QUASAR Nexus | AI-Native Healthcare Ecosystem

1Introduction and Scope

QUASAR Nexus LLC ("we," "us," or "our") is committed to protecting the privacy of individuals using our AI-native healthcare solutions platform. This Privacy Policy describes how we collect, use, and safeguard personal data, including patient health information, in compliance with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the U.S. Health Insurance Portability and Accountability Act (HIPAA), and other applicable international data protection laws. It applies to all users of our services globally, including healthcare providers, patients, and other clients, and covers data processed through our AI-driven healthcare platform. Our practices adhere to core data protection principles such as lawfulness, fairness, transparency, purpose limitation, and data minimization. By using QUASAR Nexus, you consent to the practices described in this policy.

2Definitions

Personal Data:: Any information relating to an identified or identifiable individual (data subject). This includes identifiers like name, contact details, identification numbers, IP addresses, as well as health and genetic information that can identify a person. Under GDPR, health data is classified as a special category of personal data requiring enhanced protection. Under CCPA, "personal information" includes information that identifies, relates to, or could reasonably be linked with a particular California consumer or household.
Protected Health Information (PHI):: A subset of personal data, PHI refers to individually identifiable health information (e.g. medical records, lab results) that is held or transmitted by a HIPAA-covered entity or its Business Associate, subject to the HIPAA Privacy Rule.
QUASAR Nexus Platform:: Our suite of AI-driven healthcare software and services (including any websites, cloud services, or applications) that processes personal and health data.
User:: Anyone who uses our platform, including healthcare professionals (acting as data controllers for patient data) and patients or data subjects whose information is processed.

3Information We Collect

We collect and process personal data only as necessary to provide and improve our AI-native healthcare services, in accordance with data protection law requirements of adequacy and relevance. The types of data we may collect include:

Identification and Contact Data

Name, email address, phone number, job title, and organization, used for account creation, authentication, and communication.

Health and Medical Data

Patient health records, medical images, test results, treatment histories, symptoms, or other clinical information that our platform analyzes. We treat all such data as PHI under HIPAA when provided by covered healthcare entities, applying strict safeguards.

Usage Data

Platform usage logs, device identifiers, IP addresses, and cookies or similar tracking data (where permitted). This helps us secure the platform, detect fraud, and improve user experience.

AI Model Data

When users input data (such as patient information or prompts) for analysis by our AI algorithms, we process that input to generate results. We may also collect feedback on AI outputs to improve our algorithms.

We do not knowingly collect personal data from children under 13 (or applicable minimum age in certain jurisdictions) without verifiable parental consent. Our services are intended for use by adult professionals and authorized patients; if you believe a child's data has been provided to us improperly, please contact us and we will promptly delete it.

4How We Use Personal Data

We use personal and health data solely for specified, explicit, and legitimate purposes. The primary purposes for which QUASAR Nexus processes data include:

Service Delivery

To provide our core healthcare AI services – for example, analyzing patient data to assist in diagnosis or treatment recommendations, or generating predictive health insights.

Platform Operations

To maintain and secure our platform, including troubleshooting, data analytics, and improvement of algorithms. We implement privacy-by-design and privacy-by-default practices.

Improvement of AI Models

With appropriate legal basis, we may use data (often in aggregated or de-identified form) to train and refine our AI algorithms and machine learning models.

Communication and Support

To send service updates, respond to inquiries, provide customer support, and send necessary security or privacy notices.

Compliance and Legal Obligations

To comply with applicable laws, regulations, and court orders, and to enforce our agreements or protect our legal rights.

We will not use personal data in a manner that is incompatible with these purposes without obtaining additional consent. In particular, we do not sell personal informationas defined under CCPA.

5Legal Bases for Processing (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or other regions with similar laws, we process personal data only under a valid legal basis as defined in GDPR Article 6 and, for special categories like health data, Article 9:

Explicit Consent

In many cases, especially for processing health information, we obtain your explicit consent (or ensure that our client, such as your healthcare provider, has obtained it).

Performance of a Contract

We process basic personal data (like account information and any data you input) as necessary to perform our contract with you or the organization you represent.

Legal Obligation

In some cases, we must process or retain certain data to comply with legal obligations, such as maintaining transaction records for accounting.

Vital Interests

In rare emergency situations involving life or health, we may process personal data to protect someone's vital interests if they are incapable of giving consent.

Public Interest in Healthcare

Where applicable, we might process health data for public interest reasons in healthcare or epidemiological research, but only in strict compliance with local laws and ethical guidelines.

Legitimate Interests

We may process data as necessary for our legitimate interests, only if those interests are not overridden by individuals' rights.

6User Rights

Depending on your jurisdiction, you may have certain rights regarding your personal data, including the right to access, correct, delete, restrict, or object to our processing of your data, and the right to data portability. You may also have the right to withdraw consent at any time where we rely on your consent to process your data. For more information or to exercise your rights, please contact us at innovate@quasar.nexus.

7Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, resolve disputes, enforce our agreements, and as otherwise permitted by law.

8Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, alteration, or disclosure. These measures include encryption, access controls, regular security assessments, and staff training. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

9International Transfers

Your personal data may be transferred to and processed in countries outside of your country of residence, including the United States, where data protection laws may differ. When we transfer personal data internationally, we implement appropriate safeguards, such as Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms, to ensure your data is protected in accordance with applicable law.

10Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and improve our services. Where required by law, we obtain your consent before placing non-essential cookies. You can manage your cookie preferences through your browser settings or our cookie consent banner. For more information, please see our Cookie Policy.

11Contact Us

If you have any questions about this Privacy Policy, please contact us: