Effective Date: 1 January 2026

Privacy Policy

1. Introduction

Mosaic Health AI (“we”, “us”, or “our”) provides AI-powered content generation tools for healthcare communication agencies. This Privacy Policy explains how we collect, use, share, and protect personal data during our pilot programme.

Mosaic acts as a data processor for client-submitted content and as a data controller for user account and analytics data.

2. Who We Are

Mosaic Health AI Ltd, Company No. 16398270
Second Floor Windsor House, 40/41 Great Castle Street, London, England, W1W 8LU

Email: privacy@mosaichealth.ai

For questions about this policy or your data, please contact us at the email above.

3. What Data We Collect

We collect the following categories of personal data:

  • User account information (name, email address, login credentials)
  • Usage analytics (page visits, feature use, time spent)
  • Technical data (IP address, device/browser type)
  • Support-related data (emails, troubleshooting logs)

We do not collect or store special category data (e.g. health or patient information) during the pilot.

4. How We Use Personal Data

We use personal data for the following purposes:

  • To create and manage user accounts
  • To deliver platform features and troubleshoot technical issues
  • To analyse usage and improve platform performance
  • To ensure security and compliance with legal obligations

We rely on the following lawful bases:

  • Contract: To provide access to the platform under pilot agreements
  • Legitimate interests: To operate, improve, and secure our services
  • Legal obligation: To comply with data protection laws and respond to user requests

6. Sharing Your Data

We may share data with trusted third-party service providers:

  • AWS: Hosting and infrastructure services
  • OpenAI: AI model processing (via enterprise API; no data is used to train AI models)
  • Google Workspace: Email and internal document management
  • Slack: Internal communication and notifications

All vendors are subject to data protection agreements and standard contractual clauses (SCCs) or UK IDTA where required.

7. International Transfers

Your data may be transferred to or processed in countries outside the UK and EEA. We ensure appropriate safeguards are in place through SCCs or the UK International Data Transfer Agreement.

8. Data Retention

  • Personal data is retained only for the duration of the pilot and up to 30 days after its conclusion.
  • After that period, account data will be deleted or anonymised unless legal obligations require further retention.
  • Users may request deletion earlier (see Section 10).

9. Data Security

We implement appropriate technical and organisational measures, including:

  • Encryption at rest and in transit
  • Access controls and MFA
  • Regular access reviews and cloud-based security best practices

10. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Object to or restrict certain processing

To exercise these rights, email us at privacy@mosaichealth.ai

11. Cookies

Our website may use basic cookies or analytics tools to monitor traffic and performance. You will be notified on first visit where cookies apply.

12. Complaints

If you are unhappy with how we handle your data, please contact us first. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): https://ico.org.uk

Contact: privacy@mosaichealth.ai
Company number: 16398270
ICO registration: ZB937076

Built for trust

We take security, privacy, and ethical AI very seriously – ensuring every automation remains transparent, traceable, and under human control.

Secure by Design

We follow ISO 27001 and SOC 2 principles and maintaining clear data-handling and incident-response policies.

Privacy by Default

Data minimised and encrypted throughout, with all data encrypted in transit (TLS 1.2+) and at rest (AES-256).

Human Oversight

We make sure that AI enhances, never replaces, expert review.

See Mosaic in action

We're working with select health-comms partners to assess Mosaic's operational impact and develop new features.

If you'd like early access, get in touch to join the pilot program.

Book a demo

Not ready for a demo yet? Get in touch to learn how Mosaic can help improve productivity and quality of your medical communications.