BizHealth.ai - Business Health Analysis Platform
    BizHealth.ai Logo

    Privacy Policy

    Effective: October 8, 2025

    Last Updated: October 8, 2025

    At BizHealth.ai, your trusted Business Health Analyst, we empower micro-, small-, and mid-sized businesses with AI-driven diagnostics to eliminate guesswork and fuel growth. We take data privacy seriously, processing questionnaire inputs transparently to deliver insights without traditional consulting risks. This policy complies with U.S. laws (e.g., CCPA for California residents), GDPR for EU/EEA users (e.g., UK/Germany expansions), and global standards. By using our platform, you consent to these practices. Questions? Contact support@bizhealth.ai.

    We know data privacy matters to your business. We collect only necessary data for analytics across 12 areas (e.g., Strategy, Financials).

    Provided by You

    Name, email, phone, business details (e.g., revenue, employee count), and questionnaire responses (e.g., KPIs like EBITDA, operational metrics). For payments, billing/shipping info.

    Automatically Collected

    IP address, device/browser type, usage logs, and cookies for personalization.

    Sensitive Data

    Limited to business-relevant inputs. For EU users, we minimize collection per GDPR Art. 5. We do not collect data from children under 13 (COPPA-compliant).

    Data powers your diagnostics:

    • Generate reports (e.g., Owner's Report with benchmarks vs. SBA/Gartner)
    • Personalize insights (e.g., scaling recommendations for cash flow pains)
    • Improve platform (e.g., AI training on aggregated, anonymized data)
    • Communicate (e.g., report emails, optional newsletters)

    We share minimally:

    Service Providers

    Payment processors (e.g., Stripe), cloud hosts (e.g., AWS), AI analytics partners—bound by contracts.

    Business Transfers

    In mergers (with notice).

    Legal Needs

    To authorities or for rights protection. No sales/sharing for ads. For EU transfers (e.g., U.S. servers), we use Standard Contractual Clauses (SCCs) per GDPR Ch. V. Aggregated insights may be public (anonymized).

    We protect data with:

    • Encryption (in-transit/at-rest for questionnaires)
    • Access controls (role-based for reports)
    • Regular audits (SOC 2-aligned)

    No system is 100% secure; we notify breaches per law (e.g., GDPR 72-hour rule).

    Exercise rights anytime (response within 30 days):

    Access/Correct

    View/edit data.

    Delete/Portability

    Erase or export data within 30 days (subject to legal holds).

    Opt-Out

    Marketing (unsubscribe), cookies (banner), CCPA "Do Not Sell" (none apply).

    GDPR-Specific (EU/EEA)

    Object/restrict processing; right to be forgotten. Contact DPO at dpo@bizhealth.ai. Lodge complaints with authorities (e.g., ICO for UK).

    CCPA-Specific (CA Residents)

    Know/disclose/delete data; non-discrimination. For all: Email support@bizhealth.ai with verification.

    We use essential cookies (functionality) and analytics (Google Analytics—opt-out via tools). Consent banners for non-essential (GDPR/CCPA). Manage via browser settings.

    U.S.-based, we process global data (e.g., UK/Australia hubs) with safeguards (e.g., adequacy for Canada). EU data: SCCs/BCRs.

    Updates posted here/email notice. Continued use = acceptance. Check annually.

    Contact Information

    For privacy inquiries: support@bizhealth.ai

    Data Protection Officer: dpo@bizhealth.ai

    Website: www.bizhealth.ai

    Was this policy helpful?