Privacy Policy
Effective Date: Jul 21, 2024
Last Updated: August, 2024
WE WILL POST ANY CHANGES TO THIS PRIVACY POLICY IN A NOTICE OF THE CHANGE AT THE BOTTOM OF OUR WEB PAGE WITH A HYPERLINK THERETO. PLEASE REGULARLY REVIEW THIS PRIVACY POLICY. NOTWITHSTANDING IF YOU CONTINUE TO USE OUR SERVICES, YOU ARE BOUND BY ANY CHANGES THAT WE MAKE TO THIS PRIVACY POLICY.
- INTRODUCTION
Nucs AI, Inc. (“Nucs AI,” “we,” “us,” or “our”) respects the privacy of its Users (“User,” “your,” or “you”). This Privacy Policy (the “Privacy Policy”) explains how we collect, use, disclose, and safeguard your information when you use Nucs AI Platform (the “Platform”) through Nucs AI’s website at https://nucs.ai/
(the “Website”).
NucsAI is an AI-powered healthcare platform focused on prostate cancer management. It offers advanced analysis of tumor lesions using PSMA-PET/CT imaging to assist in clinical decision-making (“Services”). Their key products, DeepPSMA and SelectPSMA, enable fast, reproducible tumor quantification and prediction of patient outcomes, helping identify those who will benefit from PSMA-targeted treatments like Pluvicto, and reducing unnecessary treatments and costs.
Nucs AI is committed to protecting the privacy of its Users whose information is collected and stored while using Nucs AI’s Platform through our Website. This Privacy Policy is applicable to our Website, Platform and all applications offered for sale to the public. The capitalized terms have the same meaning as ascribed in our Terms of Use or Terms of Service as applicable, unless otherwise noted here.
PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. BY ACCESSING OR USING OUR WEBSITE AND PLATFORM, YOU AGREE TO ACCEPT ALL THE TERMS CONTAINED IN THIS PRIVACY POLICY AND ACKNOWLEDGE AND AGREE WITH THE PRACTICES DESCRIBED HEREIN. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT ACCESS AND USE OUR WEBSITE AND PLATFORM.
IF YOU HAVE ANY QUESTIONS REGARDING THIS PRIVACY POLICY, PLEASE SEND US AN EMAIL AT PRIVACY@NUCS.AI.
WE DO NOT SELL YOUR PERSONAL INFORMATION, NOR DO WE INTEND TO DO SO. WE DO NOT GIVE ACCESS TO YOUR PERSONAL INFORMATION TO THIRD PARTIES EXCEPT TO SUBPROCESSORS TO ASSIST US IN THE PROVISION OF OUR SERVICES TO YOU.
In addition, Nucs AI, Inc. is a “covered entity” as defined in the Health Insurance Portability and Accountability Act (“HIPAA”). As a result, for Users in the United States, we have adopted a HIPAA Notice of Privacy Practices to describe how we use and discloses your protected health information (“PHI”) as detailed in Section 16. By accessing or using our Services, you accept the practices and policies outlined in this Privacy Policy; you hereby consent that we will collect, use and disclose your information as set forth in this Privacy Policy; and you acknowledge receipt of our HIPAA Notice of Privacy Practices. If you are using our Service on behalf of an individual other than yourself, you represent that you are authorized by such individual to accept this Privacy Policy and the our HIPAA Notice of Privacy Practices on such individual’s behalf. We will not disclose, share, sell or rent your information with or to any third party (except to the extent we disclose to Providers, emergency contacts, and in compliance with regulatory and legal requirements as set out in this Policy), except with your consent, or to the extent necessary, in our good faith judgment to: comply with applicable laws or regulations, respond to a subpoena, order, or similar obligation to produce information; establish or exercise our legal rights or defend against legal claims; or investigate, detect, suppress, prevent or take action regarding illegal or prohibited activities, suspected fraud, situations involving potential threats to the reputation or safety of any person. We may use or disclose your email address, but never PHI, information to market a product or service, either directly, or through a service provider or partner that performs services on our behalf.
- TERRITORIAL RESTRICTION
Our Website and Platform are available for use and download globally. If you are a resident of the United States (“US”), the laws of the State of Delaware, United States shall apply. If you are a resident of any other country, please ensure compliance with all local laws prior to using our Website or Platform. You must comply with this Privacy Policy and our Terms of Use and Terms of Service, as applicable. If you have any questions regarding this Section, please email us at privacy@nucs.ai.
- USE BY MINORS
Nucs AI’S WEBSITES, PLATFORM, AND SERVICES ARE NOT MEANT FOR USE BY PEOPLE UNDER THE AGE OF 18. IF YOU ARE UNDER 18, PLEASE DO NOT USE OUR WEBSITE, PLATFORM, AND SERVICES ON YOUR OWN. Any information you provide us on behalf of your minor child will be treated in accordance with this Privacy Policy. We do not knowingly collect information for individuals under the age of 18. If we learn that we have collected or received any information for an individual under the age of 18, we will only use that information to respond directly to that child (or a parent, legal guardian or personal representative) to inform him or her that he or she cannot use our Service, and subsequently we will delete that information from our own servers.
- WHAT INFORMATION DO WE COLLECT?
When you register to use our Website or Platform, we collect personal information (also referred to as personally identifiable information or “PII”) which may include your name, online contact information such as your email address or username, phone number, and other personal information. The information so collected will be stored on our servers. You are able to change your personal information via email by contacting us at privacy@nucs.ai or through your profile or account settings on our Websites or Platform.
- Equipment Information. We may collect information that does not personally identify you such as information about your internet connection, the equipment you use to access our Websites, or Platform, and usage details.
- Financial Information. We currently do not collect or store any credit cards or bank information, as we are using a third-party payment processor. However, we will update this Privacy Policy when we start using and storing such information. We will also inform you via reasonable means if we start collecting such information from you.
- Persistent identifier. We may collect information that can be used to identify a user over time across different websites or other online services, such as a customer number stored in a cookie, IP address, of device or processor identifier.
- Commercial purchase information. . We may collect commercial purchase information like records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies from our Website.
- Protected Health Information. We may also collect certain information from you and your health care provider who provide treatment or other services to you in connection with our Services as indicated in Section 16.
- HOW DO WE COLLECT INFORMATION?
We collect personal information from you in the following ways:
- Through mobile and desktop applications your downloads from our Websites or Platform, which provides dedicated non-browser based interaction between you and our Websites or Platform;
- When you interact with our advertising and applications on third-party website and services, if those applications or advertising include a link to this Privacy Policy;
- When you subscribe to a newsletter;
- From your responses to a survey;
- From forms filled out by you; and
- From records or copies of correspondences (including email addresses) if you contact us.
We collect information from you automatically when you navigate through our Websites or Platform in the following ways:
- Usage details;
- Information obtained through browser cookies;
- Information obtained through flash cookies; and
- Other tracking technologies.
- HOW DO WE USE YOUR INFORMATION?
We use the information that you provide to:
- Personalize your experience in using our Platform;
- Provide you with information, products, or services requested from us;
- Present our Websites and Platform and their contents to you;
- Provide you with notices about account and/or subscription, including expiration and renewal notices;
- Carry out obligations and enforce rights arising from contracts entered into between you and us, including billing and collection;
- Notify you about changes to our Websites and Platform and any products or services;
- Allow you to participate in interactive features on our Websites and Platform;
- Improve the Websites and Platform;
- Improve our customer service;
- Administer contests, promotions, and surveys or other Websites and Platform features;
- Process transactions;
- Anonymize data and aggregate data for statistics;
- Contact you about our products and services that may be of interest;
- Contact you about third parties’ goods and services;
- Enable the display of advertisements to our advertisers’ target audiences, although personal information is not shared with advertisers without your consent; and
- Send you periodic emails, in accordance with the CAN-SPAM Act of 2003 as detailed in Section 18, via the email address provided by you to (i) send information, respond to inquiries, and/or other requests or questions; (ii) process orders and send information and updates pertaining to such orders; (iii) send additional information related to your product and/or service; and (iv) market to our mailing list or continue to send email to you after the original transaction has occurred.
- OUR COOKIE POLICY
Cookies are small pieces of text used to store information on web browsers. Cookies are used to store and receive identifiers and other information on computers, phones, and other devices. Other technologies, including data we store on your web browser or device, identifiers associated with your device, and other software, are used for similar purposes. In this Privacy Policy, we refer to all of these technologies as “Cookies.”
We use Cookies on our Website to (a) understand and save your preferences for future visits, (b) keep track of advertisements, (c) compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future, and (d) allow trusted third-party services that track this information on our behalf. You can set your browser to refuse all or some browser Cookies, but it may affect your user experience. We honor Do Not Track signals and, if one is in place, we will not track, plant cookies, or use advertising.
We do not allow third party behavioral tracking and links to third-party web pages. We do not include or offer third-party products or services on our Website or Platform. We use third parties (called “sub-processors under the GDPR), who have access to personal information of our consumers to perform some of the operational functions (such as billing or collection) to provide a full service to our customers. We seek to protect the integrity of our Websites or Platform and welcome any feedback at about these sites. Please contact us at privacy@nucs.ai.
- HOW DO WE PROTECT INFORMATION WE COLLECT?
Our Website and Platform are reasonably scanned to meet or exceed PCI Compliance. Our Website receives regular security scans and penetration tests. Our Website also receive regular malware scans. In addition, our Website use an SSL certificate as an added security measure. We require username and passwords for our employees who can access your personal information that we store and/or process on our Platform and servers. In addition, we actively prevent third parties from getting access to your personal information that we store and/or process on our Platform and servers. We accept payment by credit card through a third party credit card processor on our behalf. We will implement reasonable security measures every time you (a) place an order, or (b) enter, submit, or access your information, (c) register, or (d) access our Platform, on our Website.
- DATA SECURITY MEASURES.
- Security Measures. We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Websites or Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Websites or Platform. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Websites or Platform.
- Fair Information Practice Principles. In the event of a personal data breach, we will notify you within thirty six (36) hours via (i) email and/or (ii) our Platform notification system on our Website. We will also notify all relevant state and federal regulatory agencies as required by applicable laws. We agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
- Data Retention. We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Specific retention periods for different aspects of your personal data are as follows:
- Personal Identification Information: Retained for the duration of your account and up to 5 years after account deletion.
- Health Information: Retained as per legal requirements or until no longer necessary for the purpose it was collected.
- Transaction Data: Retained for up to 7 years for tax and audit purposes.
- Upon the expiration of the applicable retention period, we will securely delete or anonymize your personal data.
- DISCLOSURE OF PERSONAL INFORMATION
There are times when we may share Personal Information that you have shared with us may be shared by Nucs AI with others to enable us to provide you over Services, including contractors, service providers, and third parties (“Partners”). This section discusses only how Nucs AI may share such information with Partners. We will ensure that our Partners protect your Personal Information. The following describe how and with whom we may share your Personal Information:
Disclosure of Personal Information.
- We may disclose aggregated, de-personalized information about you that does not identify any individual to other parties without restriction, such as for marketing, advertising, or other uses.
- We may disclose personal information to our subsidiaries and affiliates.
- We may disclose personal information to contractors, services providers, and other third parties.
- We require all contractors, service providers, and other third parties to whom we disclose your personal information to be under contractual obligations to keep personal information confidential and to use it only for the purposes for which we disclose them.
- We may disclose personal information in the event of a merger, sale of business, etc.
- We may disclose to third parties to market their products and services to you if you have either consented or not opted out of these disclosures.
- We may disclose personal information to third parties to market their products and services if you have either consented or not opted out of these disclosures.
- We require all other Partners, to whom we disclose your personal information, to enter into contracts with us to keep personal information confidential and use it only for the purposes for which we disclose it to such Partners.
- We may only disclose personal information as described in this Privacy Policy or your consent.
Other Disclosure of Personal Information.
- We will disclose personal information (i) to comply with any court order, law, or legal process, including to respond to any government or regulatory request, (ii) to enforce or apply our Terms of Use or Terms of Service and other agreements, including for billing and collection purposes, (iii) if we believe it is necessary or appropriate to protect the rights, property, or safety of Nucs AI our customers or others, and/or (iv) if it is necessary or appropriate to protect the rights, property, or safety of Nucs AI, our customers, or others, and this includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Third Party Disclosure.
- We do not sell, trade, rent, or otherwise transfer personal information to others, unless we provide you with advance notice. This does not include our hosting partners and other parties who assist us in operating our Website or Platform, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
- We do not provide non-personally identifiable information (depersonalized and disaggregated) to other parties for marketing, advertising, or other uses.
Choices Users Have About How Nucs AI Uses and Discloses Information.
- Tracking Technologies and Advertising. You can set their browser to refuse some or all the browser cookies, but if you disable or refuse cookies, some parts of our Websites may not be accessible or function properly.
- Disclosure of Users’ Information for Third-Party Advertising. Users can opt-out by (i) checking the relevant form when we collect the data; or (ii) emailing us their opt-out request at privacy@nucs.ai. Users receiving promotional email can opt-out by sending a return email requesting to be omitted from future promotional email distributions. This opt-out will not apply to information provided by Nucs AI for product purchases, warranty registration, or other transactions.
- Disclosure of User’s Information for Targeted Advertising. Users can opt-out by (i) checking the relevant form when we collect the data, or (ii) emailing us their opt-out request at privacy@nucs.ai.
- GOOGLE ADSENSE AND GOOGLE ANALYTICS
Google, as a third-party vendor, uses Cookies to serve advertisements to Users on our Websites and Platform. Google uses first-party Cookies, such as Google Analytics Cookies, to compile data regarding User interactions with ad impressions and other ad service functions as they relate to our Platform. We currently use Google Analytics to collect and process certain Website usage data. To learn more about Google Analytics and how to opt-out, please visit https://policies.google.com/privacy/google-partners.
We have implemented advertising features on our Websites and Platform including: (a) remarketing with Google AdSense; (b) Google Display Network Impression Reporting; (c) Google Demographics and Interests Reporting; and (d) Google’s DoubleClick platform integration.
We use these Cookies to compile data regarding User interactions with ad impressions and other ad service functions as they relate to our Website.
- FOR OUR EUROPEAN CUSTOMERS AND VISITORS
We are headquartered in the United States. Most of the operations are located in the United States. Your Personal Information, which you give to us during registration or use of our Website or Platform, may be accessed by or transferred to us in the United States. If you are visiting our Web site or registering for our Services from outside the United States, be aware that your Personal Information may be transferred to, stored, and processed in the United States. Our servers or our third-party hosting services partners are located in the United States. By using our site, you consent to any transfer of your Personal Information out of Europe, UK, or Switzerland for processing in the US or other countries.
- If you are a resident of or a visitor to Europe, you have certain rights with respect to the processing of your Personal Data, as defined in the General Data Protection Regulation (“GDPR”).
- Please note that in some circumstances, we may ask you to provide us with additional information in connection with your request, which may be Personal Data, for example, if we need to verify your identity or the nature of your request.
- In such situations, however, we will still respond to let you know of our decision.
- As used herein, “Personal Data” means any information that identifies you as an individual, such as name, address, email address, IP address, phone number, business address, business title, business email address, company, etc.
- EU Standard Contractual Clauses. On June 4, 2021, the EU promulgated a new set of SCCs (the “New SCCs”), which replaced the old SCCs which had been in place for over a decade. We now comply with the New SCCs with respect to the transfer of Personal Data from the EU to the US and other countries for Processing, as defined in the GDPR. If there is any conflict between the terms and conditions in this Privacy Policy and your rights under the New SCCs, the terms and conditions in the new SCCs will govern.
- The New SCCs.
- The New SCCs took effect on June 27, 2021.
- The Old SCCs may still be used for new data transfers in new contracts during a three-month transition period that ends on September 27, 2021.
- Existing data transfers contracts that rely on the Old SCCs can be used until December 27, 2022, by which time all data transfers relying on the Old SCCs must be transitioned to the New SCCs.
- As of now, we and our customers are using the New SCCs to transport Personal Data from the EU to other countries including the US for processing by us.
- You are the Controller, as defined in the GDPR, and the Exporter, as defined in the New SCCs, of the Personal Data and we are a processor, as defined in the GDPR, and the Importer of such Personal Data.
- You agree to comply with the GDPR rules that apply to Controllers and the New SCCs rules that apply to Data Exporters. We agree to comply with the GDPR rules that apply to Processors and the New SCCs rules that apply to Data Importers.
- Our GDPR Compliance Commitment.
- We agree to fully comply with the letter and the spirit of the GDPR and the New SCCs with respect to the transfer or your Personal Data for Processing outside the EU.
- As a Data Importer, a User may contact us as set forth in Subsection 12(d) below with respect to the Personal Data we store and process on you.
- We hereby notify you that we will be processing, as defined in the GDPR, the Personal Data of your Authorized Users (i.e., those individuals whom you have authorized to access our Platform and to use our Services) in the US, Canada, and Turkey for us to be able to provide the Services to you that we have agreed to do in our definitive service agreement between you and us.
- Upon request, we will provide you with a list of your Personal Data that we will process and a copy of the New SCCs under which we will transport your Personal Data for processing.
- We hereby warrant that, at the time of agreeing to the SCCs for the transport of your Personal Data, we have no reason to believe that the laws and practices applicable to us as a data processor and a data importer, including those of the US, Canada, and Turkey are not in line with the requirements of the New SCCs.
- If we cannot satisfy any request or dispute to your satisfaction, we will agree to arbitrate or litigate the dispute in the EU jurisdiction in which your reside.
- We will only transfer your Personal Data to a third country in accordance with documented instructions from you.
- Your Personal Data will be transferred and stored in an encryption format.
- Only our employees, who have a need to access your Personal Data to enable us to meet our contractual and legal obligations to you, will be given access to your Personal Data.
- Such employees will be given a User Name and Password to access your Personal Data.
- We will keep an automated record of all persons who have accessed your Personal Data.
- Rights of Data Subjects. To make any of the following requests, with respect to this Privacy Policy, our Terms or Use, and/or Personal Data, please contact us (i) via email at privacy@nucs.ai, or (ii) by writing to us at Nucs AI, 8 The Green STE 15911 Dover, DE 19901, United States.
- Access: You can request more information about the Personal Information we hold about you. You can also request a copy of the Personal Information.
- Rectification: If you believe that any Personal Information we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.
- Objection: You can contact us to let us know that you object to the collection or use of your Personal Information for certain purposes.
- Erasure: You can request that we erase some or all of your Personal Information from our systems.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Information.
- Portability: You have the right to ask for a copy of your Personal Information in a machine-readable format. You can also request that we transmit the data to another entity where technically feasible.
- Withdrawal of Consent: If we are processing your Personal Information based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, it may limit your ability to use some/ all of our Services or Platform and you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Information, if such use or disclosure is necessary to enable you to utilize some or all of our Services and Platform.
- Right to File Complaint: You have the right to lodge a complaint about our practices with respect to your Personal Information with the supervisory authority of your country or EU Member State. Please go to https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm to locate your Data Protection Authority in the EU. You may contact the UK’s Information Commissioner at https://ico.org.uk/make-a-complaint or by telephone: 0303 123 1113.
- We will respond to your inquiry within thirty (30) days of the receipt.
- FOR OUR BRAZILIAN CUSTOMERS
This Section supplements the information contained in our Privacy Policy above and applies solely to all visitors, users, and others to our Websites or Platform, who reside in Brazil (“consumers” or “you”). We comply with the Lei Geral de Proteção de Dados (General Data Protection Law, or LGPD) and any terms defined in the LGPD have the same meaning when used in this Section.
- Brazilian Data Protection Officer. We have appointed a Brazilian Privacy and Data Protection Officer, FARID YAGUBBAYLI, privacy@nucs.ai, to make sure the privacy rights of our Brazilian users are protected in compliance with LGPD.
- Data Breach: In the event of a personal data breach, we will notify the User within 72 hours via (i) email, and/or (ii) our Platform notification system on our Websites/Platform. We agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
- FOR OUR CANADIAN USERS
This Section supplements the information contained in our Privacy Policy above and applies solely to all visitors, users, and others to our Websites or Platform, who reside in Canada (“consumers” or “you”). We ensure with the Personal Information Protection and Electronics Document Act of 2000 (“PIPEDA”) and any terms defined in the PIPEDA have the same meaning when used in this Section.
- Definition of Personal Information. Any information about an identifiable individual. Whatever may be the physical form or characteristics of a particular regime for “business contact information” (name, position, title, address, professional phone number, etc.)
- Right to Access Personal Information. You can request to access your personal information we hold about you. We will first confirm whether you have requested such information, explain how we have used your information, provide a list of names with whom your information has been shared and provide a copy of your information in an accessible format and make alternative formats available if requested.
- Right to Correction/Limited Right to Deletion. You can request us to correct or delete your information IF you demonstrate that the personal information we hold on you is inaccurate. We will delete or correct your information within thirty (30) calendar days. When we delete/correct your personal information we will inform the third parties with whom we have shared your information.
- Right to be Forgotten. Your information will be kept with us for as long as it is required for the fulfillment of the purposes of Nucs AI platform. Unless we otherwise give you notice, we will retain your Information on the Nucs AI Platform on your behalf until such times as you or we terminate your User Account.
- Data Breach Notification. We will send a notification to you as soon as feasible regarding the information of any breach that creates a “real risk of significant harm” to you. We keep a record of every data breach and, on request, provide the Office of the Privacy Commissioner with access to the record.
- Canadian Privacy Officer. We have appointed a Canadian Privacy and Data Protection Officer, FARID YAGUBBAYLI, privacy@nucs.ai, to make sure the privacy rights of our Canadian users are protected in compliance with PIPEDA.
- Two Factor Authentication. You may enable two-factor authentication on your account to help ensure that only you can access your account. If you do, in addition to entering your password to log in to your account to access the Nucs AI Platform, we will send a code to your mobile number, which you will need to enter. This added security prevents anyone else from accessing your Nucs AI account unless they have access to your login information.
- Contact Information. You may contact us (i) at privacy@nucs.ai, or (ii) by writing to us at Privacy Officer, at 8 The Green STE 15911 Dover, DE 19901, United States to (i) make a Personal Information Request, (ii) correct or delete your personal information, (iii) discuss our Privacy Policy and/or anything that has to do with it. We will respond within thirty (30) calendar days of receiving such a request or query. Additionally, in order for us to respond to your request or query, we will need to collect information from the requesting party to verify their identity.
- OTHER PRIVACY RIGHTS
- Your California Privacy Rights
- California Civil Code. Nucs AI does not sell, trade, or otherwise transfer to outside third parties your “Personal Information” as the term is defined under the California Civil Code Section § 1798.82(h). Additionally, California Civil Code Section § 1798.83 permits Users of our Websites or Platform that are California residents to request certain information regarding our disclosure of their Personal Information to third parties for their direct marketing purposes. To make a request for such disclosure, or identification and/or deletion of Personal Information in all our systems that we store on you, please send an email to privacy@nucs.ai or write us at Nucs AI, 8 The Green STE 15911 Dover, DE 19901, United States. Note that (i) if we delete your Personal Information as requested, we will no longer be able to provide our services to you and (ii) we may need to keep such Personal Information for a while during the shutting down and billing process. If you would like to discuss our Personal Information storage and processing process with us, please send us an email at privacy@nucs.ai or write us at Nucs AI, 8 The Green STE 15911 Dover, DE 19901, United States.
- Other State Privacy Rights
This Privacy Policy explains how we collect, use, and disclose your Personal Information in the Sections above. This Section describes how to exercise your rights under the various state privacy laws as detailed below (“State Privacy Laws”)
- Massachusetts. The Massachusetts Data Protection Law (201 CMR 17.00), sets standards for the protection of personal information of residents of Massachusetts. Residents of Massachusetts have the following rights under Massachusetts law (i) the right to request access to their personal information that is held by us and to receive a copy of that information; (ii) the right to request the correction of any inaccurate or incomplete personal information; (iii) the right to request that we delete your personal information; (iv) the right to opt-out of the collection, use, or disclosure of your personal information for marketing purposes; (v) the right to be notified in the event of a data breach involving their personal information; and (vi); the right to Opt-in for collection, use or disclosure of Sensitive Personal Information. Further, you have the right to file a complaint with the Massachusetts attorney general if you believe we have violated the Massachusetts Data Protection Law by calling (617) 727-8400 or filing a complaint at https://www.mass.gov/how-to/file-a-consumer-complaint.
- Colorado. The Colorado Privacy Act (Colo. Rev. Stat. § 6-1-1301 et seq.) protects the privacy of Colorado consumers. We are not currently subject to this state’s law but shall update you when we are, in accordance with Section 19.
- Connecticut. Nucs AI does not sell, trade, or otherwise transfer to outside third parties your “Personal Data” as the term is defined under Connecticut’s Privacy Act and Act Concerning Personal Data Privacy and Online Monitoring. We are not currently subject to this state’s law but shall update you when we are, in accordance with Section 19.
- Utah. On March 24, 2022, Utah enacted the Utah Consumer Privacy Act (UCPA § 13-61-102(1)) which will go into effect on December 31, 2023. We are not currently subject to this state’s law but shall update you when we are, in accordance with Section 19.
- New York: The New York Privacy Act sets strict rules about how businesses must handle consumers’ personal information and gives individuals new rights concerning data. New York residents have the rights to (i) access, correct, deletion, and disclosure regarding your Personal Information; and (ii) know what personal information is being collected about them, how it is being used, and with whom it is being shared.
- Virginia. The Virginia Consumer Data Protection Act (Va. Code § 59.1-571 et seq.) effective from January 1, 2023 provides Virginia residents with certain rights regarding the collection, use, and sharing of their personal information. We are not currently subject to this state’s law but shall update you when we are, in accordance with Section 19.
Note that (i) if we delete your Personal Information as requested, we will no longer be able to provide our services to you and (ii) we may need to keep such Personal Information for a while during the shutting down and billing process. We have appointed a Privacy and Data Protection Officer, FARID YAGUBBAYLI to make sure the privacy rights of our Users are protected.
- HIPAA NOTICE OF PRIVACY PRACTICES
Our HIPAA Notice of Privacy Practices attached as Exhibit A to this Privacy Policy and available on our Websites at https://www.nucs.ai describes (i) how we use, collect and process your health information, medical information or other information that is PHI as defined in the HIPAA Notice of Privacy Practices; and (ii) Your rights and choices with respect to your PHI; and (iii) our responsibilities when dealing with your PHI. PLEASE REVIEW OUR HIPAA NOTICE OF PRIVACY PRACTICES CAREFULLY.
- COPPA COMPLIANCE (FOR CHILDREN UNDER 13 USERS ONLY)
The Children’s Online Privacy Protection Act (“COPPA”) is a federal legislation that applies to entities that collect and store “Personal Information,” as the term is defined under COPPA, from children under the age of 13. We are committed to ensure compliance with COPPA. Our Websites and Platform are not meant for use by children under the age of 13. Our Websites and Platform do not target children under the age of 13, but we do not age-screen or otherwise prevent the collection, use, and personal disclosure of persons identified as under 13. If you would like to know more about our practices and specifically our practices in relation to COPPA compliance, please email us at privacy@nucs.ai.
IF YOU ARE UNDER 13, PLEASE DO NOT ACCESS OR USE OUR WEBSITE OR PLATFORM.
- CAN-SPAM ACT OF 2003
The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have businesses stop emailing them, and spells out penalties for violations. Per the CAN-SPAM Act, we will:
- not use false or misleading subjects or email addresses;
- identify the email message as an advertisement in some reasonable way;
- include the physical address of Nucs AI, which is 8 The Green STE 15911 Dover, DE 19901, United States;
- monitor third-party email marketing services for compliance, if one is used;
- honor opt-out/unsubscribe requests quickly; and
- give an “opt-out” or “unsubscribe” option.
If you wish to opt out of email marketing, follow the instructions at the bottom of each email or contact us at privacy@nucs.ai and we will promptly remove you from all future marketing correspondences.
- MODIFICATIONS TO OUR PRIVACY POLICY
We will post any changes to this Privacy Policy in a notice of the change at the bottom of our web page with a hyperlink thereto. We will also send you an email describing such changes. Please regularly review this Privacy Policy. Notwithstanding if you continue to use our services, you are bound by any changes that we make to this Privacy Policy.
- LIST OF THIRD-PARTY SERVICE PROVIDERS
Nucs AI uses the following third-party service providers for the provision of services as detailed under the Terms of Use or Terms of Service, as applicable
- Stripe, Inc.
Email: info@stripe.com
Address: 510 Townsend St, San Francisco, CA 94103 - Google Cloud
Websites: www.support@google.com
Telephone: (855) 817-0841 - PayPal
Address: 2211 North First Street San Jose, CA 95131
Websites: https://www.paypal.com/us/smarthelp/contact-us
Additionally, if you have any questions or concerns about our third-party service providers, please email us at privacy@nucs.ai.
- COPYRIGHT INFRINGEMENT/DMCA NOTICE
If you believe that any content on our Websites or Platform violates your copyright, and you wish to have the allegedly infringing material removed, the following information in the form of a written notification (pursuant to the Digital Millennium Copyright Act of 1998 (“DMCA Takedown Notice”)) must be provided to our designated Copyright Agent.
- Your physical or electronic signature;
- Identification of the copyrighted work(s) that you claim to have been infringed;
- Identification of the material on our Websites or Platform that you claim is infringing and that you request us to remove;
- Sufficient information to permit us to locate such material;
- Your address, telephone number, and email address;
- A statement that you have a good faith belief that use of the objectionable material is not authorized by the copyright owner, its agent, or under the law; and
- A statement that the information in the notification is accurate, and under penalty of perjury, that you are either the owner of the copyright that has allegedly been infringed or that you are authorized to act on behalf of the copyright owner.
Nucs AI’s Copyright Agent to receive DMCA Takedown Notices is FARID YAGUBBAYLI, at privacy@nucs,ai and at Nucs AI, Inc. Attn: DMCA Notice, 8 The Green STE 15911 Dover, DE 19901, United States. You acknowledge that for us to be authorized to take down any content, your DMCA Takedown Notice must comply with all the requirements of this Section. Please note that, pursuant to 17 U.S.C. § 512(f), any misrepresentation of material fact (falsities) in a written notification automatically subjects the complaining party to liability for any damages, costs and attorney’s fees incurred by Nucs AI in connection with the written notification and allegation of copyright infringement.
- ANTI-BRIBERY COMPLIANCE
Nucs AI represents and warrants that it is fully aware of and will comply with, and in the performance of its obligations hereunder will not take any action or omit to take any action that would cause it or its customers to be in violation of, (i) U.S. Foreign Corrupt Practices Act, (ii) U.K. Anti-Bribery Act, (iii) India Prevention of Corruption Act of 1988, or (iv) any other applicable anti-bribery statutes and regulations, and (v) any regulations promulgated under any such laws. Nucs AI represents and warrants that neither it nor any of its employees, officers, or directors is an official or employee of any government (or any department, agency or instrumentality of any government), political party, state owned enterprise or a public international organization such as the United Nations, or a representative or any such person (each, an “Official”). Nucs AI further represents and warrants that, to its knowledge, neither it nor any of the Officials has offered, promised, made or authorized to be made, or provided any contribution, thing of value or gift, or any other type of payment to, or for the private use of, directly or indirectly, any Official for the purpose of influencing or inducing any act or decision of the Official to secure an improper advantage in connection with, or in any way relating to, (A) any government authorization or approval involving Nucs AI, or (B) the obtaining or retention of business by Nucs AI. Nucs AI further represents and warrants that it will not in the future offer, promise, make or otherwise allow to be made or provide any payment and that it will take all lawful and necessary actions to ensure that no payment is promised, made or provided in the future by any of the Officials.
- CONTACT US
To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:
- Privacy Officer: FARID YAGUBBAYLI
- Email: privacy@nucs.ai
- Address: Nucs AI, 8 The Green STE 15911 Dover, DE 19901, United States
PLEASE NOTE: IF YOU USE OUR WEBSITE OR PLATFORM, YOU HAVE AGREED TO AND ACCEPTED THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY AND THE TERMS AND CONDITIONS SET FORTH IN OUR TERMS OF USE OR OUR TERMS OF SERVICE, AS APPLICABLE. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY OR OUR TERMS OF SERVICE, PLEASE DO NOT USE OUR WEBSITE OR PLATFORM.
EXHIBIT A
HIPAA NOTICE OF PRIVACY PRACTICES
Effective Date: August 19, 2024
- PHI: “Protected Health Information” or “PHI” means health information, including identifying information about you, we have collected from you or received from your health care providers, health plans, your employer or a health care clearinghouse. It may include information about your past, present or future physical or mental health or condition, the provision of your health care, and payment for your health care services.
- Use of PHI: We will use your PHI for the following
- For Treatment: We will use and disclosure your PHI without your authorization to provide your health care and any related services. We will also use and disclose your PHI to coordinate and manage your health care and related services. For example, we may need to disclose information to a case manager who is responsible for coordinating your care. We will never share any substance abuse treatment records without your written permission.
- For Payment: We may use or disclose your PHI without your authorization so that the treatment and services you receive are billed to, and payment is collected from, your health plan or other third-party payer. By way of example, we may disclose your PHI to permit your health plan or other health insurer to take certain actions before your health plan or insurer approves or pays for your services.
- For Health Care Operations: We may use and disclose PHI about you without your authorization for our health care operations. These uses and disclosures are necessary to run our organization and make sure that our clients receive quality care. These activities may include, for example, quality assessment and improvement, reviewing the performance or qualifications of our Providers, licensing, accreditation, business planning and development, and general administrative activities. We may combine PHI of many of our clients to decide what additional services we should offer, what services are no longer needed, and whether certain treatments are effective.
- Health-Related Benefits and Services: We may use and disclose PHI to tell you about health-related benefits or services that may be of interest to you.
- Other Uses: We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see:
www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.
These other uses include the following:- We can share health information about you for certain situations such as preventing disease; helping with product recalls; reporting adverse reactions to medications; reporting suspected abuse, neglect, or domestic violence; or preventing or reducing a serious threat to anyone’s health or safety
- We can use or share your information for health research.
- We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.
- We can share health information about you with organ procurement organizations.
- We can share health information with a coroner, medical examiner, or funeral director when an individual dies.
- We can use or share health information about you (i)for workers’ compensation claims; (ii) for law enforcement purposes or with a law enforcement official; (iii) with health oversight agencies for activities authorized by law; or (iv) for special government functions such as military, national security, and presidential protective services; and
- We can share health information about you in response to a court or administrative order, or in response to a subpoena
- Your Rights: The health record we maintain, and billing records are the physical property of Nucs AI. The information in it, however, belongs to you. You have the following rights:
- Copies of your PHI: You can ask to see or get an electronic or paper copy of your PHI, medical record and other health information we have about you. You may exercise this right by delivering the request in writing to our office. We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee for this. You can also appeal a denial of access to your PHI except in certain circumstances.
- Correction of PHI: You can ask us to correct PHI about you that you think is incorrect or incomplete. You can ask us how to do this by emailing us at privacy@nucs.ai. We may say “no” to your request, but we’ll tell you why in writing within sixty (60) days. You may file a statement of disagreement if your request for amendment is denied, and require that the request for amendment and any denial be attached in all future disclosures of your PHI;
- Request confidential communication: You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address. We will comply with all reasonable requests.
- Limit the PHI we shared: You can ask us not to use or share certain PHI for treatment, payment, or our operations. We are not required to agree to your request, but we will comply with any request granted. If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.
- List of whom we’ve shared PHI with: You can ask for a list (accounting) of the times we’ve shared your PHI for six years prior to the date you ask, who we shared it with, and why. We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make) or disclosures made to family members or friends while providing care. We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within twelve (12) months.
- Get a copy of this Notice: You can ask for a paper copy of our HIPAA Notice of Privacy Practices (“Notice”) at any time, even if you have agreed to receive the Notice electronically. We will provide you with a paper copy promptly.
- Choose someone to act for you: If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information. We will take reasonable steps to ensure the person has this authority and can act for you before we take any action.
- File a complaint: You can complain if you feel we have violated your rights by contacting our Privacy Officer, Farid Yagubbayli at privacy@nucs.ai or by writing to us at Nucs AI, 8 The Green STE 15911 Dover, DE 19901, United States. You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.
- Revocation: You may revoke any authorizations that you made previously to use or disclose information except to the extent information or action has already been taken by delivering a written revocation to our office.
If you want to exercise any of the above rights, please contact us at privacy@nucs.ai at Nucs AI, Inc., 8 The Green STE 15911 Dover, DE 19901, United States. We will provide you with assistance on the steps to take to exercise your rights. You have the right to review this Notice before signing the consent authorizing use and disclosure of your PHI for treatment, payment, and health care operations purposes.
- Your Choices: . Please note that If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety. privacy@nucs.ai
- In these cases, you have both the right and choice to tell us to:
- share information with your family, close friends, or others involved in your care;
- share information in a disaster relief situation;
- include your information in a hospital directory; and
- Contact you for fundraising efforts
- In these cases, we will never share your information unless you give us written permission:
- Marketing purposes
- Sale of your information
- Most sharing of psychotherapy notes, that does not include the sharing of such information solely for the purposes of providing you with our Services and only to such persons and entities that need to know such information for the provision of our Services to you.
Please note that when you register for our Services and accept our Privacy Policy, this Notice, our Terms of Service and Terms of Use, your acceptance amounts to written permission.
- In the case of fundraising: we may contact you for fundraising efforts, but you can tell us not to contact you again.
- In these cases, you have both the right and choice to tell us to:
- Our Obligations: Nucs AI shall:
- Maintain the privacy and security of your PHI as required by law;
- Let you know promptly if a breach occurs that may have compromised the privacy or security of your information
- Abide by the terms of this Notice and give you a copy of it;
- Accommodate your reasonable requests regarding methods to communicate health information with you;
- Notify you if we cannot accommodate a requested restriction or request; and
- Not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.
For more information see:
www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.
- Changes to this Notice: We reserve the right to amend, change, or eliminate provisions in our privacy practices and access practices and to enact new provisions regarding the PHI we maintain. If our information practices change, we will amend our Notice. You are entitled to receive a revised copy of the Notice by calling and requesting a copy of our Notice or by visiting our office and picking up a copy. If you have any questions about this notice, kindly contact us at privacy@nucs.ai. The new Notice will also be readily available on our Websites.
This Privacy Notice applies to the following entities:
Nucs AI, Inc.
- Address: 8 The Green STE 15911 Dover, DE 19901, United States
- Privacy Officer: FARID YAGUBBAYLI
- Email Address: privacy@nucs.ai
- Telephone Number: +1 (628) 333-3020