gema
LoginGet Started

Privacy Policy

Last Updated: February 11, 2026

1. Introduction

gema health (“we,” “us,” or “our”) provides AI-powered appointment booking and reminder services on behalf of healthcare clinics. This Privacy Policy describes how we collect, use, and protect your personal information when you interact with our services via phone, text message (SMS), email, or our website.

2. Information We Collect

We collect the following types of information:

  • Contact Information: Name, phone number, email address
  • Appointment Data: Service type, preferred practitioner, appointment date/time, duration
  • Health-Related Information: Date of birth, gender, reason for visit (as provided by you)
  • Communication Data: Phone call recordings, SMS message content, email content
  • Consent Records: SMS opt-in/opt-out status, consent timestamps, and method of consent
  • Technical Data: IP address, browser type, device information (when using our website)

3. How We Use Your Information

Your information is used to:

  • Book, confirm, reschedule, and cancel appointments on your behalf
  • Send appointment reminders via your preferred channel (email, SMS, or phone call)
  • Respond to your messages and inquiries
  • Verify your identity and phone number
  • Maintain compliance with telecommunications regulations
  • Improve our service quality

4. SMS & Phone Data

When you opt in to receive text messages, we store your phone number and consent status to ensure we only send messages to people who have agreed to receive them. We record:

  • Your phone number (in E.164 format)
  • Consent status (opted in, opted out, or pending)
  • How and when you provided or revoked consent
  • SMS message content for appointment-related communications

We do not sell, share, or use your phone number or SMS data for marketing or advertising purposes. Your phone number and message data are used solely for appointment-related communications.

5. Third-Party Services

We use the following third-party services to deliver our platform:

  • Twilio: Phone calls and SMS messaging
  • ElevenLabs: AI voice generation for phone interactions
  • Supabase: Secure database hosting
  • Resend: Email delivery
  • Anthropic: AI language model for SMS/email conversations

Each third-party provider has its own privacy policy. We only share the minimum data necessary for each service to function.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Appointment data is retained for the clinic's record-keeping requirements. Consent records are retained indefinitely for regulatory compliance. You may request deletion of your data at any time.

7. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data
  • Opt-Out: Stop receiving SMS messages at any time by replying STOP
  • Withdraw Consent: Withdraw consent for data processing at any time

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including encryption in transit (TLS) and at rest, access controls, and regular security assessments.

9. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

  • Email: privacy@getgema.ai
  • Website: getgema.ai

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a new “Last Updated” date.