Your trust matters. This policy describes how WhenAIGo handles personal and clinical information across our website and platform — and the protections and choices that come with it.
WhenAIGo (“WhenAIGo,” “we,” “us”) provides an AI-powered healthcare intelligence platform to hospitals, clinics, and care networks. This Privacy Policy explains what information we collect, how we use it, and the choices you have.
It applies to our website, marketing pages, and the WhenAIGo platform. Where we process data on behalf of a healthcare provider, that provider is the controller of patient data and our handling is also governed by the agreement we sign with them.
We collect the following categories of information:
We use information to operate, secure, and improve our services. Specifically, we use it to:
When we process protected health information (PHI) on behalf of a covered entity or business associate, we do so under a Business Associate Agreement (BAA) consistent with HIPAA and applicable healthcare data laws.
We do not sell PHI. We use it only to provide the contracted services and as permitted by our agreement with the provider and by law.
We use end-to-end encryption in transit and at rest, access controls, audit logging, and regular security reviews to protect data. No system is perfectly secure, but we work to maintain audit-ready infrastructure that meets global healthcare data standards.
We retain information for as long as needed to provide the services, comply with legal obligations, resolve disputes, and enforce agreements. Retention of clinical data is governed by our contract with your healthcare provider.
Depending on your location, you may have rights to access, correct, delete, or restrict the use of your personal data, and to object to certain processing. For patient data, requests are typically directed to the healthcare provider acting as controller.
To exercise a right or ask a question, contact us at privacy@whenaigo.com.
We may process information in countries other than where you are located. Where we transfer data across borders, we use appropriate safeguards as required by applicable law.
Our website and platform are intended for healthcare organisations and their staff, not for general consumer or children’s use. Where we process minors’ health data on behalf of a provider, we do so under that provider’s direction and applicable law.
We may update this policy from time to time. When we make material changes, we will update the date above and, where appropriate, notify you. Continued use of our services after changes take effect means you accept the revised policy.
Questions about privacy? Email privacy@whenaigo.com or write to WhenAIGo, 140 Harbour Point, Suite 900, Boston, MA 02210, USA. You can also reach us through our contact page.