Last updated: March 2026
Zally AI ("we", "us", or "our") operates the Zally AI software service. This policy explains how we handle information in connection with our services.
We collect information you provide directly when you contact us or request a demo, including your name, email address, phone number, and clinic name.
Zally AI processes faxes on your behalf as a HIPAA Business Associate. All systems and services used to process Protected Health Information (PHI) are HIPAA-eligible and subject to our Business Associate Agreement. Patient data is handled solely for the purpose of providing the Service and is never used for any other purpose.
Zally AI processes Protected Health Information (PHI) on behalf of covered entities (medical practices). We operate as a HIPAA Business Associate. All components of the Service that handle PHI are HIPAA-eligible. We sign a Business Associate Agreement (BAA) with every covered entity before processing any patient data — no exceptions.
We implement appropriate technical and organizational measures to protect information against unauthorized access, alteration, disclosure, or destruction.
We retain contact and account information for as long as necessary to provide our services and comply with legal obligations. Processing logs may be retained for up to 90 days for troubleshooting purposes.
Our website may use third-party services such as analytics (Google Analytics) and form processing. These services have their own privacy policies governing their use of information.
You may request access to, correction of, or deletion of your personal information by contacting us. We will respond within 30 days.
We may update this privacy policy from time to time. We will notify active customers of material changes by email.
If you have questions about this privacy policy or our data practices, please contact us through the contact page.