BUBO HEALTH PRIVACY POLICY

1. Introduction

Bubo Health (“Bubo,” “we,” “our,” or “us”) operates a personal health management platform designed to help individuals navigate serious illness and take an active role in their healthcare journey. This Privacy Policy describes how we collect, use, disclose, and protect your information when you use the Bubo Health mobile application and related services (collectively, the “Services”).

Health information is among the most sensitive personal data you can share. We take that responsibility seriously and have designed our data practices with privacy and security as foundational priorities. Please read this Policy carefully. By using Bubo Health, you agree to the practices described herein.

Questions about this Policy? Contact us at privacy@bubo.health.

2. HIPAA Notice

Bubo Health is not a HIPAA covered entity — we are not a healthcare provider, health plan, or healthcare clearinghouse as defined under the Health Insurance Portability and Accountability Act (HIPAA), and HIPAA does not directly govern our operations. However, we voluntarily commit to treating your health information with protections that meet or exceed the spirit of HIPAA. We implement technical, administrative, and physical safeguards proportionate to the sensitivity of health data, including strong encryption, strict access controls, and ongoing security monitoring.

3. Information We Collect

We collect information you provide directly, information generated through your use of the app, and information from connected third-party services you choose to authorize.

3.1 Information You Provide Directly

• Account information: name, email address, date of birth, and password when you create an account.
• Health profile: medical conditions, diagnoses, allergies, current medications, care team members, and other health information you choose to enter.
• Medication records: drug names, dosages, schedules, and adherence logs.
• Lab results: test names, values, reference ranges, dates, and ordering providers you enter or import.
• Appointments: appointment dates, provider names, locations, and notes.
• Symptom journal entries: free-text descriptions, severity ratings, and timestamps.
• Nutrition and food logs: food items, meals, and photos you capture for nutritional analysis.
• Emergency card information: emergency contacts, critical allergies, and priority medical information you choose to store.
• Care team information: names, specialties, and contact information for your healthcare providers.
• AI chat messages: questions and conversations you initiate with our AI health assistant features.

3.2 Information from Connected Services

• Device health platform:With your explicit permission, we may read health and fitness data stored on your device's built-in health platform. Categories we access may include: steps, heart rate, sleep analysis, body weight, blood pressure, blood glucose, and workout activity. We do not currently write data back to your device health platform. You may revoke this permission at any time through your device settings.
• Electronic health record (EHR) integrations: With your explicit authorization, we may retrieve records from healthcare organizations whose systems you are connected to. Records retrieved may include medications, lab results, and appointments. This connection is strictly read-only — we do not create, modify, or delete records in any external health system. You may disconnect any EHR integration at any time from within the app.

3.3 Voice Recordings (Visit Recorder)

When you use the Visit Recorder feature, your device's microphone captures audio of your healthcare appointments at your direction. This audio is transmitted over an encrypted connection to a third-party AI transcription service for processing. The transcribed text is returned to the app and stored in your account. Raw audio recordings are not retained after transcription is complete — we do not store audio files on our servers or those of our transcription service provider beyond the time required to generate your transcript.

3.4 Photos and Camera

When you use food photo analysis or prescription scanning features, images captured by your camera or selected from your photo library are transmitted to our third-party AI service providers for analysis. Photos are not retained on our servers or those of our service providers after processing is complete. Structured information extracted from these images — such as nutritional estimates or medication details — may be saved to your health records within the app if you choose to keep the result.

3.5 Automatically Collected Information

• Device information: device type, operating system version, app version, and anonymous device identifiers.
• Usage data: features accessed, screens viewed, in-app actions, and session duration — used to improve the product.
• Crash reports and diagnostics: error logs and performance telemetry to help us identify and fix technical issues.
• IP address: used for security monitoring, fraud prevention, and approximate geolocation at the country or region level only.

4. How We Use Artificial Intelligence

Bubo Health uses third-party AI services to power features such as health chat assistance, medication information, drug interaction checking, visit transcription, and food analysis. We are transparent about how data flows to and from these AI features.

4.1 What Health Context We Share with AI Services

When you interact with an AI feature, we send relevant health context to the applicable AI service provider to generate a useful response. Before transmitting your text inputs to an AI service, we apply automated scrubbing to remove common categories of personal identifying information. The AI service receives clinical and health context relevant to your query, but our scrubbing is designed to prevent it from receiving direct identifiers such as:

• Full names and provider names (e.g. “Dr. Smith”)
• Phone numbers (US and international formats)
• Email addresses
• Postal addresses and ZIP codes
• Dates of birth
• Social Security numbers
• Medical record numbers
• Insurance member, group, and policy identifiers

We log the categories and counts of identifiers our scrubber removes from each request — but never the original values — so we can audit the protection over time. Audio recordings cannot be scrubbed before transcription; instead, we apply scrubbing to the transcribed text returned by the transcription service before it is used or stored. Photos and uploaded images are not text-scrubbable; the textual results extracted from them are scrubbed before any further AI processing.

Examples of what may be included in an AI context payload (after scrubbing):

• Your current medication list and dosages (without identifying information attached)
• Relevant lab results or symptom journal entries pertinent to your question
• The text of your question or message, with identifiers redacted
• General health context (conditions you have logged) relevant to the query

4.2 We Do Not Train AI Models on Your Health Data

We do not train AI models on your personal health data. We do not sell, license, or share your health information with AI providers for the purpose of training, fine-tuning, or improving AI models. We use third-party AI services exclusively through their standard commercial APIs. The standard terms of service for the AI APIs we use prohibit those providers from using API inputs and outputs to train or improve their models. We do not have separate custom data processing agreements with AI providers at this time, and users should review the applicable standard terms of each AI provider for full details.

4.3 AI Service Providers

We use reputable third-party AI service providers through their standard commercial APIs. Under the standard terms governing these APIs, providers are prohibited from using API inputs and outputs for their own independent purposes such as model training. We do not have custom data processing agreements with AI providers at this time. We periodically review our AI providers' standard terms and data handling practices. We do not publicly disclose the specific names of our AI technology partners in legal documents, as this information is subject to change; however, we are happy to discuss our AI practices with users who contact us at privacy@bubo.health.

4.4 How We Use Your Information Internally

• Provide, operate, maintain, and improve the Services
• Deliver AI-powered features including health chat, medication information, visit transcription, and nutrition analysis
• Synchronize data from connected services (device health platforms, electronic health record integrations) you have authorized
• Send reminders and notifications (medication alerts, appointment reminders) that you configure
• Respond to support requests and communicate service updates
• Detect, prevent, and respond to fraud, abuse, and security incidents
• Analyze aggregate, de-identified usage trends to improve the app — never at the individual level for advertising
• Comply with applicable legal obligations

5. How We Store and Protect Your Data

Your health data is stored on secure cloud infrastructure with encryption at rest and in transit. We enforce strict access controls so that only your authenticated account can access your personal health records. Employees and contractors with system access are bound by confidentiality obligations and granted only the minimum access necessary to perform their roles.

While we implement industry-standard security practices, no system is perfectly immune to compromise. We encourage you to protect your account by using a strong, unique password and enabling biometric authentication (such as Face ID or Touch ID) within the Bubo Health app.

In the event of a data security incident that affects your personal information, we will notify you as required by applicable law.

6. Data Retention

We retain your personal health data for as long as your account is active. Specific retention rules are as follows:

• Active accounts: Data is retained for as long as your account remains active and in use.
• Account deletion: When you delete your Bubo Health account, we will permanently delete your personal health data from our live systems within 30 days of the deletion request. Certain records may be retained longer if required by applicable law (for example, financial transaction records required for tax or audit purposes).
• Visit Recorder audio: Raw audio is deleted immediately upon completion of transcription — it is never stored beyond the processing window.
• Photos: Images submitted for analysis are deleted immediately after the analysis response is returned — they are never archived.
• Encrypted backups: Deleted data may persist in encrypted infrastructure backup snapshots for up to 90 days before being permanently overwritten as part of routine backup rotation.

To request account deletion, use the Delete Account option in the app's Settings screen or contact us at privacy@bubo.health.

7. How We Share Information

We do not sell your personal health information. We share information only in the following limited circumstances:

7.1 With Your Consent

We share information with third-party services only when you explicitly authorize us to do so — for example, when you connect an electronic health record integration or grant access to your device's health data.

7.2 Third-Party AI and Technology Service Providers

As described in Section 4, we share de-identified health context with third-party AI service providers to power AI features. We also use third-party providers for secure cloud infrastructure, analytics, and customer support tooling. We use these providers through their standard commercial terms, which restrict use of your data to the delivery of their services and prohibit use for their own independent purposes such as model training.

7.3 Legal Requirements

We may disclose information if required by law, court order, or governmental authority, or when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Bubo Health, our users, or the public.

7.4 Business Transfers

In the event of a merger, acquisition, financing, or sale of all or a portion of our assets, your information may be transferred to a successor entity. We will notify you of any such change and any material changes to this Privacy Policy before they take effect.

7.5 Aggregate and De-identified Data

We may share aggregate, anonymized, or de-identified information that cannot reasonably be used to identify you. This may be used for research, industry reporting, or product improvement purposes.

8. Device Health Platform Integration

Bubo Health may request permission to read health and fitness data from your mobile device's built-in health platform. The categories of data we may access include: step count, heart rate, sleep analysis, body weight, blood pressure (systolic and diastolic), blood glucose, and workout and exercise activity.

We do not currently write data back to your device health platform. Health data read from your device is used solely within Bubo Health to give you a more complete view of your health. We do not share this data with advertisers or use it for any advertising purposes. Device health data is shared with third parties only as minimally necessary to operate app features — for example, displaying your activity data within the app.

You may revoke device health data permissions at any time through your device's operating system settings.

9. Electronic Health Record Integration

Bubo Health can connect to your electronic health records through integrations with participating healthcare organizations. When you choose to connect:

• You will be directed to your healthcare organization's patient portal to authenticate and authorize access using industry-standard secure authorization protocols.
• We retrieve your records on a read-only basis — including medications, lab results, and upcoming appointments. We do not create, modify, or delete records in any external health system.
• Your healthcare portal credentials are never seen or stored by Bubo Health. We store only the secure access tokens issued to us following your authorization.
• You may disconnect your EHR integration at any time from the Settings screen within the app, which revokes our access.
• Availability of EHR integration depends on your healthcare organization's participation in open health record access programs and may change without notice.

10. Your Rights and Choices

Depending on your location, you may have rights regarding your personal information. The following rights are available to all Bubo Health users:

10.1 Access and Portability

You may access and export the health data you have stored in Bubo Health at any time through the app. For assistance with data export, contact privacy@bubo.health.

10.2 Correction

You may update or correct your account information and health records directly within the app at any time.

10.3 Deletion

You may delete your account and all associated personal health data. See Section 6 for deletion timelines. Use the in-app option or email privacy@bubo.health to initiate a deletion request.

10.4 Communications

You may opt out of marketing emails by using the unsubscribe link in any marketing email or by contacting us. You may not opt out of transactional communications related to your account security or service status.

10.5 Connected Services

You may disconnect device health and EHR integrations at any time via the app or your device's operating system settings. Disconnecting stops future data retrieval but does not automatically delete data already stored in the app.

11. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you in the past 12 months.
• Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions permitted by law.
• Right to Correct: Request correction of inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale or Sharing: We do not sell personal information and do not share it for cross-context behavioral advertising. No opt-out is required.
• Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information (including health data) for purposes beyond those disclosed in this Policy.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your California rights, contact us at privacy@bubo.health. We will respond within 45 days as required by applicable law.

12. Children's Privacy

Bubo Health is intended for users 13 years of age or older. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us immediately at privacy@bubo.health and we will promptly delete that information.

Users between 13 and 17 should use the app only with parental or guardian consent. Parents or guardians who wish to review, correct, or delete a minor child's information may contact us directly.

13. International Users

Bubo Health is operated in the United States. If you access our Services from outside the United States, your information may be transferred to and processed in the United States, where privacy laws may differ from those in your home country. By using the Services, you acknowledge this transfer. Bubo Health's Services are primarily designed for users in the United States, and we make no specific representations regarding compliance with the laws of other jurisdictions.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last Updated” date at the top of this Policy and notify you via email or an in-app notification prior to the change taking effect. Your continued use of the Services after notification constitutes your acceptance of the revised Policy.

15. Contact Us

For questions, concerns, or requests related to this Privacy Policy or your personal data:

• Privacy inquiries: privacy@bubo.health
• Legal inquiries: legal@bubo.health
• General support: support@bubo.health
• General inquiries: info@bubo.health

Bubo Health is a technology company governed by the laws of the State of Tennessee, United States.