Privacy Policy

We at Daya Medicals, Inc. ("we", "us", "the Company", or "DayaMed") value your privacy and are committed to keeping your personal data confidential. This Privacy Policy explains how we collect, use, and protect the personal and health information of patients and their caregivers ("Users") who access our mobile application ("App") to manage remote care management services, including all relevant content and functionality associated with the App and our services (collectively, the "Services").

By accessing and/or using the App and Services, you are acknowledging that you have read and agree to the terms of this Privacy Policy.

Because we provide remote care management services, much of the health and physiological information we collect about you is considered Protected Health Information ("PHI") under the Health Insurance Portability and Accountability Act ("HIPAA").

We collect information to provide you with a secure and effective mobile experience. This includes:

• Demographic & Profile Data: Information used to create your User Account, which may include your name, email address, and phone number.
• Health & Physiological Data: Medication adherence data and/or other physiological data collected for the purpose of providing remote care management services.
• Support Data: Technical or other information collected through log files if you contact us for support or to lodge a complaint.
• Technology Data: Information automatically collected as you navigate the App, including your IP address, device identification numbers, operating system, and date/time stamps.

DayaMed processes your Personal Data based on the fulfillment of our Services to you, compliance with our legal obligations, and/or your consent.

• To enable you to connect with your providers so they can monitor patient progress and overall condition as they deem appropriate.
• To fulfill our obligations to you and provide the remote care management services.
• To communicate with you about and manage your User Account.
• To evaluate the quality of service you receive and improve your user experience.
• To keep our App and Services safe and secure.
• To respond to lawful requests from public and government authorities, and to comply with applicable state/federal law.

We only use or disclose your Personal Data when it is legally mandated or where it is necessary to fulfill the purposes described in this Privacy Policy.

• Your Healthcare Providers: To ensure your clinical team receives your medication adherence data and/or other physiological data to provide remote care management services.
• Business Partners & Vendors: Third-party companies that facilitate our Services, provide data hosting, IT services, customer services, or assist us in analyzing how our Services are used. Our Business Partners are contractually bound to protect your Personal Data.
• Government & Law Enforcement: When reasonable and necessary to comply with legal processes, enforceable governmental requests, or as otherwise required by law.
• Business Transfers: In the event of a reorganization, merger, sale, or other disposition of all or any portion of DayaMed's corporate entity or assets.

DayaMed understands the importance of data confidentiality and security.

• We store Personal Data on secured servers in the United States and use a combination of technical, administrative, and physical safeguards.
• Our safeguards include, but are not limited to, authentication, encryption, backups, and access controls.
• You are solely responsible for preventing unauthorized access to your User Account by protecting your account credentials and limiting access to your devices.
• While DayaMed uses reasonable security controls, we cannot guarantee or warrant the security or integrity of any Personal Data transmitted over the Internet.

As a user of DayaMed's Services, you have certain rights relating to your Personal Data, subject to local data protection and privacy laws:

DayaMed does not knowingly collect Personal Data from individuals under the age of 18, and our Services are not directed to individuals under the age of 18. If we learn that Personal Data from users under the age of 18 has been collected, we will deactivate the User Account associated with that data and take reasonable measures to promptly delete such data from our records.

If you are a California resident, the California Consumer Privacy Act ("CCPA") may apply to you. Under California Civil Code sections 1798.83–1798.84, California residents are entitled to ask for and obtain from us an annual list identifying the categories of personal customer information which we shared, if any, with our affiliates and/or third parties in the preceding calendar year for marketing purposes.