1. Introduction

Grid Health, Inc. ("Grid Health," "we," "us," or "our") is committed to protecting the privacy and security of information collected through our website (gridhealth.ai), platform, and related services (collectively, the "Services"). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our platform, or otherwise interact with us.

Grid Health provides a healthcare-specific AI monitoring and operations platform designed for health systems. We understand the sensitivity of data in healthcare environments and take our privacy obligations seriously.

By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our Services.

2. Information We Collect

2.1 Information You Provide

We may collect information that you voluntarily provide to us, including:

• Contact information such as name, email address, phone number, job title, and organization name when you request a demo, book a call, or contact us
• Professional information such as your role, department, and health system affiliation
• Communications you send to us, including emails, form submissions, and feedback
• Account credentials if you create an account to access our platform

2.2 Information Collected Automatically

When you visit our website or use our Services, we may automatically collect certain information, including:

• Device and browser information (e.g., browser type, operating system, device type)
• IP address and approximate geographic location
• Pages visited, time spent on pages, and navigation patterns
• Referring URLs and search terms used to find our website
• Cookies and similar tracking technologies (see Section 7 below)

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Business partners and referral sources
• Marketing and analytics providers
• Professional community platforms such as CHARGE
• Publicly available professional information

2.4 Platform Data

When health systems use the Grid Health platform, the platform processes operational and performance data related to AI tools deployed within those health systems. This data is provided by and belongs to the health system client. Grid Health processes this data solely on behalf of and as directed by the health system client pursuant to a separate agreement.

Grid Health does not access, process, or store protected health information (PHI) as defined by HIPAA unless explicitly agreed upon in a Business Associate Agreement (BAA) with the health system client. Our platform is designed to operate on operational metadata and performance signals, not clinical patient data.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve our Services
• To respond to your inquiries, schedule demos, and communicate with you about our Services
• To personalize your experience and deliver content relevant to your interests
• To send marketing communications (with your consent, where required by law)
• To analyze website usage and improve our website and marketing efforts
• To comply with legal obligations and enforce our Terms of Service
• To detect, prevent, and address technical issues, fraud, or security concerns
• To fulfill our obligations under contracts with health system clients

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We may share information with third-party vendors who perform services on our behalf, such as hosting, analytics, email delivery, and customer support. These providers are contractually obligated to use your information only as directed by us and to maintain appropriate security measures.

4.2 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

4.3 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe in good faith that such disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 With Your Consent

We may share your information with your explicit consent or at your direction.

4.5 Aggregated or De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, benchmarking, or industry analysis purposes.

5. Data Security

We implement administrative, technical, and physical security measures designed to protect the information we collect. These measures include encryption of data in transit and at rest, access controls, regular security assessments, and employee training.

However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. When we no longer have a legitimate business need to process your information, we will either delete or anonymize it.

For platform data processed on behalf of health system clients, retention periods are governed by the applicable client agreement.

7. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to collect information about your browsing activity. These may include:

• Essential Cookies: Required for the website to function properly
• Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics)
• Marketing Cookies: Used to deliver relevant advertisements and measure campaign performance

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.

8. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information, including:

• The right to access and receive a copy of your personal information
• The right to correct inaccurate or incomplete information
• The right to request deletion of your personal information
• The right to restrict or object to certain processing activities
• The right to data portability
• The right to withdraw consent where processing is based on consent
• The right to opt out of marketing communications

To exercise any of these rights, please contact us at the information provided in Section 12. We will respond to your request in accordance with applicable law.

To opt out of marketing emails, you may use the “unsubscribe” link in any marketing email we send.

9. International Data Transfers

Grid Health is based in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate. We take appropriate measures to ensure that any such transfers comply with applicable data protection laws.

10. Children’s Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post the updated policy on this page and update the “Last Updated” date. We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Grid Health, Inc. Email: privacy@grid-health.com Website: grid-health.com

‍