NOVAREA

Menu

Privacy Policy

Last Updated: [Date]

1. Introduction

Novarea Group (“we,” “us,” or “our”) respects your privacy. This policy explains how we collect, use, and protect personal data across our subsidiaries, including:

  • Novarea AI(AI solutions)
  • Healthora & Hekma Clinical Research(health data)
  • SciPath(research services)
  • NovoLearn(e-learning)
  • Novarea ICT, Business, Bridge(IT, consulting, partnerships).

By using our website ([website URL]) or services, you agree to this policy.

2. Data We Collect

2.1 Directly Provided Data

  • Contact Information: Name, email, phone (e.g., when joining as a partner).
  • Health Data(Healthora/Hekma Clinical Research only): Anonymized medical records (HIPAA-compliant).
  • Research Data(SciPath): Non-identifiable academic/research inputs.

2.2 Automatically Collected Data

  • Usage Data: IP address, browser type, pages visited (via cookies).
  • Device Information: OS, mobile device ID (for app-based services like NovoLearn).

3. How We Use Data

Purpose

Examples

Legal Basis

Service Delivery

Member onboarding, Healthora diagnostics

Contractual necessity

Communications

Responding to inquiries, newsletters

Consent/Legitimate interest

Compliance

GDPR, HIPAA, tax laws

Legal obligation

Research (SciPath)

Aggregated, anonymized analytics

Public interest

4. Data Sharing & Subsidiaries

We share data only as necessary:

  • Within Novarea Group: Subsidiaries access data relevant to their services (e.g., Healthora processes health data; Novarea ICT handles IT infrastructure).
  • Third Parties:
    • Partners: With explicit user consent (e.g., joint research collaborations).
    • Regulators: To comply with laws (e.g., clinical trial reporting for Hekma).
  • International Transfers: Data may be processed globally, safeguarded by GDPR Standard Contractual Clauses (SCCs).

5. Data Security

  • Encryption: SSL/TLS for data transfers; anonymization for health/research data.
  • Access Controls: Role-based permissions (e.g., only Hekma medical staff access patient records).
  • Breach Protocol: 72-hour GDPR notification policy.

6. Your Rights

Depending on jurisdiction, you may:

  • Access/Deleteyour data (via [User Portal]).
  • Opt-Outof marketing (via email footer).
  • Withdraw Consent(e.g., Healthora data processing).
  • Lodge Complaintswith your local Data Protection Authority (DPA).

Note: Healthora/Hekma users may have additional HIPAA rights (e.g., request audit logs).

7. Cookies & Tracking

  • Essential Cookies: Login sessions, security (no opt-out).
  • Analytics: Google Analytics (opt-out via cookie banner).
  • Advertising: None (we do not sell data).

8. Children’s Privacy

  • NovoLearn: Collects minimal data from users aged 13+ (COPPA-compliant).
  • Healthora: No services for under-18s without parental consent.

9. Policy Updates

We will notify users of material changes via email or website banners.

10. Contact Us

For requests or questions:
Novarea Group Data Protection Officer Email: [[email protected]]
HQ Address: No 7030, Woodbine Ave, Suite 500, Markham, Ontario L3R 6G2, Canada

Healthora/Hekma Clinical Resrach-specific inquiries: [[email protected]]