SprigganSpriggan
§ Legal · Privacy

Privacy
policy.

Last updated · February 5, 2026

Spriggan AI is committed to protecting your privacy. This policy explains how we collect, use, disclose, and safeguard your information when you use our AI receptionist services — voice and SMS.

01 Information we collect

We may collect the following types of information:

  • Personal information. Name, phone number, email address, date of birth, mailing address.
  • Health information. Appointment details, prescription refill requests, insurance information, and other healthcare-related information you provide during calls.
  • Communication data. Call recordings, transcripts, SMS/text messages, and voicemails.
  • Device information. Phone number, carrier information, and device identifiers when you interact with our services.
  • Usage data. Information about how you interact with our services — call times, durations, service preferences.

02 SMS / text messaging data

When you opt in to receive SMS messages from Spriggan AI, we collect and process:

  • Your mobile phone number
  • Your consent status and opt-in/opt-out history
  • Message content and delivery status
  • Timestamps of messages sent and received

Message types

All messages are sent by Spriggan AI and are limited to appointment reminders and confirmations, clinic location and directions, and patient intake form links related to your healthcare appointments.

Frequency. Typically 1–10 messages per month. Frequency varies based on your appointment schedule.

Opt-out. Reply STOP at any time to unsubscribe. Reply HELP for assistance. Message and data rates may apply.

No sale or sharing. We do not sell, rent, or share your mobile phone number with third parties for their marketing purposes. Phone numbers and message content are handled in accordance with HIPAA and applicable privacy laws.

Carrier support. Supported carriers include AT&T, T-Mobile, Verizon, Sprint, Boost, Virgin, US Cellular, MetroPCS, Cricket, and others. Carriers are not liable for delayed or undelivered messages.

03 How we use your information

We use the information we collect to:

  • Provide AI-powered receptionist services to healthcare providers
  • Schedule, confirm, reschedule, and cancel appointments on your behalf
  • Process prescription refill requests
  • Send appointment reminders and billing notifications via SMS or voice
  • Facilitate communication between you and your healthcare provider
  • Verify insurance eligibility
  • Improve and optimize our services
  • Comply with legal and regulatory requirements

04 HIPAA compliance

Spriggan AI is fully committed to compliance with the Health Insurance Portability and Accountability Act (HIPAA). We operate as a Business Associate under HIPAA and enter into Business Associate Agreements (BAAs) with all healthcare providers who use our services.

Protected Health Information (PHI). Any health information we collect on behalf of healthcare providers is treated as PHI and handled in accordance with HIPAA. We implement administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of PHI.

Minimum necessary standard. We only access, use, and disclose the minimum amount of PHI necessary to accomplish the intended purpose.

05 Data security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit and at rest (AES-256)
  • Secure, access-controlled data centers
  • Regular security audits and vulnerability assessments
  • Employee training on data privacy and security
  • Multi-factor authentication for system access
  • Audit logging of all PHI access

06 Third-party service providers

We work with trusted third-party service providers who assist us in operating our services. These providers are contractually obligated to protect your information and comply with applicable privacy laws. Our service providers include:

  • Telecommunications providers for voice and SMS services
  • Cloud hosting providers
  • Payment processors
  • Analytics providers (using de-identified data only)

All third-party providers who handle PHI have signed Business Associate Agreements with us.

07 Data retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • PHI. Retained in accordance with HIPAA and our agreements with healthcare providers (typically 6 years minimum).
  • SMS / call records. Retained for the duration of your relationship with the healthcare provider plus any legally required retention period.
  • Consent records. Retained for as long as required to demonstrate compliance with applicable regulations.

08 Your rights

You have the following rights regarding your information:

  • Access. Request access to the personal information we hold about you.
  • Correction. Request correction of inaccurate information.
  • Deletion. Request deletion of your information (subject to legal retention requirements).
  • Opt-out. Opt out of SMS by replying STOP.
  • HIPAA rights. Exercise your rights under HIPAA, including requesting an accounting of disclosures.

To exercise any of these rights, contact us at support@spriggan.ai.

09 Children's privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10 Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last Updated” date. We encourage you to review this policy periodically.

11 Contact

Questions about this Privacy Policy or our privacy practices?

Spriggan AI · Privacy

Email · support@spriggan.ai

Web · spriggan.ai