Privacy Policy for Nirmitee.io

Overview

Nirmitee.io is dedicated to protecting your privacy and ensuring compliance with applicable regulations, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA), where applicable. This Privacy Policy outlines how we collect, use, protect, and disclose information, including Protected Health Information (PHI) when applicable.

By accessing our website and services, you agree to the terms outlined in this Privacy Policy. If you do not agree with these terms, please refrain from using our services.

1. Information We Collect

We collect information to provide, manage, and improve our services. The types of data we collect may include:

a. Personal Information (PI)

You may provide personal information when you:

• Register on our website or fill out forms
• Contact us for inquiries or support
• Use services requiring identity verification or medical data submission

This may include:

• Full name, email address, phone number
• Company name, job title, and address
• Health-related information if required for services (in compliance with HIPAA)

b. Protected Health Information (PHI)

If Nirmitee.io collects or processes health-related data, it is treated as Protected Health Information (PHI) and handled in compliance with HIPAA requirements. PHI includes:

• Medical records and history
• Health plan information
• Any information relating to physical or mental health

c. Non-Personal Information

We automatically collect certain technical information, such as:

• IP address, device information, and browser type
• Referring and exit pages
• Time spent on our site and session data

d. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to personalize your experience, analyze website traffic, and enhance our services. You can manage your cookie preferences through your browser settings.

2. How We Use Your Information

We process information for the following purposes:

• To provide, manage, and improve our services
• To comply with contractual or legal obligations (including HIPAA for health-related services)
• To respond to inquiries and offer customer support
• For marketing and promotional purposes (with your consent, where applicable)
• To conduct data analysis and research for service improvement
• To comply with legal requirements and ensure the security of our services

PHI-Specific Use (HIPAA)

PHI is only used for purposes permitted by HIPAA, such as:

• Providing services requested by you or your healthcare provider
• Processing claims and payments
• Ensuring compliance with applicable healthcare regulations

3. Legal Basis for Processing (GDPR Compliance)

We process personal data under the following legal bases:

• Consent: When you have given clear consent for us to process your data
• Contractual Necessity: To fulfill a contract or service request
• Legal Obligation: To comply with laws, including HIPAA and GDPR
• Legitimate Interest: To improve our services while protecting your rights

4. Your Rights

Depending on your location, you have rights regarding your personal information:

Under GDPR (for EU Residents):

• The right to access, correct, or delete your personal data
• The right to restrict or object to data processing
• The right to data portability
• The right to withdraw consent

Under CCPA (for California Residents):

• The right to know what personal information we collect
• The right to request the deletion of your personal information
• The right to opt out of the sale of personal information (Note: Nirmitee.io does not sell personal information)
• The right to non-discrimination for exercising your rights

Under HIPAA:

• The right to access and request copies of your health information
• The right to request corrections to your health records
• The right to receive a list of disclosures of your PHI
• The right to request restrictions on certain uses and disclosures of your PHI

To exercise any of these rights, please contact us at hello@nirmitee.io.

5. Data Security

We implement stringent security measures to protect your personal information and PHI. These measures include encryption, access controls, and secure data storage. While we strive to protect your data, no transmission method is 100% secure.

6. Third-Party Services and Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal information.

7. Data Retention

We retain personal information only as long as necessary to fulfill the purposes outlined in this policy or as required by applicable law. PHI is retained in accordance with HIPAA regulations.

8. Children’s Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children without parental consent. If we become aware of such data collection, we will take steps to delete it.

9. International Data Transfers

If you access our services from outside the United States, your information may be transferred and processed in countries with different data protection laws. We implement appropriate safeguards for international data transfers.

10. Breach Notification (HIPAA Compliance)

In the event of a data breach involving PHI, we will notify affected individuals and relevant authorities as required by HIPAA and other applicable regulations.

11. Changes to This Policy

We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at: