Privacy Policy

Magic Health, Inc., d/b/a Nolla Health (“Nolla Health” or “we” or “us”) respects your privacy and is committed to protecting your privacy through our compliance with this privacy notice (our “Privacy Notice”). Please read this Privacy Notice carefully to understand our policies and practices regarding your Personal Information (defined below).
If you do not agree with our Privacy Notice, your sole option is to not use our Platform.

By checking the box and agreeing to our Privacy Notice during the account registration process or accessing or using our Platform, you are agreeing to this Privacy Notice. This Privacy Notice may change from time to time, as we update it to ensure it stays current. Your continued use of our Platform after we make changes is deemed to be acceptance of those changes, so please check this Privacy Notice each time you access our Platform for updates.

This Privacy Notice describes the types of Personal Information we may collect, use, maintain, protect, disclose, or otherwise process about you when you visit our website located at: https://nollahealth.com (our “Website”) or install and use Nolla Acne, our mobile or desktop application that you download from an authorized distribution site, such as the Apple App Store® (our “Application” or “App”) , the reasons why and how we collect, use, maintain, protect, disclose, or otherwise process that information. When we use the term “Platform,” we mean our Website, App, and administrative and technology services that assist your healthcare providers provide the medical treatment to you.

Throughout this Privacy Notice, the term “Personal Information” means any information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual. However, Personal Information does not include any deidentified or aggregated information.

It is important to know that Nolla Health is not a medical group or a health care provider; instead we are a technology company that provides the Platform, which allows you to connect with a healthcare provider and receive the clinical and medical services (the “Services”). Nolla Health provides its users with the ability to obtain a telemedicine consultation through the Platform by connecting you with independent medical practices such as SteadyMD, Inc., SteadyMD Physician Group, P.C. (Missouri), SteadyMD Physician Group California, P.C., SMDMP Physician Group, P.C. (New Jersey), SMD Steady Physicians, P.A. (Florida), SteadyMD Physician Group, P.C. (Michigan), and SteadyMD Colorado Physician Group, P.C. (collectively the “Practice”). The Practice contracts with or employs appropriately licensed health care providers (each, a “Provider”) that are able to provide you the Services through our Platform.

When Does Our Privacy Notice Apply?

This Privacy Notice applies to information we collect:

• on our Platform

• when we communicate in person, such as on the phone or through a telehealth visit;

• in email, text, and other electronic messages between you and Nolla Health.

When Does Our Privacy Notice Not Apply?

It does not apply to information collected by:

• us offline or through any other means, including on any other website operated by Nolla Health or any third-party (including our affiliates and subsidiaries);

• us or any of our affiliates or subsidiaries related to your or any other individual’s employment or

potential employment with us; or

• any third party (including our affiliates and subsidiaries), including through any application or

content (including advertising) that may link to or be accessible from or on the Website

This Privacy Notice also does not apply to information collected from users who log-in to the password-protected and secure portions of our Platform (the “Secure Platform”). The Secure Platform allows users who obtain the Services (“Customers”) to perform certain functions or obtain the Services (such as telehealth visits from the Providers). All information collected and stored by us or added by Customers into the Secure Platform is considered individually identifiable health information as such term is defined by applicable state laws that apply to that information and governed in accordance with such laws. How we use and disclose such information is in accordance with the applicable Notice of Privacy Practices provided to you by the Practice.

Our Privacy Notice and Terms of Use

This Privacy Notice is incorporated into our Terms of Use, which also apply when you use our Platform.

Our Platform is not intended for individuals under 13 years of age and we do not knowingly collect Personal Information from individuals under 13. If you are under 13, do not use or provide any information on our Platform or on or through any of its respective features. This means that if you are under the age of 13, you must not register on or through the Platform, make any purchases through the Platform, use any of the interactive or public comment features of our Platform, or provide any Personal Information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Information from an individual under 13 without verification of parental consent, we will delete that information. If you believe we might have any information directly from an individual under 13, please contact us at hello@nollahealth.com.

We collect most Personal Information directly from you, for example, when you interact with our Platform or we speak to you by phone, text message, and email. We also collect Personal Information from various other sources, including:

• automatically as you navigate through or otherwise use the Platform;
• when you make payments through the Platform, such as for the Services;
  - Stripe. Our payment processor is Stripe. To learn more about how Stripe uses your Personal Information, we encourage you to visit Stripe’s privacy policy at https://stripe.com/legal/privacy-center.
• from our service providers, including:
  - Curexa. To learn more about how Curexa uses your Personal Information, we encourage you to visit https://curexa.com/terms-and-conditions/.
  - SteadyMD. To learn more about how SteadyMD uses your Personal Information, we encourage you to visit https://www.steadymd.com/privacy-policy/.
  - Twilio. To learn more about how Twilio uses your Personal Information, we encourage you to visit https://www.twilio.com/en-us/privacy.
• when you contact Nolla Health directly, such as when you contact our Customer Support team, and we receive the contents of your message or any attachments you may send to us, as well as any additional information you choose to provide; and
• from third parties, such as your health care providers.

We will also collect information automatically as you navigate through our Platform. We use the following technologies to automatically collect data:

• Cookies. We and our service providers may use cookies, web beacons, and other technologies to receive and store certain types of information whenever you interact with our Platform or Services through your computer or mobile device. A “cookie” is a small file or piece of data sent from a website and stored on the hard drive of your computer or mobile device. Some of the cookies we use are "session" cookies, meaning that they are automatically deleted from your hard drive after you close your browser at the end of your session. Session cookies are used to optimize performance of the Website and to limit the amount of redundant data that is downloaded during a single session. We also may use "persistent" cookies, which remain on your computer or device unless deleted by you (or by your browser settings). We may use persistent cookies for various purposes, such as statistical analysis of performance to ensure the ongoing quality of our Platform and/or the Services. We and third parties may use session and persistent cookies for analytics and advertising purposes, as described herein. On your computer, you may refuse to accept browser cookies by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting you may be unable to access or use certain parts of our Platform or the Services. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Platform.
• Google Ads. To learn more about how Google Ads uses your Personal Information, we encourage you to visit https://policies.google.com/privacy.
• Google Analytics. To learn more about how Google Analytics uses your Personal Information, we encourage you to visit https://policies.google.com/privacy.
• Facebook Pixels. To learn more about how Facebook Pixels uses your Personal Information, we encourage you to visit https://www.facebook.com/privacy/policy/.
• Instagram. To learn more about how Instagram uses your Personal Information, we encourageyou to visit https://help.instagram.com/155833707900388.
• LinkedIn. To learn more about how LinkedIn uses your Personal Information, we encourage you to visit https://www.linkedin.com/legal/privacy-policy.
• PostHog. To learn more about how PostHog uses your Personal Information, we encourage you to visit https://posthog.com/privacy.
• Twitter. To learn more about how Twitter uses your Personal Information, we encourage you to visit https://x.com/en/privacy.

Information You Provide to Us

We collect the following types of Personal Information directly from you when you access or use our Platform: real name; postal address; unique personal identifier; online identifier; IP address; email address; account name; driver’s license number; state ID number; passport number; telephone number; insurance policy number; medical information; health insurance information; signature of any kind (physical or electronic); physical characteristic or description; other financial information; age; race; color; ancestry; medical condition; physical/mental disability; sexual orientation; genetic information (including familial genetic information); sex/sex life (including gender identity, gender expression, pregnancy or childbirth, and related medical conditions); personal property; products or services purchased, obtained, or considered; other purchasing or consuming histories or tendencies; faceprints; iris/retina scans; sleep data; exercise data; genetics; physiological characteristics; behavioral characteristics; biological characteristics; and other biometric information.

The Personal Information we collect on or through our Platform includes:

• information that you provide by filling in forms on our Platform. This includes information provided at the time of registering to use our Platform, subscribing to our service, or requesting further services. We may also ask you for information when you report a problem with our Platform;
• if you contact us, records and copies of your correspondence (including email addresses);
• your responses to surveys that we might ask you to complete for research purposes;
• details of transactions you carry out through our Platform and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Platform;
• your search queries on the Platform; and
• information regarding health conditions to provide you with the Services and to provide your Provider with the information required to provide medical treatment through the Platform.

Health Information

Some Personal Information we collect may constitute health information. As set forth above, your Provider will provide you with a Notice of Privacy Practices describing their collection and use of your health information, not Nolla Health. We will only collect and use health information for the purposes of providing the Services and as otherwise permitted by applicable law. We may combine your health information with Personal Information that we have either obtained from you or through a third-party, such as your Provider, health insurer, employee benefits program, or other health care providers, where permitted by law.

Information We Collect Through Automatic Data Collection Technologies

We may also use automatic data collection technologies to collect certain Personal Information about your interaction with our Website. This can include information about your equipment, browsing actions, and patterns, such as:

• details of your visits to our Website, including IP-based location data (which may be used to locate the city and state that you are in when you access our Website but cannot be used to precisely locate you), as well as the resources that you use or otherwise interact with on or through the Website;
• information about your computing device and Internet connection, such as your browsing history, search history, traffic data, log file information, operating system, browser type, mobile network information, device ID, and advertising ID; and
• information collected through cookies (or browser cookies) running on our Website. Cookies are small data files placed on your computer that allow us to collect certain information whenever you visit or interact with our Website. Some of these cookies are managed by us (first-party cookies), while others are managed by third parties that we do not control (third-party cookies).

With your consent, we use information that we collect about you or that you provide to us, including any Personal Information:

• to fulfill or meet the reason that the individual provided the information;
• in the event of a merger, divestiture, restructuring, etc.;
• to respond to law enforcement requests;
• to defend against claims or to protect your rights, employees, or property;
• to enforce our Terms of Use, billing, or other contract-related activities;
• to provide, support, personalize, or develop the services provided;
• to maintain, customize, and secure your account (including notices about subscriptions, expiration, and renewals, if applicable);
• to process your requests, purchases, transactions, and payments and/or to prevent transactional fraud;
• to send newsletters and other similar communications;
• to administer surveys, sweepstakes, promotions, and other contests;
• to allow you to participate in the interactive features of our Website;
• to provide you with support and to respond to your inquiries (including to investigate and address concerns and monitor/improve responses);
• to perform behavioral/targeted advertising (including auditing related to behavioral advertising);
• to perform advertising or marketing of our or our affiliates’ products and services;
• to perform advertising or marketing of a third-party’s products and services;
• to help maintain the safety, security, and/or integrity of our business, Website, products, Services, databases, and other technology assets;
• for internal testing, research, analysis, and product development, including to develop and improve our websites and applications, and to develop, improve, or demonstrate our products and services (including the training and/or retraining of AI applications);
• to perform services on behalf of a third-party;
• to undertake activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by Nolla Health;
• to facilitate medical review and prescription by licensed third-party physicians;
• to deliver compounded topical prescriptions via partner pharmacies;
• to improve diagnostic accuracy of AI through model refinement using de-identified data;
• to notify users of expiring treatments, follow-up needs, or reminders; and
• as otherwise described to you when collecting your Personal Information or as otherwise set forth by law.

We do not share, sell, or otherwise disclose your Personal Information for purposes other than those outlined in this Privacy Notice. However, we may use or disclose de-identified information about our users, and information that does not identify any individual, without restriction.

We may disclose Personal Information that we collect or you provide as described in this Privacy Notice:

• to our subsidiaries and affiliates, who may similarly use your information in the manner described in this Privacy Notice;
• to service providers, business partners, advertisers/advertising networks, affiliates/parents/subsidiaries, analytics companies, social media companies, behavioral advertising companies, and other third parties we use to support our business. These entities provide the following services on our behalf: IT and infrastructure support; account management and administration; analytics pertaining to our Website; email; product fulfillment; shipping and delivery; payment processing; and providing financing (among other similar services);
• to a potential or actual buyer or other successor in the event of a planned or actual merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Nolla Health’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Nolla Health about you is among the assets transferred;
• to fulfill the purpose for which you provide it;
• for any other purpose disclosed by us when you provide the information; and
• with your consent (if required by law) or as otherwise permitted by applicable law.

We may also disclose your Personal Information as necessary to:

• comply with: (i) federal, state, or local laws, or to comply with a court order or subpoena to provide information; (ii) civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities; and/or (iii) certain government agency requests for emergency access to your Personal Information if you are at risk or in danger of death or serious physical injury;
• cooperate with law enforcement agencies concerning conduct or activities that we (or one of our service providers) believe may violate federal, state, or local law;
• exercise or defend legal claims and to enforce or apply our Terms of Use and other agreements;
• engage in any actual or contemplated merger, acquisition, asset sale or transfer, financing, bankruptcy, dissolution, or restructuring of (or similar transaction involving) all or part of our business; and/or
• protect the rights, property, or safety of Nolla Health, its customers, or others.

We do not control the collection and use of your information collected by third parties described above in Disclosure of Your Information. These third parties may aggregate the information they collect with information from their other customers for their own purposes.

In addition, we strive to provide you with choices regarding the Personal Information we have collected about you. We have created mechanisms to provide you with control over your Personal Information:

• Cookies. You can adjust the settings in your browser’s settings to refuse all or some cookies. If you disable or refuse cookies, please note that certain parts of our Website may be inaccessible or may not function properly. Y ou may also disable our use of any non-essential cookies (e.g., analytics cookies) through the cookie consent manager on our Website. You can find more information about cookies at http://www.allaboutcookies.org.
  As noted above, we do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can learn more about interest-based advertisements and your opt-out rights and options from members of the Network Advertising Initiative on its website (www.networkadvertising.org) and from members of the Digital Advertising Alliance on its websites by visiting www.aboutads.info (U.S. residents). Please note that you may continue to receive generic ads that are not based on your preferences.
• Direct Marketing/Promotional Offers from Nolla Health. We may send promotional or marketing-related emails and text (SMS) messages to you, and where required by law, we will obtain your consent to do so. You may opt out of such communications at any time by clicking the “unsubscribe” link at the bottom of the email or replying “STOP” to a text (SMS) message.

Nolla Health operates subject to state and federal regulations, and the Platform and/or the Services may not be available in your state. You represent that you are not a person barred from enrolling for or receiving the Services under the laws of the United States or other applicable jurisdictions in which you may be located. Access to and use of the Platform and/or the Services is limited exclusively to users located in states and districts within the United States where the Platform and/or the Services are available. Accessing the Platform and/or obtaining the Services from jurisdictions where content is illegal, or where we do not offer the Platform and/or the Services, is prohibited.

Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. Our Website is not designed to honor such signals and some similar mechanisms that may be sent by your browser or device and we may limit the Personal Information or other information we collect and/or how we use your Personal Information or other information based upon whether such a signal is transmitted by your browser or device and received by us.

We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. The measures include, but are not limited to, implementation of technical, organizational, and physical controls to safeguard Personal Information.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website and Applications, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we have implemented measures to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to our Website or through our Applications. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures deployed on the Website or through our Applications except where required by law.

Our Platform may contain links to third-party websites or services that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other websites or services. The privacy practices of these third parties, including details on the information they may collect about you, are subject to the privacy statements of these parties, which we suggest you review.

We may change this Privacy Notice at any time. It is our policy to post any changes we make to our Privacy Notice on this page with a notice that the Privacy Notice has been updated on the Website’s home page. If we make changes to how we treat our users’ Personal Information, we will notify you by email to the email address specified in your account and through a notice on the Website’s home page. The date this Privacy Notice was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this Privacy Notice to check for any changes. Your continued use of our Platform following the posting of changes constitutes your acceptance to such changes.

If you have any questions, concerns, complaints, or suggestions regarding our Privacy Notice or the ways in which we collect and use your Personal Information described in this Privacy Notice, have any requests related to your Personal Information pursuant to applicable laws, or otherwise need to contact us, you may contact us at the contact information below or through the “Contact” page on our Website or in our Applications.

Magic Health, Inc.
Address: 45 E 20th St., 11th Floor, c/o Verci Magic Health, Inc., New York, NY 10003
Email: hello@nollahealth.com