Is Suki AI safe with your data?

Suki AI

Suki AI, Inc.

39/100

Poor disclosure · medium confidence

Suki AI earns an F (39/100) because it discloses little about its data practices.

#170

of 177 apps ranked

score · Healthcare avg 45

-6

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Suki's privacy policy covers its HIPAA Business Associate handling and a clear no-sell promise. It says nothing about AI model training, data portability, breach notification, or any concrete retention or deletion timeline. A few favorable disclosures alongside many unaddressed indicators put it near the bottom of the scale.

What Suki AI's privacy policy says about your data

Does not sell data

The policy states the company is not in the business of selling personal information, and it commits to sharing data with service providers only as needed to perform their function.

HIPAA safeguards for patient data

When it receives protected health information it acts as a Business Associate under an agreement that bars uses the provider itself could not make and requires safeguards for confidentiality, integrity, and availability.

Vague retention, discretionary deletion

Data is kept as long as necessary or as required by law, and the company says it may retain or destroy personal data at its discretion. No day-count or deletion timeline is named.

Silent on training, portability, and breach notice

The policy never addresses whether inputs train AI models, offers no data portability right, and contains no breach notification clause or timeframe.

What the policy is silent or vague on

Not stated: keeping user inputs out of model training
Not stated: a way to opt out of training
Not stated: whether training use differs by plan
Not stated: your ownership of generated outputs

Suki AI privacy rating

Training-data use0 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inSilent

Names a way to opt out of or into trainingSilent

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights1 of 5 disclosed

Grants a right to access your dataPartial

Grants a right to delete your dataSilent

Offers data portability in a usable formatSilent

Grants a right to correct your dataPartial

Grants a way to object to or opt out of processingDisclosed

Retention and deletion0 of 4 disclosed

States a retention period for your dataPartial

States a deletion timeline after closure or requestPartial

Sets a shorter retention for AI conversation logsSilent

Commits to collecting only the data it needsPartial

Third-party sharing3 of 4 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementPartial

Does not sell or share data for advertising, or offers opt-outDisclosed

Names a safeguard for international data transfersNot applicable

States a standard for government and law-enforcement accessDisclosed

Transparency1 of 4 disclosed

Discloses that you are interacting with AISilent

Marks AI-generated or synthetic outputNot applicable

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesPartial

Is versioned and dated, with change noticePartial

Sensitive data and children2 of 2 disclosed

Discloses automated decisions and a human-review pathNot applicable

Limits the use of special-category dataDisclosed

Governs biometric data specificallyNot applicable

States protections for children's dataDisclosed

Security and accountability0 of 3 disclosed

Describes its security safeguardsPartial

Commits to breach notificationSilent

Names a certification or a privacy contactSilent

DisclosedPartialSilentAdverseNot applicable

Details

Category: Healthcare
Modalities: text, audio
Processes biometrics: No
Policy last updated: 2025-05-16
Region scored: Global / US-default
Assessed: 2026-06-20

Read Suki AI's privacy policy

Other healthcare apps

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.