Privacy Policy

Last Updated Date: April 15, 2022

This “Privacy Policy” describes the privacy practices of Nayya, Inc. and our subsidiaries and affiliates (collectively, “Nayya”, “we”, “us”, or “our”) in connection with the www.nayya.com website, the Nayya Choose product, the Nayya Use product, and any other website or mobile application that we own or control and which posts or links to this Privacy Policy (collectively, the “Service”), and the rights and choices available to individuals with respect to their information. Nayya may provide additional or supplemental privacy policies to individuals for specific products or services that we offer at the time we collect personal information. These supplemental privacy policies will govern how we may process the information in the context of the specific product or service.

Personal Information We Collect

Information you provide to us. Personal information you provide to us through the Service or otherwise includes:

Business and personal contact information, such as your first and last name, email and mailing addresses, phone number, professional title and company name.

Content you choose to upload to the Service, such as text, images, audio, and video, along with the metadata associated with the files you upload.

Profile information, such as your username and password that you may set to establish an online account with us, information about your available health insurance benefits, and medical insurance login information.

Registration information, such as information that may be related to a service, an account or an event you register for.

Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online. Demographic Information, such as your city, state, country of residence, postal code, and age.

Financial information, such as your stated income, economic standing, financial account numbers or payment card information.

Government-issued identification numbers, such as a national identification number (e.g., Social Security Number, tax identification number, passport number), state or local identification number (e.g., driver’s license or state ID number), and an image of the relevant identification card.

Transaction information, such as information about payments to and from you and other details of products or services you have purchased from us.

Usage information, such as information about how you use the Service and interact with us, including information associated with any content you upload to the websites or otherwise submit to us, and information you provide when you use any interactive features of the Service.

Information we collect through the Nayya Choose product: If you sign up for the Nayya Choose product, in addition to the information collected above, we may also collect the following information:

  • Employment information, including information about the identity of your employer, the health plans that your employer offers to you, and the cost of each of those health plans to you.
  • Information you provide us, including demographic information that you provide us during the enrollment process and medical insurance information.
  • Credit information, including your credit report.
  • Medical insurance usage information, including how much you and your dependents spent on medical care, how you used your medical insurance and how much you paid for medical treatment or medication out of pocket.

Information we collect through the Nayya Use product: If you sign up for the Nayya Use product, in addition to the information collected above, we may also collect the following information:

  • Insurance login information, including your username and password that you use to access your insurance account(s) and any other information needed to access your medical insurance account(s).
  • Medical information, including information regarding treatment you and your dependents received, doctors you and your dependents visited and medications you and your dependents purchased, and medical conditions that you and your dependents have.
  • Payments information, including information regarding your and your dependents’ spending on insurance deductibles, copays and similar payments.
  • Precise geolocation information, such as where you were when you completed a particular transaction or obtained a particular form of medical treatment.
  • Other information that is available in your insurance account, including information regarding you and your dependents, the names of your physicians, the names of pharmacies and doctors you have visited.

Information we obtain from social media platforms. We may maintain pages for our Company on social media platforms, such as Facebook, LinkedIn, Twitter, Google, YouTube, Instagram, and other third party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use and processing of your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.

Information we obtain from other third parties. We may receive personal information about you from third-party sources. For example, a business partner may share your contact information with us if you have expressed interest in learning specifically about our products or services, or the types of products or services we offer. We may obtain your personal information from other third parties, such as marketing partners, publicly-available sources and data providers.

Cookies and Other Information Collected by Automated Means

We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Service. Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies serve different purposes, like helping us understand how a site is being used, letting you navigate between pages efficiently, remembering your preferences and generally improving your browsing experience. Our Sites may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them).

The information that may be collected automatically includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, screen resolution, IP address, the website you visited before browsing to our website, general location information such as city, state or geographic area; and information about your use of and actions on the Service, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access. Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications.

On our webpages, this information is collected using cookies, browser web storage (also known as locally stored objects, or “LSOs”), Flash-based LSOs (also known as “Flash cookies”), web beacons, and similar technologies, and our emails may also contain web beacons.

Referrals

Users of the Service may have the opportunity to refer friends or other contacts to us. If you are an existing user, you may only submit a referral if you have permission to provide the referral’s contact information to us so that we may contact them.

How We Use Your Personal Information

We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection:

To operate the Service. We use your personal information to:

  • provide, operate and improve the Service, including the Nayya Choose and Nayya Use products
  • provide information about our products and services
  • establish and maintain your user profile on the Service
  • enable security features of the Service, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in
  • communicate with you about the Service, including by sending you announcements, updates, security alerts, and support and administrative messages
  • communicate with you about events or contests in which you participate
  • understand your needs and interests, and personalize your experience with the Service and our communications
  • provide support and maintenance for the Service
  • respond to your requests, questions and feedback

For research and development. We analyze use of the Service to analyze and improve the Service and to develop new products and services, including by studying user demographics and use of the Service.

To send you marketing and promotional communications. We may send you Nayya-related marketing communications as permitted by law. You will have the ability to opt-out of our marketing and promotional communications as described in the Opt out of marketing section below.

To comply with law. We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.

For compliance, fraud prevention, and safety. We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Service; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

With your consent. In some cases we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.

To create anonymous, aggregated or de-identified data. We may create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous, aggregated or de-identified data by removing information that makes the data personally identifiable to you. We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.

How We Share Your Personal Information

We do not share your personal information with third parties without your consent, except in the following circumstances or as described in this Privacy Policy:

Affiliates. We may share your personal information with companies in the Nayya family of businesses, for purposes consistent with this Privacy Policy.

Service providers. We may share your personal information with third party companies and individuals that provide services to help us deliver the Services and to deliver content and fulfill requests you make (such as software and hardware vendors and other information providers). These third parties may use your personal information only as directed or authorized by us and in a manner consistent with this Privacy Policy, and are prohibited from using or disclosing your information for any other purpose.

Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

For compliance, fraud prevention and safety. We may share your personal information for the compliance, fraud prevention and safety purposes described above.

Business transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

Your Choices

In this section, we describe the rights and choices available to all users. Users who are located within California can find additional information about their rights below.

Access or Update Your Information. If you have registered for an account with us, you may access and correct the information you provided to us by emailing team@nayya.com.

Opt out of marketing communications. You may opt out of marketing-related emails, calls or mail from Nayya. For email, you may opt out at any time by using the unsubscribe mechanism within the email, which allows individuals to manage their subscriptions regarding Nayya’s newsletters, email alerts and special offers. You may continue to receive service-related and other non-marketing emails. You may opt-out of receiving calls or mail from us by informing us on the call or emailing us at team@nayya.com.

Cookies & Browser Web Storage. We may allow service providers and other third parties to use cookies and similar technologies to track your browsing activity over time and across the Service and third party websites. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Sites may not work properly.

For more information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org. If you do not accept our cookies, you may experience some inconvenience in your use of our Sites. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Sites.

Targeted online advertising. Some of the business partners that collect information about users’ activities on or through the Service may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising.

Users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. European users may opt out of receiving targeted advertising on websites through members of the European Interactive Digital Advertising Alliance by clicking here, selecting the user’s country, and then clicking “Choices” (or similarly titled link). Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.

In addition, your mobile device settings may provide functionality to limit our, or our partners’, ability to engage in ad tracking or targeted advertising using the Google Advertising ID or Apple ID for Advertising associated with your mobile device.

If you choose to opt-out of targeted advertisements, you will still see advertisements online but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioral advertising are included in this list, so you may still receive some cookies and tailored advertisements from companies that are not listed.

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Choosing not to share your personal information. Where we are required by law to collect your personal information, or where we need your personal information in order to provide the Service to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our Services. We will tell you what information you must provide to receive the Service by designating it as required at the time of collection or through other appropriate means.

Other sites, mobile applications and services

The Service may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.

Security practices

The security of your personal information is important to us. We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

Data transfers

We are headquartered in the United States, however, your personal information may be transferred to locations to another state where privacy laws may not be as protective as those in your state.

Children

As a general rule, children are not allowed to use the Service, and we do not collect personal information from them. We define “children” as anyone under 16 years of age. If we learn that we have collected personal information of a child without the consent of the child’s parent or guardian, we will delete it. We encourage parents with concerns to contact us.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Service.

Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.

How to Contact Us

Please direct any questions or comments about this Policy or privacy practices to team@nayya.com. You may also write to us via postal mail at:

Nayya Health, Inc.

Attn: Legal – Privacy

41 E 11th St, Floor 11

New York, NY 10003

Information for California Residents

Scope. This section applies only to California residents. It describes how we collect, use, and share Personal Information of California residents in our capacity as a “business” under the California Consumer Privacy Act of 2018 (“CCPA”) and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the CCPA but does not include information exempted from the scope of the CCPA. In some cases we may provide a different privacy notice to certain categories of California residents, such as job applicants, in which case that notice will apply instead of this section.

Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.

Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:

  • The categories of Personal Information that we have collected.
  • The categories of sources from which we collected Personal Information.
  • The business or commercial purpose for collecting and/or selling Personal Information.
  • The categories of third parties with whom we share Personal Information.
  • The categories of Personal Information that we sold or disclosed for a business purpose, and if so, the categories of Personal Information received by each category of third-party recipient. Whether we’ve sold your Personal Information, and if so, the categories of Personal Information received by each category of third-party recipient.

Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months. Deletion. You can ask us to delete the Personal Information that we have collected from you. Opt-out of sales. If we sell your Personal Information, you can opt-out. In addition, if you direct us not to sell your Personal Information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes. Opt-in. If we know that you are younger than 16 years old, we will ask for your permission (or if you are younger than 13 years old, your parent’s or guardian’s permission) to sell your Personal Information before we do so.

Nondiscrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as denying you services; increasing the price/rate of services; decreasing service quality; or suggesting that we may penalize you as described above for exercising your rights.

How to exercise your rights. You may exercise your California privacy rights described above as follows:

Right to information, access and deletion. You can request to exercise your information, access and deletion rights by:

Visiting our website at www.nayya.com;

emailing team@nayya.com.

emailing team@nayya.com.

Right to opt-out of the “sale” of your Personal Information. We do not sell your Personal Information in the conventional sense (i.e., for money). However, like many companies, we use services that help deliver interest-based ads to you. California law may classify our use of these services as a “sale” of your Personal Information to the companies that provide the services. This is because we allow them to collect information from our website users (e.g., online identifiers and browsing activity) so they can help serve ads more likely to interest you. You can request to opt-out of this “sale” of your personal information by emailing us at team@nayya.com.

We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.

Personal information that we collect, use and disclose. The chart below summarizes the Personal Information we collect by reference to the categories of Personal Information specified in the CCPA, and describes our practices currently and during the 12 months preceding the effective date of this Privacy Policy. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below.

**Statutory category of Personal Information ** (Cal. Civ. Code § 1798.140)

Personal Information we collect in this category (See the “Personal information we collect” section above for description)

Identifiers (excluding online identifiers)

  • Contact details
  • Profile data
  • Payment & transactional data
  • Data about others

California Customer Records (as defined in California Civil Code section 1798.80)

  • Contact details
  • Communications
  • Marketing data
  • Data about others
  • Physical characteristics or description
  • Insurance policy number
  • Employment history data
  • Medical data
  • Medical insurance data

Commercial Information

  • Profile data
  • Payment & transactional data
  • Credit report data
  • Medical purchases data
  • Communications
  • Marketing data
  • Online activity data

Financial Information

  • Payment & transactional data
  • Credit report data
  • Online Identifiers
  • Profile data
  • Device data
  • Internet or Network Information

Marketing data

  • Device data
  • Online activity data
  • Professional or employment-related information

Employment data

  • Benefits data

Inferences May be derived from the information listed above

Sources. We describe the sources from which we collect this Personal Information in the section above entitled Personal information we collect.

Purposes. We describe the business and commercial purposes for which we collect this Personal Information in the section above entitled How we use your personal information.

Disclosure. We disclosed this Personal Information to the categories of third parties described in the section above entitled How we share your personal information.

Your California Privacy Rights

Under California Civil Code section 1798.83, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to us via email at team@nayya.com. You must put the statement “Your California Privacy Rights” in your request and include your name, street address, city, state, and ZIP code. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.