Viz.ai is rated the #1 Healthcare Platform by Hospitals & Health Systems. Learn more by reading the Black Book report.

Contact Us
Providers
Viz.ai One

Viz Neuro Suite
Cerebral Aneurysm
CT Perfusion (CTP)
Hemorrhage
Hyperdensity Measurements
Large Vessel Occlusion (LVO)
Post Acute Stroke

Viz Vascular Suite
Aortic Disease
Pulmonary Embolism

Viz Cardio Suite
Hypertrophic Cardiomyopathy
Post Acute Stroke

Viz Trauma Suite

Viz Radiology Suite
Viz.ai and Microsoft Cloud for Healthcare

Pilot Programs
Oncology
Cardiology
Respiratory
Neurology
Osteoporosis
Life Sciences

Life Sciences

Discover how we work with life sciences partners to drive patient care innovation.

Go to Life Sciences
Customers

Support

Help Center

Customer Resources

User Guides (EU only)

Viz Academy
Clinical Research

Publications

HCM Education Series
Resources

All Resources

Webinars

Events
Brochures

Brochures
Case Studies

Case Studies
Clinical Validation

Clinical Validation

Press & News

Blog

White papers
Podcasts

Podcasts
shield check

Trust Center
About Us

Our Story

Leadership

Careers
Contact Us

US Privacy Policy for Viz.ai Subscription Services

Effective: August 20, 2025

This Privacy Policy describes how Viz.ai collects, uses and discloses information that is collected and processed as part of its platform subscription services including the associated Viz.ai mobile and web applications, and what choices you have with respect to this information.

When we refer to “Viz.ai”, we mean Viz.ai, Inc. and its wholly owned subsidiaries.

Applicability of This Privacy Policy

This Privacy Policy applies to Viz.ai’s subscription services, including the associated Viz.ai mobile and web applications (collectively, the “Services”). A separate agreement governs delivery, access and use of the Services (the “Customer Agreement”), including the processing of any messages, files or other content submitted through use of the Services (collectively, “Customer Data”). The organization (e.g., your employer or another entity or person) that entered into the Customer Agreement (“Customer”) controls certain aspects of their instance of the Services (their “Deployment”) and associated Customer Data, for example, how long Viz.ai will retain Customer Data.

This Privacy Policy does not apply to Viz.ai’s websites and other interactions with Viz.ai that are used for sales and marketing development activities. A separate privacy policy for websites, sales, business development and marketing can be found here.  

 

Information Collected by Viz.ai

Data collected directly from you

Where we collect data directly from you, a person who interacts with us, you have various rights regarding the way we use your data. These rights vary depending on where you are located. For example, you may be able to request us to correct, amend, or delete your data if you are based in a state such as California that has enacted privacy laws.

Categories of Personal Data we collect from you.

Data Collected Example data
Identity data First name, last name, username, unique device identifier, National Provider Identifier 
Contact data Email address, organization name, organization address, telephone number 
Customer data Deployments are configured to send Customer Data to Viz.ai for processing using the Services, for example digital computed tomography (CT) or electrocardiogram studies may be sent to Viz.ai through the Services for an artificial intelligence algorithm to detect suspected conditions. Customers or individuals granted access to a Deployment by a Customer (“Authorized Users”) routinely submit Customer Data to Viz.ai when using the Services, for example Authorized Users may submit messages through the mobile application component of the Services to coordinate care for a patient.   Customer Data includes “Protected Health Information” as defined in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Protected Health Information is governed by the HIPAA Business Associate Agreement between the Customer and Viz.ai and not by this Privacy Policy.  
Deployment and account information  To create or update an Authorized User account, you or your Customer (e.g., your employer) supply Viz.ai with an email address, phone number, password, role or title, and other similar account details. In addition, Customers provide Viz.ai (or its payment processors) with billing details such as banking information and a billing address. 
Profile data We record your preferences and profile on our systems to enhance your experience.
Services metadata  When an Authorized User interacts with the Services, metadata is generated that provides additional context about the way Authorized Users work. For example, Viz.ai records and logs when an Authorized User accesses the Services or uses certain functionality.   We may use and share Services metadata data to improve our services, develop new products and services, and conduct research.  
Log data  As with most technology services delivered over the Internet, our servers automatically collect information when you access or use our Services and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Services, browser type and settings, the date and time the Services were used, information about configuration and plugins, language preference data.
Device information Viz.ai collects information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect some or all of this Other Information often depends on the type of device used and its settings.
Location information We may receive information from you, your Customer and other third-parties that helps us approximate your location. We may, for example, use a business address submitted by your employer, or an IP address received from your browser or device to determine approximate location. Viz.ai may also collect location information from devices in accordance with the consent process provided by your device.
Usage data When you use the Services, we monitor and record your interactions. This recorded information, referred to as Usage Data, will be de-identified of any Protected Health Information (PHI) in accordance with HIPAA (45 CFR §164.514) standards before being used for the purposes described below. 

Usage Data will not contain PHI, but it may contain personally identifiable information (PII) of Authorized Users, such as National Provider Identifiers (NPIs), related to their professional activities.

Examples of Usage Data include the studies or alerts accessed, clicked, viewed, or shared by an Authorized User, average response times to alerts, and other Authorized User activity within the Services.

We may use your interactions and messaging data, once de-identified of PHI, to generate Usage Data, including building a profile about you and your professional use of the Services, and about healthcare topics, themes, and trends. We use this Usage Data to improve our services, develop new products and services, conduct research, and provide this data to your Customer to help improve their healthcare program and understand how the Services are used. 

We may also share and sell this Usage Data to interested third parties to help them improve their medical programs. If you are a resident of California or any other state with a privacy law that mandates a right to opt-out of the sale of personal information, you have the right to opt-out of the sale of your personal information by sending a request to privacy@viz.ai.
Third party services Viz may make third party services available to Customer through its Services.  Customer can choose to permit or restrict such Third Party Services for their Deployment. Typically, Third Party Services are software that integrate with our Services, and Customer can permit its Authorized Users to enable and disable these integrations for their Deployment. Once enabled, the provider of a Third-Party Service may share certain information with Viz.ai. For example, if a cloud storage application is enabled to permit files to be imported to a Deployment, we may receive username and email address of Authorized Users, along with additional information that the application has elected to make available to Viz.ai to facilitate the integration. Authorized Users should check the privacy settings and notices in these Third-Party Services to understand what data may be disclosed to Viz.ai. When a Third-Party Service is enabled, Viz.ai is authorized to connect and access Other Information made available to Viz.ai in accordance with our agreement with the Third-Party Provider. We do not, however, receive or store passwords for any of these Third-Party Services when connecting them to the Services.
Aggregated data This includes statistical information that is not particular to you or any other person but rather represents information such as the total use of the Services by Customer, the number of interactions with Customer and other aggregated data. You should be aware that Aggregated Data is not considered Personal Data under US state laws, as it does not directly or even indirectly reveal your identity. 

However, if we combine or connect Aggregated Data with your Personal Data so that it can then directly or indirectly identify you, we treat the combined data as Personal Data and only use it in accordance with this Privacy Policy and relevant state or federal laws.  

 

Our lawful use of your data

We will only use your data where we have a lawful reason to do so. There may be one or more legal grounds for us to process your data. This may depend on the purpose (s) for which we are using your data. These purposes are:

  • Consent: Where we specifically and directly collect your information ourselves, such as via our direct interaction with you, and when you first log into the Services with your mobile device we may obtain your consent. 
  • Performance of contract: Where we need to perform the contract, we are about to enter or have entered with your Customer.
  • Legitimate interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. 
  • Legal obligation: Where we need to comply with a legal obligation.

 

Purposes for which we will use your Personal Data

Category of Data Example data and use
Communication data  We send you alerts through the mobile application when we identify a suspected condition and if you are “on call” within the mobile application. We may send you service, technical and other administrative emails, messages, and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and fraud notices. These communications are considered part of the Services, and you may not opt out of them.
Billing or account management data Viz.ai may need to contact you for account management and similar reasons and we use account data to administer accounts. 
Administration and security This includes the ongoing support and running of our Services, fault finding and troubleshooting, system maintenance reporting and hosting of data.
Service improvements Analysis of interactions, feedback, and analysis of usage data and Services metadata
Data analysis Collected information from services, messages and user or customer experience
Compliance with applicable laws and regulations We may use your data to respond to any requests that you may make under applicable laws, to respond to a request from a regulator or authorised public body and to defend any legal claims.

 

Information shared with third parties

We may disclose your Personal Data within Viz.ai, Inc. affiliated companies and with third parties for the purposes set out in this Privacy Policy. 

We may share your data where we seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Data in the same way as set out in this Policy and for the same purposes. 

We may also be required to disclose Personal Data to comply with our legal obligations. This can include situations where we must respond to government requests, investigate fraud, and respond to public and government authorities for national security and / or law enforcement purposes. 

We may disclose your Personal Data with a third party if there is a valid commercial reason to do so, including for purposes related providing services, developing new products and services, and research.  Where we disclose your Personal Data and it is not integral to the provision of services, you may have the right to opt out of such disclosures under applicable state laws (e.g., by exercising your “Do Not Sell” rights). 

We require all third parties to respect the security of your Personal Data and to treat it in accordance with applicable privacy and security law. Where we use third parties to provide services to Viz that are part of the Service, we do not allow such third parties to use your Personal Data for their own purposes and will only permit them to process your Personal Data for agreed and specified purposes and in accordance with our written instructions such as those given in a contract. 

We collect data from both direct and indirect sources. When we collect data from third parties who provide applications or services to support our delivery of the Services, these third parties have different privacy policies to Viz.ai and we recommend that you visit them to understand how they treat your data and to exercise your rights with them.  

A list of third party sub-processors that provide services to Viz that are part of the Service or support our activities to deliver the Service is published in the Viz Trust Center.

 

Categories of third parties or data disclosed Reason or purpose for disclosing the data
Service providers and business partners We may engage third party companies or individuals as service providers or business partners to process Customer Data and Other Information and support our business. These third parties may, for example, provide virtual computing and storage services, or enable features of the Services.
Customer instructions Viz.ai will solely share and disclose Customer Data in accordance with the Customer Agreement, a Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and in compliance with applicable law and legal process.
Displaying the services When an Authorized User submits Other Information, it may be displayed to other Authorized Users. For example, an Authorized User’s email address or phone number may be displayed with their Deployment profile to use the Services, for example to enable rapid communication between patient care teams and departments of a referring hospital in connection with the care of patients.
Customer access Owners, administrators, Authorized Users and other Customer representatives and personnel may be able to access, modify or restrict access to Other Information. This may include, for example, your employer using Service features to export logs of Deployment activity or accessing or modifying your profile details.
Corporate affiliates Viz.ai may share Customer Data and Other Information with its corporate affiliates and subsidiaries.
Changes to Viz.ai’s business If Viz.ai engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Viz.ai’s assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence), some or all Customer Data and Other Information may be shared or transferred, subject to standard confidentiality arrangements
To enforce our rights, prevent fraud, and for safety To protect and defend the rights, property or safety of Viz.ai or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
Aggregated or de-identified data Subject to the Customer Agreement, we may disclose or use aggregated or de-identified Customer Data and Other Information for any purpose. For example, we may share aggregated or de-identified Other Information with prospects or partners for business or research purposes, such as telling a prospective Viz.ai customer the average response time to alerts within a typical Deployment.
Law enforcement or compelled disclosure We reserve the right to use or disclose your Personal Data if required to do so by law or if we reasonably believe that the use or disclosure of your data is necessary to protect our rights, to protect your safety or the safety of others, to investigate fraud, or to comply with a law, court order, or legal process or request. Where we are requested to disclose information, we will always ensure that the requesting party has a lawful basis for the request and a reason for it. 
With your consent Viz.ai may share Customer Data and Other Information with third parties when we have consent to do so.

 

Security

We take security of data very seriously and we work hard to protect the information you provide from loss, misuse, and unauthorised access or disclosure. These steps consider the sensitivity of the information we collect, process and store, and the current state of technology, software, and any specific contracts we may have in place with third parties to protect your data. We have received internationally recognised security certifications to meet the ISO 27001 (information security management system) standard.

Age limitations

We never intentionally collect the data of anyone under the age of eighteen. Where this data is provided or detected, we will make reasonable efforts to delete this data.

Data retention

We will retain your data for as long as is necessary to fulfil the purpose for which it was collected, or for a longer basis if there is a legal requirement for us to retain the data.

Your privacy rights

Your location will determine your privacy rights, and these vary from state to state.

California Privacy Rights

The CCPA provides California residents with specific rights regarding their Personal Data.

Do not sell

We can sell your data if there is a valid commercial reason to sell your Personal Data collected during the use of the services.

Your rights under the CCPA

If you are a resident of California, You have the following rights:

  • The right to notice. 

You have the right to be notified which categories of Personal Data are being collected and the purposes for which the Personal Data is being used.

  • The right to request.

Under the CCPA, you have the right to request that we disclose information to you about our collection, use, sale, disclosure for business purposes and about how we share your Personal Data. If we receive a request, we will seek to identify you and if your identity is confirmed, we will disclose:

  • The categories of Personal Data that we collected about you. 
  • The categories of sources for the Personal Data we collected about you. 
  • Our business or commercial purpose for collecting or selling your Personal Data. 
  • The categories of third parties with whom we shared that Personal Data. 
  • The specific pieces of Personal Data we collected about you. 
  • If we sold your Personal Data or disclosed your Personal Data for a business purpose, we will disclose:
    • The categories of Personal Data categories sold if we sold your data.
    • The categories of Personal Data categories disclosed.
  • You have the right to say no to the sale of Personal Data (opt-out). 

You have the right to request us to not sell your Personal Data. To submit an opt-out request please contact us at privacy@viz.ai.

  • The right to delete Personal Data. 

You have the right to request the deletion of your Personal Data, subject to certain exceptions. To submit a request to delete your Personal Data, please send a written request to privacy@viz.ai.   

If we receive a request and if your identity is confirmed, we will delete and request our service providers to delete your Personal Data from our records unless an exception applies. We may deny your deletion request if the retention of your Personal Data is necessary for us or our service providers to: 

    • Complete the transaction for which we collected the Personal Data, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you. 
    • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities. 
    • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law. 
    • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
    • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us. 
    • Comply with a legal obligation. 
    • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
  • The right not to be discriminated against. You have the right not to be discriminated against for exercising any of your rights, including by:
    • Denying goods or services to you 
    • Charging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penalties 
    • Providing a different level or quality of goods or services to You 
    • Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

EU-US Data Privacy Framework

Viz.ai, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. Viz.ai Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Viz.ai Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

Viz.ai Inc.’s accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, Viz.ai Inc. remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Data Privacy Framework Principles, unless Viz.ai Inc. proves that it is not responsible for the event giving rise to the damage.

Pursuant to the Data Privacy Frameworks, EU and UK individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Frameworks, should direct their query to privacy@viz.ai. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@viz.ai.

In compliance with the Data Privacy Framework Principles, Viz.ai commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Data Privacy Frameworks. European Union, and the United Kingdom with DPF inquiries or complaints should first contact Viz.ai by email at privacy@viz.ai.

Viz.ai, Inc. has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.

If your complaint involves human resources data transferred to the United States from the European Union or the United Kingdom in the context of the employment relationship, and Viz.ai, Inc. does not address it satisfactorily, we commit to cooperate with the panel established by the EU data protection the United Kingdom in the context of the employment relationship, and Viz.ai, Inc. does not address it satisfactorily, Viz.ai Inc. commits to cooperate with the panel established by the EU data protection authorities (DPA Panel) and the UK Information Commissioner’s Office, and to comply with the advice given by the DPA panel [or ICO, as applicable] with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labour authority in the appropriate jurisdiction. Complaints related to human resources data should not be addressed to the BBB NATIONAL PROGRAMS.

Contact details for the EU data protection authorities can be found at https://edpb.europa.eu/about-edpb/board/members_en.

UK individuals can also file a complaint with the ICO at https://ico.org.uk/make-a-complaint/uk-extension-to-the-eu-us-data-privacy-framework-complaints-tool/.

Changes To This Privacy Policy

Viz.ai may change this Privacy Policy from time to time. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We will post the changes to this page and encourage you to review our Privacy Policy to stay informed.

Data Protection Officer

To communicate with our Data Protection Officer, please email dpo@viz.ai.

Contacting Viz.ai

Please also feel free to contact Viz.ai if you have any questions about this Privacy Policy or Viz.ai’s practices, or if you are seeking to exercise any of your statutory rights. You may contact us at privacy@viz.ai or at our mailing address below:

Viz.ai, Inc.
548 Mission Street, #21826
San Francisco California 94104-5401
Attention: Chief Privacy Officer