Privacy policy

Last updated: 2026-05-22

This policy explains what data Reactivation AI ("we," "us") collects, why, and how we protect it. It applies to reactivation-ai.com, our marketing site, and to the patient-reactivation service we operate on behalf of our clinic clients.

If you are a patient who received outreach from one of our clinic partners, the messages came from your clinic — Reactivation AI is their service provider. To stop messages, reply STOP or contact your clinic directly. We will remove your record on request.

What we collect — and from whom

Marketing-site visitors: basic analytics (page views, referrer, anonymized IP). We do not run third-party advertising trackers.
Inquiry-form submissions: name, email, phone, clinic details, and any context you write in the message body.
Clinic clients: the patient list you provide us (typically a CSV export from your practice-management software), plus configuration we set up together — voice samples, services menu, sequence preferences.
Operational metadata: message send / open / reply events from our email infrastructure, used to drive sequencing and reporting.

How we use it

To deliver and improve the reactivation service we operate on your clinic's behalf.
To respond to inquiries and provide support.
To report performance to your clinic (recovered revenue, response rates, etc.).
To meet our legal and contractual obligations, including our Business Associate Agreement where one is in place.

HIPAA and patient data

When we handle patient data on behalf of a US clinic that is a HIPAA covered entity, we operate as a Business Associate under a signed BAA. Patient records are isolated per clinic, encrypted in transit and at rest, accessed only by personnel who require it for the service, and logged for audit. We do not train any model on your patient data.

How long we keep it

We retain patient records only as long as the contract with the clinic is active. On request, or within 30 days of contract end, we purge patient data from our systems. Operational metadata (e.g. aggregated reporting) may be retained in de-identified form.

Who we share it with

We share data only with the infrastructure providers required to run the service (email delivery, hosting, analytics). We do not sell patient data, and we do not provide it to advertisers. A current list of subprocessors is available on request.

Your choices

Patients: reply STOP to any message, or contact your clinic to opt out. You may also email us directly to request removal.
Inquiry-form submitters: email us to delete your record.
Clinics: request export or deletion of your data at any time per the terms of your service agreement.

Contact

Privacy questions: hello@reactivation-ai.com