Privacy Policy

Last Updated: May 2024

HealNavigator (“us“, “we” or “Company“) respects the privacy of its users (each, “you” or “User“) and is committed to protecting the privacy of Users who access, use, and/or register to our website or any other services we provide (collectively: the “Services“). We have published this Privacy Policy to outline our practices with respect to collecting, using and disclosing your information when you use the Services. We encourage you to read the Privacy Policy carefully and use it to make informed decisions.

By using the Services, you agree to the terms of this Privacy Policy and your continued use of the Services constitutes your ongoing agreement to the Privacy Policy. The Privacy Policy is a part of the Terms of Use and is incorporated therein by reference.

What Types of Information We Collect

We may collect two types of data and information from our Users:

1. The first type of information is un-identified and non-identifiable information pertaining to you, which may be made available or gathered via your use of the Services (“Non-Personal Information“). We are not aware of the identity from which the Non-personal Information is collected. Non-personal Information may include:

(a) Aggregated usage information and technical information: Such information is transmitted by your device, including certain software and hardware information about your device (e.g., the device you use, the type of browser and operating system your device uses, language preference, access time and the website’s domain name from which you linked to the Services, etc.) We may also collect information about your activity on the Services (e.g., pages viewed, online browsing, clicks, actions, timestamps, etc.); and

(b) Anonymized data: We may also anonymize or de-identify the information collected by the Services or via other means so that the information cannot, on its own, personally identify you.

We may use such Non-Personal Information to enhance the functionality of the Services and to perform research.

Our use and disclosure of Non-Personal Information is not subject to any restrictions under this privacy policy.

2. The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Information“). Such information may include:

  • Account Information: When you register to the Services, you will be asked to provide us certain details about yourself, such as:
    • Your name, email address, phone number and the medical condition for which you register to our Services.
    • In cases where you register to our Services on behalf of another person, you will also be asked to provide information on such person, such as their name and medical condition.

All in order for us to provide you with the most relevant information through our Services.

  • Device Information: We may collect Personal Information from your device. Such information may include geolocation data, IP address, unique identifiers (e.g., MAC address and UUID) as well as other information which relates to your activity through the Services.
  • Medical Information: When you use our Services, including our Integrative Oncology Nurse and Integrative Oncologist (collectively, “Integrative Services”), we process Personal Information with respect to your health and treatment preferences. This data includes but is not limited to, your health conditions, treatment history, personal health objectives, the medication you take, etc. This Personal Information can be collected through the documents you send to your caregiver through the Service, and your correspondences .
  • Voluntary Information: When you communicate with us (for example when you contact us through our chat, or through send us an email, or use our “join our newsletter” option) we collect your name, phone number, email address, and the Personal Information you provided us with within such communication (including your Medical Information, if you chose to provide it).

For the avoidance of doubt, if we combine Personal Information with Non-personal Information, the combined information will be treated as Personal Information as long as it remains combined.

Lawful Grounds for Processing

Where applicable, we rely on one or more of the following lawful bases for processing Personal Information:

·   You gave us your consent to the processing of your Personal Information (for one or more specific purposes) including through our website’s cookie notice and consent management mechanism in order to implement tracking technologies (as described in the ‘Cookies and Tracking Technologies’ section below). You may withdraw your consent at any time by contacting us at [email protected].

·   Processing is necessary for the performance of our contractual obligations towards you and providing you with our Services.

·   We process Personal Information in accordance with our legitimate interests, such as, as applicable, to improve and enhance our Services, to understand how our Services are used, to optimize our support operations, to maintain the security of our Services, and to protect or defend the Services and our rights.

·   Processing is necessary for complying with our legal obligations.

How We Use the Information

We use and share Personal Information in the manners described in this Privacy Policy. The information we collect, which may include your Personal Information, is used for the following purposes:

  • To set up your account and to provide the Services.
  • To identify and authenticate your access to the Services.
  • To communicate with you and to keep you informed of our latest updates and newsletters.
  • To market our website, products, and the Services.
  • To serve you personalized advertisements when you use the Services.
  • To perform research or to conduct analytics in order to improve and customize the Services to your needs and interests.
  • To support and troubleshoot the Services and to respond to your queries.
  • To investigate and resolve disputes in connection with your use of the Services.
  • We may share information, including Personal Information, in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale of an asset or transfer in the operation thereof) of the Company. In the event of the above, the acquiring company or transferee will assume the rights and obligations as described in this Privacy Policy.
  • To detect and prevent fraudulent and illegal activity or any other type of activity that may jeopardize or negatively affect the integrity and the security of the Services (including, but not limited to, fraud, misappropriation, infringements, identity thefts and any other misuse of the Services); and
  • To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request.


To Whom We Disclose Personal Information and For What Purpose

We do not disclose your Personal Information to third-parties except as described in this Privacy Policy.

We may disclose your Personal Information to the following recipients: (i) subcontractors and third-party service providers (e.g., payment providers); (ii) our business partners (including clinics and health practitioners, to whom we disclose your information per your request); (iii) auditors or advisers of our business processes; and (iv) any potential purchasers or investors in the Company.

In addition to the purposes listed in this Privacy Policy, we may disclose your Personal Information with the above-mentioned recipients for any of the following purposes: (i) storing or processing Personal Information on our behalf (e.g., cloud computing service providers); (ii) processing such information to assist us with our business operations; (iii) performing research, technical diagnostics, personalization and analytics.

We may also disclose Personal Information or any information you submitted via the Services if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our affiliates, our Users, yourself or any third-party; (vi) for the purpose of collaborating with law enforcement agencies; and (vii) in case we find it necessary in order to enforce intellectual property or other legal rights.

We disclose your health data with the above-mentioned recipients only when it is necessary for the provision of our Services, and in compliance with applicable laws. All third parties are required to adhere strictly to our privacy standards and regulatory requirements, ensuring the confidentiality and security of your data.

Third-Party Collection of Information

Our policy only addresses the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties via the Services (e.g., by clicking on a link to any other website or location) or via other sites throughout the Internet, different rules may apply to their use or disclosure of the information you disclose to them. You acknowledge that we are not responsible for the products, services, or descriptions of products or services that you receive from third-party sites and parties, or to the content or privacy practices of those, and that this Privacy Policy does not apply to any such third-party products and services. You are knowingly and voluntarily assuming all risks of using third-party sites to purchase products and services. You agree that we shall have no liability whatsoever with respect to such third-party sites and your usage of them.

Your Rights

Depending on the jurisdiction in which you reside, you may have certain rights under relevant applicable laws regarding the collection and processing of your Personal Data. To the extent these rights apply and concern you, you can contact us via the contact details available below and ask to exercise the following rights.

  • Access to Personal Information: You have the right to receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with supplementary information.
  • Right to deletion: You have the right to request that we delete any Personal Information collected from you and retained, unless an exception applies. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers, subcontractors, and consultants to delete) your Personal Information, unless an exception applies.
  • Right to opt-out of the Sale or Share of Personal Information:  You have the right to opt-out of the “sharing” of your Personal Information for “cross-contextual behavioral advertising” (all as defined under the CCPA), often referred to as “interest-based advertising” or “targeted advertising”. If you would like more information about how to opt-out of our Site’s use of tracking technologies, including interest-based advertising cookies, please use the browser mechanism and/or device mechanism and/or the links, as provided in the “Cookies and Tracking Technologies” section of this policy.
    • Right to correction: You may request that we correct any inaccurate or incomplete information we have about you.
    • Right to data portability: You have the right to obtain a copy of your personal information in a portable and usable format and to request that we transfer it to a third party.
    • Right to restriction or objection to processing: You have the right to require us to stop processing the Personal Data we hold about you, other than for storage purposes, in certain circumstances.
    • Right to withdraw your consent: To the extent we process Personal Data on the basis of your consent, you have the right to withdraw your given consent at any time.
    • Right to limit use and disclosure of your sensitive Personal Data: You have the right to request to limit the collection of your sensitive Personal Data, to that use which is necessary to perform our Services.
    • Right not to be subject to automated decision making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly effects to you.
    • Right to Non-Discrimination:  We will not discriminate against you for exercising any of your privacy rights. This includes not denying you goods or services, not charging you different prices or rates for goods or services, including through the denial of benefits or imposing penalties, not providing a different level or quality of services.

To exercise any of the above mentioned rights, you may contact us at: [email protected]. Each request will be processed in accordance with applicable legal requirements.

Only you or a person authorized to act on your behalf may make a consumer request related to your Personal Information.

The request must:

  • Provide sufficient information to allow us to reasonably verify whether you are the person about whom we collected Personal Information or an authorized representative.
  • Describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it.
  • We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

If you have any general questions about the Personal Information that we collect about you how we use it, please contact us using the details provided at the “How to Contact Us” section below.

In some jurisdictions, you have the right to appeal a rejection to your request. The appeal request shall be submitted to [email protected], or using the contact details specified in the “How to Contact Us” section in the Privacy Policy.

Designating Agents

You may designate an authorized agent to make requests regarding your personal information on your behalf. To do this, the following general steps should be followed:

·   Ensure that your designated agent is a natural person or a legally registered entity capable of acting on your behalf. Different states may have specific requirements for who can act as an authorized agent, so please refer to your local laws for precise definitions.

·   Provide a written declaration that clearly states you authorize the designated agent to act on your behalf. This declaration must be signed by you and, in some cases, notarized, depending on your state’s regulations.

When your authorized agent submits a request on your behalf (such as a request to exercise your right to know or your right to request deletion), mail a certified copy of your written declaration authorizing the authorized agent to act on your behalf using the contact information below. Additionally, we may still require you to verify your own identity directly with us to protect your privacy and security.

If you provide an authorized agent with power of attorney according to applicable probate laws (such as Probate Code sections 4000 to 4465), further verification of authorization might not be necessary.

Response Times

We aim to respond to all legitimate requests within the time frame required by law. If we require more time due to the complexity or number of requests, we will inform you of the extension period. If you are unsatisfied with our response, you can lodge a complaint with the applicable data protection supervisory authority.

Cookies and Tracking Technologies

We may use cookies and other technologies or methods of web and mobile analysis (e.g., pixels, beacons, etc.) to gather, store, and track certain information related with your access to and activity through the Services, including when you visit our website. A “cookie” is a small piece of information that a website assigns to your device while you are viewing a website. Cookies are very helpful and may be used for various different purposes. These purposes include, among other things, allowing you to navigate between pages efficiently, enabling automatic activation of certain features, remembering your preferences and making the interaction between you and the Services quicker, easier and smoother. Our website may use the following types of cookies:

  • Strictly Necessary Cookies: These cookies are essential to enable you to login, navigate around and use the features of a website, or to provide a service requested by you, for example by remembering items you have placed in an online shopping basket. We do not need to obtain your consent in order to use these cookies.
  • Functionality Cookies: These cookies allow the website to remember choices you make (such as your username, language, or the region you are in) and provide enhanced, more personal features. For instance, a website may be able to provide you with local weather reports or traffic news by using a cookie to store information about the region in which you are currently located, remember changes you have made to text size, fonts, and other parts of web pages that you can customize, and provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect remains anonymous and they cannot track your browsing activity on other websites.
  • Performance cookies: These cookies collect information about how you use a website, for example which pages you go to most often, and record difficulties you may experience while using the Website, for example error messages. All information collected by these cookies is aggregated and therefore anonymous. It is only used to improve the efficiency of the website.
  • Targeting Cookies or advertising Cookies: These cookies are used to deliver advertisements tailored to you and your interests. They are also used to limit the number of times you see an advertisement as well as to help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers.

How to manage your cookie settings

There are various ways in which you can manage and control your cookie settings. Please remember that, by deleting or blocking cookies, some of the features of the Services may not work properly or as effectively.

Google Chrome

Internet Explorer

Mozilla Firefox

Safari (Desktop)

Safari (Mobile)

Android Browser

For other browsers, please consult the documentation that your browser manufacturer provides.

You can learn more and turn off certain third party targeting and advertising cookies by visiting the following third party webpages:

European Interactive Digital Advertising Alliance (EU)
Internet Advertising Bureau (US)
Internet Advertising Bureau (EU)

We also use a tool called Google Analytics to collect information about your use of the Services. Google Analytics collects information such as how often users access the Services, what pages they visit when they do so, etc. We use the information we get from Google Analytics only to improve our Services. Google Analytics collects the IP address assigned to you on the date you visit sites, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Google’s ability to use and share information collected by Google Analytics about your visits to this site is restricted by the Google Analytics Terms of Service and the Google Privacy Policy.

For How Long We Retain the Information

Please note that unless you instruct us otherwise, we retain the information we collect for as long as needed to provide the Services and to comply with our legal obligations, resolve disputes and enforce our policies and agreements. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing client personal data, account opening documents, communications and anything else as required by applicable laws and regulations.

Transfer of Information Outside the EEA

Please note that some data recipients may be located outside the EEA. In such cases we will transfer your data only to such countries approved by the European Commission as providing adequate level of data protection, or enter into legal agreements ensuring an adequate level of data protection.

Privacy Notice For U.S Residents

This part of the Privacy Policy addresses the specific disclosure requirements under U.S. Privacy Laws.[1] Most of the statements, rights, and obligations described herein are common across all applicable U.S. Privacy Laws and are relevant to you to the extent determined by the laws of your state of residency.

A.    Collection, Disclosure, and Sharing of Personal Information

We do not “Sell” Personal Information, but we do “Share” Personal Information about you (in the meaning assigned to the terms “sell” and “share” under US Privacy Laws).

In the 12 preceding months, we have collected, disclosed or shared the following categories of Personal Information:

Privacy 1

When we disclose Personal Information, we ensure that the recipients only have access to such information that is strictly necessary for us to provide the Services. These parties are required to secure the Personal Information they receive, and to use it for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulation (such service providers may use other Non-Personal Data for their own benefit).

B.    Purposes for Collection, Usage & Sharing

In addition to the practices detailed above, we also use and disclose the Personal Information we collect for the following commercial and business purposes:

·   Auditing related to our interactions with you;

·   Legal compliance;

·   Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and necessary prosecution;

·   Debugging;

·   Performing services (for us or our service provider);

·   Internal research for technological improvement;

·   Internal operations;

·   Activities to maintain and improve our services; and

·   Other one-time or short-term uses.


C.    Sources of Personal Information 

In the 12 preceding months, we have collected the above-mentioned categories of Personal Information from the following category of sources:

·   Directly (information you provided to us): Through your activity on our Services.

·   Indirectly from You: We track your activities across the internet, for example, when you view or interact with certain content, web page, or ads, or when we collect your usage data automatically from measurement tools such as those implemented on our websites.

·   From Third Parties: For example, from advertising networks.


How We Protect Your Information

We take great care in implementing and maintaining the security of the Services and your information. We employ industry standard procedures and policies to ensure the safety of your information and prevent unauthorized use of any such information. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse the Services, and we make no warranty, express, implied or otherwise, that we will prevent such access.

If you feel that your privacy was treated not in accordance with our policy, or if any person attempted to abuse the Services or acted in an inappropriate manner, please contact us using the details provided at the “How to Contact Us” section below.


The Services are not intended for use by individuals under the age of majority as determined by applicable law in your jurisdiction (“Age of Majority“). If you are under the Age of Majority, you should not use the Services, or provide any Personal Information to us. We reserve the right to access and verify any Personal Information collected from you. In the event that we become aware that an individual under the Age of Majority has shared any information, we will discard such information. If you have any reason to believe that a minor has shared any information with us, please contact us .

Updates or Amendments to the Privacy Policy

We may revise this Privacy Policy from time to time, in our sole discretion, and the most current version will always be posted on our Services (as reflected in the “Last Updated” heading above). We encourage you to review this Privacy Policy regularly for any changes. Your continued use of the Services, following such amendments, constitutes your acknowledgement and consent of such amendments to the Privacy Policy.

How to Contact Us

If you have any general questions regarding the Services or the information that we collect about you and how we use it, please contact us at: [email protected] 

Or at: 16 Stuyvesant Oval, #MB, NY 10009, New York


EU and UK Residents may also contact our Data Protection Officer: [email protected]. Please use “Privacy Inquiry” or a similar clear indication of your inquiry topic in the subject line of your email.

[1] California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq., as amended by the California Privacy Rights Act of 2020, and the regulations enacted thereunder, Virginia Consumer Data Protection Act, Va. Civ. Code § 59.1, Colorado Privacy Act, 2021 Colo. ALS 483; 2021 Colo. Ch. 483; 2021 Colo. SB. 190, Connecticut Data Privacy and Online Monitoring Act, Conn. Gen. Stat. §42-515 et. Seq., Utah Consumer Privacy Act, Utah Code Ann. Title 13, Ch. 61, and additional US privacy laws as may be enacted or amended from time to time (collectively: “US Privacy Laws“)

This website uses cookies to ensure you get the best experience.