Privacy

Last updated: 2026-04-20

What we collect on this website

Marketing pages on gentlenext.ai do not run third-party analytics. We do not embed Google Analytics, Mixpanel, Segment, session-replay, or lead-enrichment pixels. We do not rent or sell mailing lists. When you submit the demo-request form we collect your name, work email, organization, role, expected beneficiary count, and any notes you include.

Protected Health Information

Inside the product, GentleNext handles PHI on behalf of CMS GUIDE participant programs as a Business Associate under HIPAA. We have signed Business Associate Agreements on file with every vendor that may receive member data: Microsoft (Graph mail, Azure OpenAI), DigitalOcean (Managed PostgreSQL, Managed Valkey, Spaces object storage, Kubernetes), and Clerk (navigator identity).

The family surface does not run any third-party browser SDK — including error-capture, session-replay, or feedback widgets. Server-side error telemetry goes to Sentry with request bodies, cookies, and URL parameters redacted on any path under/api/nav/* or /api/family/*.

Data retention

• Audit log: 7 years (HIPAA-aligned)
• Operational logs: 30 days
• Marketing form submissions: until processed + 90 days

Contact

Compliance questions, data-subject requests, or reports of a suspected incident: platform@mahumtech.com. We respond within one business day.

← back to home