accountability Act (“HIPAA”), the governing Business Associate Agreement (BAA) prevails for Protected Health Information (“PHI”).
2. Key Definitions
3. Data We Collect
No Payment Data: We never request or store credit-card numbers, bank-account details, or ACH information on the public Site.
4. How We Collect Data
Directly from you – web forms, chat widgets, event sign-ups, résumé submissions.
Automatically – server logs, first-party cookies, telemetry SDKs.
Third-party sources – authorized resellers, conference attendee lists, public professional profiles (e.g., LinkedIn).
5. Why & How We Use Data
Automated decision-making is limited to non-legal effects (spam filtering, dynamic UI). Human review is available on request.
6. Tracking Technologies
We honor Global Privacy Control (GPC) signals and Do Not Track where technically feasible.
7. Data Sharing & Disclosure
We never “sell” or “share” Personal Data as those terms are defined by the CPRA.
8. International Transfers
EEA/UK → USA — Standard Contractual Clauses (SCC 2021/914) + supplementary safeguards (encryption, zero-trust).
Other regions — Adequacy decisions, Binding Corporate Rules, or lawful derogations under GDPR Art 49.
9. Security Measures
TLS 1.3 with HSTS; AES-256 encryption at rest; field-level encryption for PHI.
Zero-trust network segmentation, least-privilege IAM, mandatory MFA.
24 × 7 × 365 Security Operations Centre with SIEM, IDS/IPS, and EDR.
Annual SOC 2 Type II and ISO 27001 audits; HIPAA risk assessment refreshed yearly.
10. Retention & Disposal
11. Your Privacy Rights
Identity verification is required; we maintain request logs for audit.
12. Children’s Privacy
The Services are not directed to children under 13 (COPPA) and we do not knowingly collect data from minors. Parents may request deletion via Section 11.
13. Changes to This Policy
We post updates here and provide 15 days’ advance notice (banner or e-mail) for material changes. Continued use after the effective date constitutes acceptance.
14. Contact
- Data Protection Officer (Global) info@innobothealth.com
- HIPAA Privacy Officer info@innobothealth.com
- Toll-Free +1 (888) 341-1009
