The short version: ZxAI is a B2B company. We do not sell your data. We do not run advertising. We collect only what we need to operate this website and respond to inquiries. If you are a medical practice using ZxAI's services, your patient data is governed by a separate Business Associate Agreement (BAA) — not this policy.
1. Who We Are
ZxAI ("ZxAI," "we," "us," or "our") operates the website located at https://zxai.ai (the "Site"). ZxAI provides AI-powered automation agents for private medical practices in the United States.
This Privacy Policy explains how we collect, use, disclose, and safeguard information in connection with your use of this Site. It applies to visitors and prospective customers. It does not apply to information processed on behalf of ZxAI's business customers through our service platform, which is governed by the applicable Master Service Agreement and Business Associate Agreement.
For questions about this policy, please contact us at [email protected].
2. Information We Collect
Information You Provide Directly
We collect information you voluntarily provide when you:
- Contact us by email. When you email [email protected], we receive your email address, name (if provided), and the content of your message.
- Request a consultation or demo. If you book a call through a scheduling service linked from our Site, the scheduling provider may collect your name, email address, phone number, and calendar availability. Please review the privacy policy of any third-party scheduling tool you use.
Information Collected Automatically
When you visit the Site, certain information may be collected automatically by our web hosting infrastructure or by third-party services embedded in the Site:
- Server and access logs. Standard web server logs may record your IP address, browser type, operating system, referring URL, pages visited, and the date and time of your visit. This is a standard feature of web hosting and is used for security and operational purposes.
- Google Fonts. Our Site loads typefaces from Google Fonts. When your browser requests a font file, your IP address is transmitted to Google's servers. Google's privacy practices are governed by the Google Privacy Policy. We do not control this data transmission. If you prefer, you can block Google Fonts requests using a browser extension or privacy-focused DNS.
Information We Do Not Collect
ZxAI does not currently use third-party website analytics services (such as Google Analytics), advertising pixels, session recording tools, or chat widgets on this Site. We do not collect payment information through this Site.
3. How We Use Information
We use the information described above to:
- Respond to your inquiries and communicate with you about our services
- Schedule and conduct consultations and product demonstrations
- Maintain the security and proper functioning of the Site
- Comply with legal obligations
- Improve our marketing and website content (based on aggregate, non-identifiable patterns)
We do not use your information for targeted advertising. We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
4. How We Share Information
We do not sell or share your personal information with third parties for their own marketing purposes. We may share information in the following limited circumstances:
Service Providers
We may share information with vendors who help us operate the Site or conduct our business — such as web hosting providers, email service providers, and scheduling tools. These vendors are permitted to use your information only to perform services on our behalf.
Legal Requirements
We may disclose information when required by law, subpoena, court order, or other legal process, or when we believe disclosure is necessary to protect the rights, property, or safety of ZxAI, our customers, or others.
Business Transfers
In the event of a merger, acquisition, sale of assets, or other business transaction, personal information may be transferred as part of that transaction. We will notify you by updating this policy if such a transfer materially affects your rights.
5. Cookies and Tracking Technologies
This Site does not use first-party cookies for analytics or advertising. Your browser may receive cookies from third-party services whose content is embedded in or linked from our Site (such as Google Fonts or any scheduling tool you use). These cookies are set by those third parties and are governed by their respective privacy policies.
You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Note that blocking certain cookies may affect the functionality of third-party features on this Site.
6. Data Retention
We retain email correspondence and inquiry records for as long as necessary to respond to your request and to maintain a reasonable record of our business communications — typically no longer than three years unless a longer period is required by law or ongoing business relationship.
Server log data is retained for up to 90 days for security and operational purposes, after which it is deleted or anonymized.
You may request deletion of your personal information at any time by emailing [email protected]. We will honor deletion requests to the extent consistent with our legal obligations.
7. Security
We implement reasonable technical and organizational measures to protect information against unauthorized access, alteration, disclosure, or destruction. Our Site is served over HTTPS. Access to business communications is restricted to ZxAI personnel with a need to know.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. If you believe your information has been compromised, please contact us immediately at [email protected].
8. HIPAA and Healthcare Data
ZxAI's service platform processes protected health information (PHI) on behalf of medical practice customers under a Business Associate Agreement (BAA) as required by the Health Insurance Portability and Accountability Act (HIPAA). The BAA governs ZxAI's obligations with respect to PHI.
This Privacy Policy does not govern PHI. If you are a patient of a medical practice that uses ZxAI's platform, please contact that practice directly regarding how your health information is handled. ZxAI processes PHI solely to perform services for covered entities and does not use PHI for its own business purposes.
ZxAI automates administrative and operational workflows only. ZxAI is not a clinical decision support tool, diagnostic system, or medical device. Nothing in ZxAI's services constitutes medical advice.
9. California Residents (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you additional rights with respect to your personal information.
Categories of Personal Information Collected
In the past 12 months, we may have collected the following categories of personal information from Site visitors and prospective customers:
- Identifiers: name, email address, IP address
- Commercial information: records of correspondence regarding our services
- Internet activity: server log information (pages visited, browser type)
We do not sell or share personal information as defined under CCPA/CPRA. We do not use personal information for cross-context behavioral advertising.
Your Rights
California residents have the right to:
- Know what personal information we have collected, used, disclosed, or sold
- Delete personal information we have collected about you (subject to certain exceptions)
- Correct inaccurate personal information
- Opt out of the sale or sharing of personal information (we do not sell or share personal information)
- Non-discrimination for exercising your rights
How to Submit a Request
To submit a rights request, please email [email protected] with the subject line "California Privacy Request" and describe your request. We will acknowledge receipt within 10 business days and respond within 45 calendar days. We may ask you to verify your identity before processing your request.
Authorized Agent
You may designate an authorized agent to submit a request on your behalf. We will require written proof of the agent's authorization and may verify your identity directly.
10. Children's Privacy
This Site is directed to business professionals and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently received information from a child, please contact us at [email protected] and we will promptly delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will update the "Last updated" date at the top of this page when we make material changes. We encourage you to review this policy periodically.
If we make material changes that significantly affect your rights, we will make reasonable efforts to notify you (for example, by emailing you if you are a registered customer or by posting a notice on the Site).
12. Contact Us
If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how your information is handled, please contact us: