Unified Privacy Policy

Effective Date: January 25, 2026

NaviaCAIR LLC ("NaviaCAIR") operates the NaviaCAIR software platform and the "Patient Support Research" initiative. This policy explains how we handle data across our research surveys, pilot program, and software services.

In plain English

We use your documents to generate the summaries and action plans you request.
We do not sell your personal information.
We design the workflow to minimize identifiers (redaction-first), and you review redactions.
We’re building toward stronger storage/security controls in AWS; during the pilot we limit access and retention.
You can request deletion at any time by emailing us.

1. Information We Collect

We collect data in two primary contexts:

Research & Contact Data: Information voluntarily submitted via Facebook Lead Forms or surveys, including contact details (name, email) and responses concerning healthcare literacy challenges.
Pilot Program Data: If you participate in our software pilot, we process the health documents (e.g., discharge summaries, notes) you voluntarily upload to generate insights.

2. How We Use Your Information

Service Delivery: To generate plain-language summaries and action plans using our AI engine.
Research Analysis: To analyze aggregated trends in patient health literacy.
Communication: To send beta access invitations and request constructive feedback.

3. De-Identification Standards (Safe Harbor)

We may use de-identified data to improve our internal AI models. We employ automated technologies designed to detect and redact the 18 identifiers listed under the HIPAA Privacy Rule "Safe Harbor" Method (45 CFR § 164.514(b)(2)).

Our systems are configured to target the following for removal:

View the 18 Safe Harbor identifiers we check for

1. Names
2. Geographic subdivisions smaller than a State (Street, City, Zip)
3. Elements of dates (except year) directly related to an individual (e.g., birth date, discharge date)
4. Telephone numbers
5. Fax numbers
6. Electronic mail addresses
7. Social security numbers
8. Medical record numbers
9. Health plan beneficiary numbers
10. Account numbers
11. Certificate/license numbers
12. Vehicle identifiers and serial numbers (e.g., license plates)
13. Device identifiers and serial numbers
14. Web Universal Resource Locators (URLs)
15. Internet Protocol (IP) address numbers
16. Biometric identifiers, including finger and voice prints
17. Full face photographic images
18. Any other unique identifying number, characteristic, or code

Disclaimer: While we utilize advanced redaction technology, no automated system is infallible. We cannot guarantee 100% removal of all identifiers in every instance. We rely on a combination of automated scrubbing and user verification to protect privacy.

4. Data Security & AI Processing

Strict Prohibition on Sale: We assure you that your personal information will never be sold, rented, or traded to third parties, advertisers, or data brokers.

AI Processing vs. Training: We utilize proprietary and Enterprise third-party APIs to process your documents. We have configured these services with strict privacy settings (such as "Zero Data Retention" or "Opt-Out") that technically prohibit these providers from using your data to train their public foundation models. Your data is processed securely to generate your summary and is not used to teach their public AI.

Security Measures: We use safeguards designed to protect data during transfer and storage. We are actively implementing stronger controls as we migrate to secure AWS storage (including encryption at rest, tighter access controls, and auditing). Access is restricted solely to the primary research and engineering team.

5. Your Rights (Deletion & Opt-Out)

You retain full control over your participation:

Unsubscribe: You may opt out of communications by replying "Unsubscribe" to any email.
Data Deletion: You may request the permanent deletion of your upload history and contact profile at any time by contacting us via the pilot page. Note that de-identified data already aggregated into training sets cannot be extracted.

6. Contact Us

For questions or deletion requests, email us at contact@naviacair.com.