Privacy Policy

01Scope and Controller

This Privacy Policy applies to all personal information processed by Nuvisy in connection with the Services, regardless of the channel or device through which it is collected. For the purposes of the EU and UK General Data Protection Regulation ( “GDPR”) and similar laws, Nuvisy acts as the data controller of the personal information described in this Policy, except where we process information on behalf of a client under a separate agreement, in which case we act as a data processor and the client is the controller.

This Policy does not apply to third-party websites, platforms, or services that we do not own or control, including the app marketplaces through which our applications may be distributed. Those third parties maintain their own privacy practices.

02Information We Collect

We collect personal information that you provide directly, information that is generated automatically when you use the Services, and information we receive from third parties. The categories of information we may collect include:

Information you provide to us

• Identity and contact details — such as your name, business name, email address, telephone number, and mailing address.
• Account and profile information — credentials and preferences associated with any account you create within our applications.
• Communications — the contents of messages, inquiries, feedback, and correspondence you send to us, including via email or contact forms.
• Professional and engagement information — information you share in the course of an advisory engagement, including materials, documents, and business details you choose to disclose.

Information collected automatically

• Device and technical data — device type, operating system and version, unique device or installation identifiers, browser type, language settings, and mobile network information.
• Usage data — pages and screens viewed, features used, actions taken, dates and times of access, referring URLs, and diagnostic, performance, and crash data.
• Approximate location — general location inferred from your IP address. We do not collect precise geolocation unless a feature requires it and you grant permission.

Information from third parties

• Information from analytics, hosting, and infrastructure providers, and from app distribution platforms that share limited aggregate or diagnostic data with us.
• Information from publicly available sources or business contacts where relevant to a prospective or existing engagement.

03How We Collect Information

We collect personal information when you:

• visit, browse, or interact with our website;
• download, install, or use an application we publish on a platform such as the Apple App Store or Microsoft Store;
• contact us, request information, or correspond with us by email;
• engage us for advisory or consulting services; or
• through cookies, software development kits, and similar technologies, as described below.

04How We Use Information

We use personal information for the following purposes:

• to provide, operate, maintain, and improve the Services;
• to respond to your inquiries and provide customer and technical support;
• to deliver, administer, and manage advisory and consulting engagements;
• to monitor and analyze usage, diagnose technical issues, and enhance security, performance, and reliability;
• to communicate with you about updates, security notices, and changes to the Services or this Policy;
• to detect, prevent, and address fraud, abuse, security incidents, and other harmful or unlawful activity; and
• to comply with legal obligations and to establish, exercise, or defend legal claims.

We do not sell your personal information, and we do not use your personal information for cross-context behavioral advertising.

05Legal Bases for Processing

Where the GDPR or similar laws apply, we rely on the following legal bases to process your personal information:

• Consent — where you have given consent, such as for certain cookies or optional communications. You may withdraw consent at any time.
• Contract — where processing is necessary to provide the Services you have requested or to perform a contract with you.
• Legitimate interests — where processing is necessary for our legitimate interests, such as operating, securing, and improving the Services, provided those interests are not overridden by your rights.
• Legal obligation — where processing is necessary to comply with a legal or regulatory obligation.

06How We Share Information

We do not sell personal information. We may share personal information only in the following circumstances:

• Service providers — with vendors who process information on our behalf and under contract, such as hosting, infrastructure, analytics, communications, and security providers, limited to what is necessary to perform their services.
• Legal and regulatory — where required to comply with applicable law, legal process, or a governmental request, or to protect the rights, property, or safety of Nuvisy, our users, or others.
• Business transfers — in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate confidentiality protections.
• With your direction — where you instruct or authorize us to share your information.

07Third-Party Services and Platforms

Our applications may be distributed through third-party platforms (such as the Apple App Store, Microsoft Store, and Google Play) and may use third-party software development kits and services for hosting, analytics, crash reporting, and performance monitoring. These third parties may collect or receive certain information in accordance with their own privacy policies. We encourage you to review the privacy practices of any platform through which you obtain or use our applications.

08Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Policy, including to provide the Services, comply with our legal, accounting, or reporting obligations, resolve disputes, and enforce our agreements. When personal information is no longer required, we securely delete or anonymize it. The retention period varies depending on the type of information and the purpose for which it was collected.

09Data Security

We implement appropriate technical and organizational measures designed to protect personal information against unauthorized access, loss, misuse, alteration, or disclosure. These measures include encryption in transit, access controls, and ongoing monitoring. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

10International Data Transfers

Nuvisy operates internationally, and your personal information may be processed in countries other than the one in which you reside, including countries that may not provide the same level of data protection as your home jurisdiction. Where we transfer personal information across borders, we implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or other lawful transfer mechanisms.

11Your Privacy Rights

Depending on your location, you may have the following rights with respect to your personal information:

• Access — to request a copy of the personal information we hold about you;
• Correction — to request correction of inaccurate or incomplete information;
• Deletion — to request deletion of your personal information, subject to legal exceptions;
• Restriction and objection — to restrict or object to certain processing;
• Portability — to receive your information in a portable format;
• Withdrawal of consent — to withdraw consent where processing is based on consent; and
• Non-discrimination — to exercise your rights without receiving discriminatory treatment.

To exercise any of these rights, please contact us at privacy@nuvisy.com. We will respond within the timeframe required by applicable law. You also have the right to lodge a complaint with your local data protection authority.

12Cookies and Similar Technologies

Our website may use cookies and similar technologies to enable core functionality, remember your preferences, and understand how the website is used. You can control or disable cookies through your browser settings; however, disabling certain cookies may affect the functionality of the website. Where required by law, we obtain your consent before placing non-essential cookies.

13Children’s Privacy

The Services are intended for business and professional use and are not directed to children. We do not knowingly collect personal information from children under the age of 16 (or the minimum age required by applicable law in your jurisdiction). If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.

14Health and Sensitive Information

Nuvisy provides strategic advisory services within the healthcare sector. Our Services are not intended to collect, and you should not submit, personal health information, patient data, or other sensitive personal information unless it is required for a specific engagement and governed by a separate written agreement. Where we process such information on behalf of a client, we do so only as a data processor, in accordance with that agreement and applicable law.

15Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice. We encourage you to review this Policy periodically.

16How to Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal information, please contact us: