Trust & Compliance

No Third-Party Data Sharing

When patients call your practice, their words should stay between you and them. VIGMA never sells, shares, or monetizes patient data. Period.

Our Data Promise

Many technology companies treat user data as a revenue stream. They collect it, analyze it, aggregate it, and sell insights to advertisers, data brokers, or third-party analytics firms. This business model is fundamentally incompatible with healthcare.

VIGMA's business model is simple: practices pay for voice AI service. That's it. We don't monetize patient data. We don't sell anonymized conversation insights. We don't license aggregated trends to pharmaceutical companies or insurance providers.

VIGMA's Data Promise

Patient data is never sold to third parties. It is never shared with advertisers, data brokers, or analytics companies. It is never used to build products for other industries. Your patients' conversations belong to your practice — not to VIGMA, and not to anyone else.

This isn't a marketing claim. It's a contractual commitment included in every customer agreement and Business Associate Agreement (BAA). If we violate this promise, we're in breach of contract — and subject to HIPAA penalties if the data qualifies as protected health information.

No AI Training on Your Data

One of the most common — and most buried — clauses in consumer AI terms of service is the right to use your inputs to train and improve AI models. Google, Amazon, and most general-purpose AI platforms include this language. It means that what you say to the AI can be fed back into the model to make it smarter for all users.

That might be acceptable for a chatbot helping you write emails. It is not acceptable for a voice AI handling patient calls.

VIGMA Does NOT Train on Patient Conversations

  • Your patients' words are not training data. VIGMA does not use patient call transcripts, summaries, or recordings to train, fine-tune, or improve AI models.
  • No contribution to third-party AI models. VIGMA does not feed your data into OpenAI, Google, Amazon, or any other third-party AI platform for model improvement.
  • Isolated processing. When VIGMA processes a call, the interaction is handled in isolation. The content of the call is not aggregated with other customers' data or used for any purpose beyond serving that specific patient interaction.
  • Contrast with big tech. Consumer AI services from Google, Amazon, and others often include clauses in their terms of service that allow them to use your inputs for model training. These clauses are sometimes opt-out (meaning you have to actively disable it) or buried deep in legal documents.
  • Transparent terms. VIGMA's terms of service explicitly prohibit the use of customer data for AI training. You don't have to opt out. It's not allowed. Period.

If you've read the terms of service for major AI platforms, you've probably seen language like "we may use your content to develop and improve our services." That's corporate-speak for "we're going to train our AI on what you say." VIGMA's terms say the opposite: we will not use your content to train AI models, and we contractually prohibit ourselves from doing so.

Data Ownership

Some software vendors treat customer data as a shared asset. The customer "uses" the data, but the vendor "owns" it in some legal or technical sense. This creates ambiguity about who has the right to access, export, or delete the data — and it creates leverage for the vendor.

VIGMA operates on a simple principle: your practice owns 100% of your data. Not shared ownership. Not licensed access. Full ownership.

Complete Data Ownership Rights

  • Full data export available anytime. You can request a complete export of all your data — call recordings, transcripts, summaries, metadata, configuration settings — in standard, machine-readable formats (CSV, JSON, WAV).
  • No proprietary lock-in. Your data is exportable in open formats. You are not dependent on VIGMA-specific tools or file formats to access your own information.
  • Full deletion on request. If you choose to terminate service, you can request complete deletion of all your data from VIGMA's systems. We will confirm deletion in writing, and the deletion is permanent — not soft-deleted or archived.
  • No data hostage situations. Some vendors make it difficult or expensive to retrieve your data if you cancel service. VIGMA does not. Data export is included as a standard feature, not an upsell or premium service.
  • Portability rights. Your data is yours to take with you. If you decide to switch to a different provider, you can export your historical data and bring it with you.

Data ownership isn't just a legal principle — it's a practical reality. You should be able to access, export, and delete your data without negotiating with the vendor, paying extra fees, or waiting for a "special request" to be processed.

What We Collect & Why

Transparency about data collection is more than listing what we collect — it's explaining why we collect it and what happens to it. Many privacy policies describe data collection in vague terms ("we collect information to improve our services"). VIGMA is specific.

Transparent Data Collection

Here's exactly what VIGMA collects, why it's needed, and how it's used:

  • Call metadata (phone number, timestamp, duration). Why: Required for call routing, billing, and generating call logs. Retention: Configurable by practice (default: 1 year).
  • Call transcripts (if enabled). Why: Allows staff to review what was said without listening to full recordings. Supports search and analysis. Retention: Configurable by practice.
  • Call summaries. Why: Provides structured, actionable information (appointment requests, callback needs) for operational use. Retention: Configurable by practice.
  • Configuration data (conversation rules, escalation settings). Why: Required to deliver the service according to your practice's specifications. Retention: Maintained for the duration of service.
  • User account information (name, email, role). Why: Required for access control, authentication, and user management. Retention: Maintained for the duration of service.

VIGMA does not collect: browsing history, device fingerprints, advertising identifiers, social media profiles, or any data unrelated to providing voice AI service to your practice.

No Hidden Partners

Many software products involve dozens of third-party services behind the scenes: analytics platforms, advertising networks, data brokers, behavioral tracking tools. These integrations are often invisible to the end user and buried in privacy policies under vague terms like "trusted partners" or "service providers."

VIGMA does not use third-party analytics, ad networks, data brokers, or behavioral tracking tools. The software you interact with is the software we control.

No Third-Party Tracking or Monetization

  • No third-party analytics platforms. VIGMA does not use Google Analytics, Mixpanel, Amplitude, or any external analytics service that would send your usage data to a third party.
  • No advertising networks. VIGMA does not integrate advertising SDKs, tracking pixels, or retargeting scripts. We are not in the advertising business.
  • No data brokers. VIGMA does not share, sell, or license customer data to data aggregators, marketers, or information resellers.
  • No behavioral tracking. VIGMA does not track user behavior across websites, build behavioral profiles, or engage in cross-site tracking.
  • Subprocessors disclosed in BAA. If VIGMA engages a subprocessor that may have access to protected health information (e.g., cloud hosting provider, telephony infrastructure partner), that relationship is disclosed in the Business Associate Agreement.

The only third parties involved in VIGMA's service are infrastructure providers (cloud hosting, telephony carriers) who are contractually bound by the same data protection obligations that bind VIGMA. These relationships are disclosed, not hidden.

Comparison: VIGMA vs Big Tech AI

General-purpose AI platforms from Google, Amazon, and others offer voice AI capabilities — but they were not designed for healthcare. The differences in data handling, ownership, and privacy are significant.

Data Practice VIGMA.ai Big Tech AI
Data ownership ✓ Practice owns 100% ✗ Shared or licensed
AI training on your data ✓ Never ✗ Often permitted in ToS
Third-party data sharing ✓ Prohibited ✗ Common for analytics
Data export rights ✓ Full export anytime ✗ Limited or expensive
Deletion verification ✓ Confirmed in writing ✗ Rarely verified
Subprocessor transparency ✓ Disclosed in BAA ✗ Often vague
Advertising/monetization ✓ None ✗ Common revenue model
Built for healthcare compliance ✓ From day one ✗ Retrofitted

Big tech platforms are powerful, but they were designed for consumer applications where data is a product. VIGMA was designed for healthcare, where data is protected health information that must be handled with the highest level of care and respect for patient privacy.

Questions About Compliance? Let's Talk.

We understand that adopting voice AI in a healthcare setting requires due diligence. We're happy to walk through our architecture, answer specific compliance questions, or connect your team with our technical staff.

Schedule a Conversation →

No sales pressure. Real technical answers from people who understand healthcare.