Legal
Privacy Policy
Last updated June 25, 2026
This policy describes how SaviSurg handles personal and clinical information. We keep it deliberately plain so that surgical teams, hospital leaders, and the partners who fund them can understand exactly how information is treated.
01/Who we are
SaviSurg (“SaviSurg”, “we”, “us”, or “our”) provides an offline-first platform that helps surgical teams run safer, better-documented, and more measurable operations. The platform was validated at OKEU Hospital in Saint Lucia and is built for the operating rooms of Sub-Saharan Africa and the Caribbean.
This Privacy Policy explains what information we handle through our website and our products, why we handle it, and the choices you have. You can reach our team at any time at service@carisurg.com.
02/Information we collect
We handle three broad categories of information:
- Information you give us. When you request a demo or a briefing, we collect your name, role, work email, organization, country or region, and anything you write in your message.
- Information we process on behalf of healthcare providers. Inside a hospital deployment the platform processes operative recordings, transcripts, surgical-safety checklists, draft operative notes, and quality KPIs. We handle this clinical information strictly under the instructions of the healthcare provider.
- Technical information. Like most services, we collect limited device, log, and usage data to keep the product secure and reliable.
03/How we use information
- To operate, maintain, and secure the platform and our website.
- To respond to demo and briefing requests and to communicate with you about your enquiry.
- To improve surgical safety, documentation quality, and the features we offer.
- To detect, prevent, and address fraud, abuse, or security incidents.
- To comply with our legal obligations.
04/Controller and processor roles
For information collected through our website (for example, a demo request) we act as the data controller. For clinical and operative information processed within a hospital deployment, the healthcare provider is the controller and SaviSurg acts as a data processor, handling that information only on the provider’s documented instructions and under a written data-processing agreement.
05/How we share information
We do not sell personal information. We share information only in these limited circumstances:
- Service providers (sub-processors). Vetted vendors — such as cloud hosting and infrastructure partners — who process information on our behalf under contractual confidentiality and security obligations.
- Healthcare provider customers. Clinical information is made available to the provider that owns it and to the users they authorize.
- Legal and safety. Where required by law, or to protect the rights, safety, and security of patients, users, or the public.
06/How we protect information
Security is foundational to a surgical product. We encrypt data in transit and at rest, design for offline-first operation so sensitive information can stay within the facility, and enforce role-based access controls, least-privilege permissions, and tamper-evident audit trails. No system is perfectly secure, but we work continuously to safeguard the information entrusted to us.
07/How long we keep information
We keep website enquiry data only for as long as needed to respond to you and to maintain a record of our correspondence. Clinical and operative information is retained for the period set out in our agreement with the relevant healthcare provider, after which it is deleted or anonymized.
08/International transfers
We serve organizations across multiple countries, so information may be processed outside the country in which it was collected. Where it is, we put appropriate safeguards in place to protect that information consistent with this policy and applicable law.
09/Your rights
Depending on where you are, you may have the right to access, correct, delete, or object to our use of your personal information. To exercise these rights for website data, email service@carisurg.com. For clinical information held within a hospital deployment, please contact the relevant healthcare provider, who is the controller of that information.
10/Children
Our website and products are intended for healthcare professionals and organizations and are not directed to children. We do not knowingly collect personal information from children through our website.
11/Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above, and significant changes will be communicated through the appropriate channels.
Questions about this policy? Email service@carisurg.com.