Privacy Policy
Last modified: January 31, 2025

1. Introduction

As part of our mission through our Firefli products and services, Novel Ventures, LLC, a Texas limited liability company (“Company”, “Firefli”, “we”, “us”, or “our”) collects and processes a lot of information! 

This privacy policy (this “Privacy Policy”) is intended to help you better understand how we collect, use and store your information, including your personal information—whether you are a client or end user that uses Firefli’s products, applications or services (together, the “Services”), or whether you’re simply visiting this website or otherwise accessing or using our applications and platforms (collectively the “Firefli Interfaces”). By using any of Firefli’s Services or accessing any of the Firefli Interfaces as a guest, invitee, consumer, or user, you are agreeing to the terms of this Privacy Policy and you understand that we would not make our Services available to you otherwise.

This Privacy Policy applies to information we collect through any of our Firefli Interfaces, in email, text, or other electronic messages between you and the Company, through mobile and/or desktop applications that you may download from or that otherwise compose any part of the Firefli Interfaces, or otherwise when you interact with our advertising and applications on third-party websites if those applications or advertising include links to this policy. This Privacy Policy does not apply to information collected by us offline or through any other means not set forth herein, including on any other website we operate or any third-party. 

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree to the terms of this Privacy Policy, you must not access or use any of the Firefli Interfaces or our Services and must immediately delete any copies or instances thereof. By accessing, using, or downloading any of the Firefli Interfaces or by otherwise using our Services, you agree to this privacy policy and further agree to be bound by the terms incorporated herein. Terms not otherwise defined herein shall have the meaning ascribed to them in our Terms of Service. 

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our privacy practices or for other operational, legal, or regulatory reasons. If we make material changes to this Privacy Policy, we will give you notice of such changes by posting the revised policy on the home page of [www.fireflihealth.com] (our “Website”), and where appropriate, by other means. By continuing to use this website or our Services after any such changes are posted, you shall be deemed to accept such revisions and thereafter agree to the revised policy.

1. Persons under the Age of [18]

The Firefli Interfaces are offered and available to users who are 18 years of age or older and who are not otherwise prohibited, by law or otherwise, from receiving the Services and/or accessing the Firefli Interfaces. In order to create an account through any of the Firefli Interfaces, you must be 18 years of age or older. Our Firefli Interfaces are not intended for persons under 18 years of age. No one under age 18 may provide any information to the Company on or through the Firefli Interfaces. We do not knowingly collect personal information from persons under 18. If you are under 18, do not use or provide any information on or through the Firefli Interfaces or through any of its features, register on the Firefli Interfaces, use any of the interactive or public features of the Firefli Interfaces that may be available from time to time, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. 

If we learn we have collected or received personal information from anyone under 18 without verification of parental consent, we will delete such information. If you believe we might have any information from or about a person under 18, please contact us at the contact information provided below in the contact information section herein. If any information collected by us at any time is governed by the Children’s Online Privacy Protection Act (“Coppa”), a U.S. law designed to protect the online privacy of children under the age of 13, we will use commercially reasonable efforts to fully comply with Coppa before asking for any personal information of a minor unless such information falls under an exception to Coppa. We do not intentionally collect any personal information relating to a minor at any time, for any reason, nor do we enable children to create accounts with our Firefli Interfaces or permit access thereto without parental consent. Parents may contact us at the contact information provided below in the contact information section if a parent believes we possess any personal information belonging to or related to their child and we will review, update, or delete any such information within a reasonable time following such request.

1. Information from business clients

Privacy matters! If you are a business to business client of our Services, your customers need to understand how you (and how Firefli) collect and process their personal information. Accordingly, if you use the Services as a business to business client of ours, you agree to post an up-to-date and accurate privacy policy on your website that complies with the laws applicable to your business. You also agree to obtain consent from your customers for the use and access of their personal information by Firefli and other third parties if you provide such information to us for our provision of Services or otherwise through our Firefli Interfaces. In addition, if you are collecting any sensitive personal information from your customers (including information relating to medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or sexuality), you agree to obtain affirmative, express consent from your customers for the use and access of sensitive personal information by Firefli and other third parties before you provide such information to us for our provision of Services or otherwise through our Firefli Interfaces.

1. What information do we collect from you and why?

While registering for an account, visiting our website, filling in forms, contacting us, or using our Services and/or Firefli Interfaces, we may collect or ask you to provide certain personal information that can be used to contact or identify you. In some instances, depending on which Services you request, you may be asked to provide us with various categories of sensitive personal information. By providing us with this information, you consent to our use of your sensitive personal information in accordance with this privacy policy. The Company uses the Firefli Interfaces to offer various products and services offered by the Company from time to time to assist its customers with analyzing certain biometric information and quantifying the results of certain health related habit changes, which may necessarily involve you providing specific categories of sensitive personal information to the extent you desire to utilize such reporting services.

Personally identifiable information may include, but is not limited to:

• First name and last name

• Email address

• Phone number

• Website URL

• Address, State, Province, ZIP/Postal code, City

• Any personal data you post on our website

• Data about how you use our website

• Data about you but individually does not specifically identify you

• Data that may be considered sensitive information by one or more applicable laws, which may include account login credentials and/or geolocation

• Payment information you provide for payment of fees

• Technical data such as your IP address, your login data, details about your browser, time zone settings and other technology on the device you use to access our website

• Your marketing and communication preferences

• Any information that you directly provide to us whether through our contact form, over the phone, by email or otherwise

• Photographs of you at events

• Cookies and Usage Data

We may use your Personal Data (as that term is defined under the most recent GDPR rules and regulations) to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send, by contacting us at [info@fireflihealth.com], or by canceling your account. We may use this information to provide you with our Services; for example, to confirm your identity, contact you, provide you with advertising and marketing, and invoice you. We also use this information to make sure that we comply with legal requirements. Other uses of this data includes:

• To provide, improve, and maintain our Services, including providing you personalized insights about the information you supply to us.

• To notify you about changes to our Service

• To allow you to participate in interactive features of our Service when you choose to do so

• To provide customer support

• To gather analysis or valuable information so that we can improve our Service and our website, and also to provide you insights regarding your performance and wellbeing to benefit you personally.

• To monitor the usage of our Service

• To detect, prevent and address technical issues

• To protect your privacy 

• To enable third-party integrations

• To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information

We collect data about the Firefli Interfaces that you visit. We also collect data about how and when you access your account and the Firefli Interfaces, including information about the device and browser you use, your network connection, your IP address, and information about how you browse through the Firefli Interface, the data you upload, and the analyses performed on such data. We collect information provided at the time of registering to use our Services, when creating or updating a profile, when you subscribe to our Services, or when we ask you for it and you provide it. We collect information when we correspond with you, when you fill out surveys, or as collections of details of transactions or interactions you carry our with our Firefli Interfaces.

You also may provide information and data to us for our review, analyses and reporting purposes. The information and data you supply may be published or displayed (hereinafter, “posted”) on certain private and/or public areas of the Firefli Interfaces that may be created from time to time or transmitted to other users of the Firefli Interfaces or third parties (collectively, “User Contributions”). Your User Contributions may be posted on and/or transmitted to others at your own risk. Although we limit access to user accounts, individual reporting, preferences, and transactions, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Firefli Interfaces with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

We may use this information to give you access to and improve our Services; for example, to make our Firefli Interfaces easier to use. We also use this information to personalize the Services for you. Finally, we may use this information to provide you with advertising or marketing.

Upon completing the sign-up process for the Services, and depending on your location, we (or our third-party payment processor in reference to payments to be made hereunder) may collect (a) your payment information and create a payments account on your behalf, and (b) information like your address, date of birth, bank account information and government-issued identification information, such as your Social Security Number. We may use this information to create a payments account for you, to provide you with payments services, including fraud and risk monitoring, and to comply with applicable legal and regulatory requirements.

We may collect personal information about you or, if you are a business to business client, your customers, that you share with us or that customers provide while utilizing various tracking we deploy through third-party tracking systems. We may use this information to provide you with our Services and so that you can better serve your customers.

Where we need to verify your identity (for example, if there are concerns around identity theft, or if you call into support and we need to authenticate your account), we may request that you provide us with government-issued identification information. We may use some of the personal information you provide us to conduct some level of automated decision-making — for example, we may use certain personal information to help us screen accounts for risk or fraud concerns. We will also use personal information in other cases where you have given us your express permission.

We may use certain biometric information you provide in order to provide reports and analyses to you. You understand you are solely responsible for the accuracy of the data and information that we receive and analyze on your behalf. We reserve the right to aggregate and anonymize any data provided to us. 

Please note some of the data we process, including any data concerning your health and biometrics – such as heart rate, movement data, temperature data, duration of sleep, sleep phases, activity data, and other similar categories, are considered special or sensitive and we process such information only if you have given your consent for such processing. 

1. When do we collect this information?

We collect personal information when you sign up for our Services, when you access our Services, our Firefli Interfaces, or otherwise provide us with the information, including through automated technologies. We collect this information automatically as you navigate to or through the Firefli Interfaces, equipment, and systems. 

We also partner with third parties who provide us information about clients or prospective clients, for example to help us screen out clients associated with fraud.

1. When and why do we share this information with third parties?

Firefli works with a variety of third parties and service providers to help provide you with our Services and we may share personal information with them to support these efforts. Firefli uses third-party service providers to store personally identifiable information. In those instances, the information is stored on servers and databases beyond our direct control. The information may be stored and processed by Firefli’s third parties and service providers in any country that such third party or service provider stores or processes information.

We may also share your information in the following circumstances:

• to prevent, investigate, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.

• to help us conduct marketing and/or advertising campaigns.

• to conform to legal requirements, or to respond to lawful court orders, subpoenas, warrants, or other requests by public authorities (including to meet national security or law enforcement requirements).

Firefli will always ask for your consent before sharing your personal information with third parties for purposes other than those described in this Section. Firefli is responsible for all onward transfers of personal information to third parties in accordance with the EU-U.S. Privacy Shield Framework, the Swiss-U.S. Privacy Shield Framework, and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), including other similarly situated privacy regulatory schemes.

1. Information from cookies and similar tracking technologies

Cookies, scripts, beacons, and other tracking technologies are used by Firefli. These tracking technologies are used for purposes of this Website, the Firefli Interfaces, and the Services, to recognize your device, track your movements around this website, provide you with a personalized user experience on our websites, remember your user settings, obtain demographic and web information, and for analytics and authentication. We also use cookies as part of the Services, for example to operate the login for our platform(s). We also use cookies to serve targeted ads from third-party vendors.

Our third-party advertising partners may use cookies to track your prior visits to our websites and elsewhere on the Internet in order to serve you targeted ads. For more information about targeted or behavioral advertising, please visit https://www.networkadvertising.org/understanding-online-advertising.

Opting out: You can opt out of targeted ads served via specific third party vendors by visiting the Digital Advertising Alliance’s Opt-Out page. Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

The information we collect automatically may include personal information or we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Firefli Interfaces and to deliver a better and more personalized service, including by enabling us to:

• Estimate our audience size and usage patterns.

• Store information about your preferences, allowing us to customize our Firefli Interfaces according to your individual interests.

• Speed up your searches.

• Recognize you when you return to our Firefli Interfaces.

For a deeper understanding of Cookies, here is more information on Cookies in general and how we use them:

What are cookies?

A cookie is a small amount of information that’s downloaded to your computer or device when you visit certain websites. We may use a number of different cookies on the Firefli’s websites and others, including performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

What cookies do we use and why?

Some cookies are necessary to allow you to browse our website or other websites, to use its features, and access secure areas. The use of these cookies is essential for the website to work. For example, we may use user-input cookies for the duration of a session to keep track of a user’s input when filling in forms that span several pages.

We also use functional cookies to remember choices you’ve made or information you’ve provided, such as your username, language, or the region you are in. This allows us to tailor your website experience specifically to your preferences. For example, authentication cookies are functional cookies that are used for the duration of a session (or persistent, if you agree to the “remember me” function) to allow users to authenticate themselves on subsequent visits or to gain access to authorized content across pages. The functional cookies we may use from time to time could include, but are not limited to:

User-centric security cookies to detect authentication abuses for a limited persistent duration, like repeated failed login attempts. These cookies are set for the specific task of increasing the security of the service.

Multimedia content player session cookies (flash cookies) are used for the duration of a session to store technical data needed to play back video or audio content (e.g. image quality, network link speed, and buffering parameters).

Load balancing session cookies are used for the duration of the session to identify the same server in the pool in order for the load balancer to redirect user requests appropriately.

User interface customization persistent cookies are used to store a user’s preference regarding a service across web pages.

Firefli is dedicated to creating a memorable and functional user experience, and we may use many tools to help us improve our website and our platform. To this end, we may use reporting and analytics cookies to collect information about how and how often you use our Firefli Interfaces, various user activity, click and scroll movement, and page content. We may use these analytics cookies to estimate the number of unique visitors and/or to improve our websites and Firefli Interfaces. We also use third-party analytics providers to help measure how users interact with website content. These cookies “remember” what users have done on previous pages and how they’ve interacted with the website.

Advertising cookies may be used to tailor marketing to you and your interests and provide you with a more personalized service in the future. These cookies remember that you visited our website, and we may share this information with third-parties, such as advertisers. Without these cookies, the advertisements that you see may be less relevant and interesting to you. Finally, Social and Content cookies may be placed to provide or improve the content on a website (for example services that allow the playing of video files, or that create comments sections). We integrate these into our Firefli Interfaces to improve the experience of browsing and interacting of users. Please note that some of these services also place cookies that are also used for things like behavioral advertising, analytics, and/or market research.

How long will cookies remain on my computer or mobile device?

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted, however persistent cookies will expire between 30 minutes and two years from the date they are downloaded to your device.

How to control cookies?

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our Firefli Interfaces may no longer be fully accessible. Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as: www.allaboutcookies.org. 

Many of the third party advertising and other tracking services listed above offer you the opportunity to opt out of their tracking systems. You can read more about the information they collect and how to opt out through the platforms themselves.

1. Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

While our Firefli Interfaces are initially projected to be used solely within the United States and not intentionally targeted towards the European Union, if you are from the European Economic Area (EEA), the Firefli legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

Firefli may process your Personal Data because:

• We need to form a contract with you

• You have given us permission to do so

• The processing is in our legitimate interests, and it’s not overridden by your rights

• For payment processing purposes

• To comply with the law
  ‍

1. How We Use Your Information

We may use information that we collect about you or that you provide to us, including any personal information:

• To present our Firefli Interfaces and its contents to you, including the reporting functionalities from time to time made available to users.

• To contact and communicate with you, including providing personalized, targeted, or location-based content, services, and advertising both from us and other third-parties.

• To analyze, improve, and optimize our services.

• To process financial transactions involving our services.

• To enforce the terms of our services, protect the rights of our users, and prevent fraud and abuse of our systems.

• To provide you with notifications, information, products, or services that you request from us.

• To provide you with notices about your account, which may include expiration and renewal notices.

• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.

• To notify you about changes to our Firefli Interfaces or any services we (or third-parties) offer or provide through it.

• To allow you to participate in interactive features on our Firefli Interfaces.

• To assist you with creating a profile.

• To inform you of other services available from us. 

• To conduct surveys, promotions, and contests.

• To give search engines access to public information.

• To conduct analytics and generate reports about our Firefli Interfaces.

• To fulfill any other purpose for which you provide it or for any other purpose with your consent.

• In any other way we may describe when you provide the information.

We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you. We may use the information we have collected from you to enable us to display advertisements to our advertisers’ target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

1. Electronic Communications. 

Notwithstanding any terms to the contrary herein, the Company may choose to electronically deliver communications to you through email, posting messages through the Firefli Interfaces, updating this privacy policy or other policies on one or more of the Firefli Interfaces, or through other reasonable methods. If the Company chooses to electronically deliver messages directly to you, you understand these messages may contain, transmit, or convey information about action taken either on your request or by or through your account. You agree to do business with the Company electronically through any of the above means and further agree to electronically receive notices, disclosures, communications, and information which the parties hereto stipulate shall satisfy any legal requirement to communicate in writing. An electronic notice will be deemed to have been received by you if sent via email upon sending by us if we do not immediately receive a rejection notice. If you disagree with receiving electronic communications, you must immediately contact us and stop using the Firefli Interfaces. You can unsubscribe from any marketing or promotional communications at any time. If you do not want to receive messages from us, please contact us at the information in the contact information section below and let us know. Unsubscribing from marketing or promotional communications will not remove your information from our contact list in the event we need to contact you for other purposes.

1. Retention of Data

Firefli will retain your Personal Data only for as long as is necessary to provide the Services and for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. Firefli will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. You may request to amend or delete inaccurate data. All inquiries regarding amendments or deletion should be sent to info@Firefli.com.

1. Transfer of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States or Canada and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States or Canada and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Firefli will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

1. Disclosure of Data

Disclosure for Law Enforcement

Under certain circumstances, Firefli may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency); if the request is made via a subpoena or other legal proceeding or if under the circumstances it is reasonable to believe that such disclosure is necessary to comply with the law, enforce our Terms of Service, protect the rights of Firefli or others. In the event Firefli is required by law to disclose your Personal Data, Firefli will, to the extent it is allowed by applicable law, notify you prior to disclosing such data.

Legal Requirements

Firefli may disclose your Personal Data in the good faith belief that such action is necessary to:

• To comply with a legal obligation

• To protect and defend the rights or property of Firefli

• To prevent or investigate possible wrongdoing in connection with the Service

• To protect the personal safety of users of the Service or the public

• To protect against legal liability

Additional Disclosures

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We may disclose personal information that we collect, or you provide, in addition to the above as more fully described in this Privacy Policy:

• To our subsidiaries and affiliates.

• To contractors, service providers, and other third parties we use to support our business.

• To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Firefli Interfaces users is among the assets transferred.

• To investors or potential investors in our Company.

• To third parties to market their products or services to you if you have not opted out of these disclosures. 

• To fulfill the purpose for which you provide it. 

• To third-parties as required by law.

• With your consent.

• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our customers, or others, including exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

• For any other purpose disclosed by us when you provide the information

Choices about how we use and disclose your information

We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information: 

• Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of the Firefli Interfaces may then be inaccessible or not function properly.

• Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by sending us an email with your request to us at the contact information provided below.

We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website. Residents of certain states and countries may have additional personal information rights and choices. Please see the Sections below for more information.

1. Security of Data

We have implemented commercially reasonable measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We will endeavor to ensure our service providers have protection for electronic technology systems and other necessary restrictions when accessing the Firefli Interfaces and data contained therein. We will endeavor to ensure our staff are trained with respect to security of personal information and logically restrict such data where appropriate. Subject to the terms and conditions set forth herein and where necessary, we will endeavor to destroy and de-identify personal information once it is no longer required. In the event we hold any personal information that is unsolicited, or we were not permitted to collect it, such information will be destroyed as soon as practicable following notice thereof. 

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Firefli Interfaces, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Firefli Interfaces that may exist from time to time, like message boards. The information you share in public areas may be viewed by any user of the Firefli Interfaces. The security of your data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially reasonable means to protect your Personal Data, we cannot guarantee its absolute security.

1. Your Data Protection Rights Under General Data Protection Regulation (GDPR)

While our Firefli Interfaces are initially projected to be used solely within the United States and not intentionally targeted towards the European Union, if you are from the European Economic Area (EEA), you have certain data protection rights. Firefli aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us at the contact information provided herein.

In certain circumstances, you have the following data protection rights:

• The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.

• The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.

• The right to object. You have the right to object to our processing of your Personal Data.

• The right of restriction. You have the right to request that we restrict the processing of your personal information.

• The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.

• The right to withdraw consent. You also have the right to withdraw your consent at any time where Firefli relied on your consent to process your personal information.
  ‍

Although data protection laws vary among countries, regardless of where your personal data is processed, we apply the same protections described in this Policy. We also comply with certain legal frameworks relating to the transfer of personal data, such as the frameworks described below. Firefli participates in the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework (collectively, the “Data Privacy Frameworks”) as set forth by the US Department of Commerce regarding the processing of personal data from the European Economic Area, the United Kingdom and Gibraltar, and Switzerland. 

Click https://www.dataprivacyframework.gov/ to learn more about the Data Privacy Frameworks. If there is any conflict between the terms in this Policy and the Data Privacy Frameworks principles, the principles shall govern.

Please note that we may ask you to verify your identity before responding to such requests. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

1. State Privacy Rights.

State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information. These state consumer privacy laws may or may not be currently active and may or may not be applicable to our business or our Firefli Interfaces, however, we will provide appropriate links to the current state laws to inform you of your potential rights. To learn more about consumer privacy rights in these states, including how to exercise such rights, visit the appropriate hyperlink below: 

• California

• https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?division=3.&part=4.&lawCode=CIV&title=1.81.5 

• Colorado

• https://leg.colorado.gov/bills/sb21-190

• Connecticut

• https://www.cga.ct.gov/asp/cgabillstatus/cgabillstatus.asp?selBillType=Bill&bill_num=SB00006&which_year=2022

• Delaware

• https://legiscan.com/DE/text/HB154/id/2807502

• Indiana

• https://legiscan.com/IN/text/SB0005/id/2779850

• Iowa

• https://www.legis.iowa.gov/legislation/BillBook?ga=90&ba=SF%20262

• Kentucky

• https://apps.legislature.ky.gov/law/acts/24RS/documents/0072.pdf

• Maryland

• https://mgaleg.maryland.gov/2024RS/bills/hb/hb0567E.pdf

• Minnesota

• https://www.revisor.mn.gov/bills/text.php?number=HF4757&type=bill&version=4&session=ls93&session_year=2024&session_number=0

• Montana

• https://laws.leg.mt.gov/legprd/LAW0210W$BSIV.ActionQuery?P_BILL_NO1=384&P_BLTP_BILL_TYP_CD=SB&Z_ACTION=Find&P_SESS=20231

• Nebraska

• https://nebraskalegislature.gov/FloorDocs/108/PDF/Slip/LB1074.pdf

• Nevada 

• https://www.leg.state.nv.us/nrs/nrs-603a.html

• New Hampshire

• https://www.gencourt.state.nh.us/bill_status/billinfo.aspx?id=865&inflect=1

• New Jersey

• https://pub.njleg.state.nj.us/Bills/2022/AL23/266_.PDF

• Oregon

• https://olis.oregonlegislature.gov/liz/2023R1/Downloads/MeasureDocument/SB619/Enrolled

• Rhode Island

• https://legiscan.com/RI/text/S2500/2024

• Tennessee

• https://legiscan.com/TN/text/HB1181/id/2672877

• Texas 

• https://capitol.texas.gov/BillLookup/Text.aspx?LegSess=88R&Bill=HB4

• Utah

• https://le.utah.gov/~2022/bills/static/SB0227.html

• Virginia

• https://law.lis.virginia.gov/vacodefull/title59.1/chapter53/

As this list is updated from time to time, and as these laws change, are modified, amended, or supplemented, or as new jurisdictions are added to this list, you may have certain rights, and we remain committed to using commercially reasonable efforts to comply with. To exercise any of your rights available to you under your applicable state privacy rights law, please contact us at the contact information provided below.

1. Service Providers

We may employ third party companies and individuals to facilitate our Services (“Service Providers”), to provide the Services on our behalf, to perform Service-related services or to assist us in analyzing how our Services are used. These Service Providers may have restricted access to your Personal Data for the sole purposes of performing these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We may use third-party Service Providers to monitor and analyze the use of our Services.

Behavioral Remarketing

Firefli may use remarketing services to advertise on third party websites to you after you visit our Service. We and our third-party vendors may use cookies to inform, optimize and serve ads based on your past visits to our Service.

Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

1. Control over and access to your personal information

Firefli understands that you have rights over your personal information, and takes reasonable steps to allow you to review, access, correct, amend, delete, port, or limit the use of your personal information. If you are a client, you can update many types of personal information, such as payment or contact information, directly within your account settings. If you are unable to change your personal information within your account settings, or if you are concerned about data collected as you visit Firefli’s websites or use our support services, please contact us at [info@fireflihealth.com] to make the required changes.

We may not be able to delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. Please keep in mind that we will only comply with this obligation to the extent and in such frequency as required by applicable law. Before we grant you rights to access, correct, or delete personal information, we must verify your identity and, if we are unable to do so, we may restrict your rights to access, correct, or delete personal information. We agree to use commercially reasonable efforts to fulfill your request within 30 days, however, we reserve the right to extend this timeframe as necessary.

If you delete your User Contributions from the Firefli Interfaces, copies of your User Contributions may remain viewable in cached and archived pages or might have been copied or stored by other Firefli Interfaces users. Proper access and use of information provided on the Firefli Interfaces, including User Contributions, is governed by our Terms of Use found on our Firefli Interfaces, incorporated herein as if fully set forth.

We do not currently sell your sensitive personal information; however, we may share such information to the extent required to provide the Services to you, including to our affiliates, and you may have certain rights under applicable privacy laws to limit both the use, sharing, and sale of your personal information. In order to exercise these rights, to the extent applicable, please contact us at the contact information provided below.

We will not discriminate against you for exercising any of your rights under any applicable privacy law, expressly including denying you goods or services, charging you different prices or rates, providing you with different levels or qualities of goods or services, or suggesting you may receive a different price or rate for goods or services. 

Further we are not required to and will not, give access to personal information to the extent that: 

• we reasonably believe that giving access would pose a serious threat to the life, health, or safety of any individual, or to public health or public safety; 

• giving access would have an unreasonable impact on the privacy of other individuals;

• the request for access is frivolous or vexatious;

• the information relates to existing or anticipated legal proceedings and the information would not be accessible in normal discovery procedures; 

• giving access would reveal the intentions of ours in relation to negotiations and this disclosure would prejudice those negotiations; 

• denying access is required or authorized by or under a law or a court/tribunal order; 

• we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, or may be engaged in; 

• giving access would be likely to prejudice the taking of appropriate action in relation to the matter; 

• giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or

• giving access would reveal evaluative information generated within us in connection with a commercially sensitive decision-making process. 

If we refuse access to the information or correct such information, written notice will be provided to you setting out:

• the reasons for the refusal (except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so); 

• the mechanisms available to complain about the refusal; and 

• any other matter prescribed by the regulations.

If you have any questions about your personal information or this policy, or if you would like to make a complaint about how Firefli processes your personal data, please contact Firefli by email at [info@fireflihealth.com] or by mail at:

[Re: Privacy Compliance Officer]
[5900 Balcones Dr, Suite 14207 Austin, TX 78731]

End of Privacy Policy

Special Privacy Policy for California Residents

Effective Date: January 31, 2025

Last Updated on: January 31, 2025

This Special Privacy Policy for California Residents (this “Policy”) supplements the information contained in Firefli’s privacy policy available on its website (www.fireflihealth.com) (the “Website”) and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”), but not otherwise. Novel Ventures, LLC (“Firefli”, “Company”, “we”, “us”, “our”)  adopts this notice to describe how information obtained from California residents is used, how privacy rights are exercised, and to comply with the applicable California laws, rules, and regulations, as the same may be amended or updated from time to time (collectively, “CCPA”). Any defined terms used herein but not otherwise defined shall have the meanings ascribed to them in the CCPA. 

California’s Shine the Light Law: Subject to certain conditions and limitations, California residents may ask Firefli to provide them with a list of certain categories of personal data collected by Firefli that we have disclosed to third parties for direct marketing purposes during the previous calendar year prior to such request and also to identify those third parties. You may make this request once per calendar year. In order to make this request, simply contact us at the contact information provided in this Policy, affirm that you are a California resident, provide us with a California address for our response, and ensure your request complies with the rights afforded to you. Please allow us up to thirty (30) days to reply. We reserve the right not to respond to such requests submitted to us in any manner other than as provided herein or for certain other reasons, as more fully described herein.

Your Rights and Choices 

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Right to Know, Access, and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). You also have the right to request we provide you with a copy of your personal information that we collected, sold, shared, or disclosed not more than two (2) times per calendar year. Once we receive your request and confirm your identity, we will disclose to you:

• The categories of personal information we collected about you.

• The categories of sources for the personal information we collected about you.

• Our business or commercial purpose for collecting or selling that personal information.

• The categories of third parties with whom we share that personal information.

• If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:

• sales, identifying the personal information categories that each category of recipient purchased; and 

• disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained. 

• The specific pieces of personal information we collected about you (also called a data portability request).

We do not provide a right to know or data portability disclosure for B2B personal information.

Right to Delete 

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity, we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: 

1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.

2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

3. Debug products to identify and repair errors that impair existing intended functionality.

4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.

7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

8. Comply with a legal obligation.

9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action. 

We do not provide these deletion rights for B2B personal information.

Right to Opt-Out 

If you are age 16 or older, you have the right to direct us not to sell your personal information at any time (the “right to opt-out”). We do not sell the personal information of consumers we actually know are less than 16 years old and do not currently make it a practice of our business to sell any personal information of any consumer. Consumers who opt-in to personal information sales may opt-out of future sales at any time. Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales. However, you may change your mind and opt back in to personal information sales at any time by contacting us via the contact information provided below. You do not need to create an account with us to exercise your opt-out rights. We will only use personal information provided in an opt-out request to review and comply with the request. 

Right to Correct 

You have the right to correct personal information we maintain that you believe is incorrect.

Right to Be Free from Discrimination

You have the right to be free from discrimination and the right to equal service.

Right to Limit 

You have the right to request we limit the use and disclosure of your personal information to uses / disclosures that are reasonably necessary to provide our services to you in order to ensure security and integrity, prevent fraud, for physical safety, for short-term transient use, to perform services on behalf of the business, and to verity or maintain quality and safety of a device owned, manufactured for, or controlled by us, and/or to improve the foregoing. We do not collect, sell, or share sensitive personal information for any purpose other than as reasonably necessary, as more fully set forth herein.

Exercising Your Rights 

To exercise your rights set forth above, please submit a request by either: 

• Emailing us at [info@fireflihealth.com]

• Mailing us at the address contained in our Contact Information Section below.

Only you, or someone legally authorized to act on your behalf, may make a request to exercise the rights set forth above, including requests to know or delete related to your personal information. 

You may also make a request to on behalf of your child by contacting us and providing reasonable information to enable us to identify you and your authority over such child. You may only submit a request to know twice within a 12-month period and all other requests not more than once during a 12-month period unless provided for otherwise by applicable law. Your request(s) to us must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Depending on the request, we may require you to provide a signed declaration affirming your identity. If you use an authorized representative, we may require a power of attorney or other written verification allowing such individual to submit any request on your behalf.

• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. You do not need to create an account with us to submit a request to know or delete. 

We will only use personal information provided in the request to verify the requestor’s identity or authority to make it. 

Response Timing and Format

We will confirm receipt of your request within the time requirements under applicable law, but in no case later than thirty (30) days. If you do not receive confirmation within the 30-day timeframe, please contact us at [info@fireflihealth.com].

We endeavor to substantively respond to a verifiable consumer request within thirty (30) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. 

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. 

Information We Collect

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:

• Publicly available information from government records.

• Deidentified or aggregated consumer information.

• Information excluded from the CCPA’s scope, like:

• health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;

• personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

In particular, we have collected the following categories of personal information from consumers directly and indirectly within the last twelve (12) months: 

Category

Examples

Collected

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

YES

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

YES

C. Protected classification characteristics under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

YES

D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

YES

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

YES

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

YES

G. Geolocation data.

Physical location or movements. 

YES

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

NO

I. Professional or employment-related information.

Current or past job history or performance evaluations.

NO

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. 

NO

K. Inferences drawn from other personal information.

Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

YES

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you. For example, from forms you complete, information you provide, or products and services you may purchase or otherwise utilize.

• Indirectly from you. For example, from observing your actions on our Website.

Use of Personal Information

We may use, sell, or disclose the personal information we collect for one or more of the following purposes: 

• To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request services or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns. 

• To provide, support, personalize, and develop our Website, products, and services.

• To create, maintain, customize, and secure your account with us.

• To process your requests, purchases, transactions, and payments and prevent transactional fraud.

• To provide you with support for your use of our services, provide you feedback on information you supply to us, and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.

• To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).

• To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.

• For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.

• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.

• As described to you when collecting your personal information or as otherwise set forth in the CCPA.

• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our consumers is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information

We may share your personal information with affiliates, subsidiaries, and third-parties by disclosing it for our business purposes. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, Company has disclosed personal information for a business purpose.

We may also share your personal information by selling it to third parties, subject to your right to opt-out of those sales. Our personal information sales do not include information about individuals we know are under age 16. In the preceding twelve (12) months, Company has used, and may have shared and/or sold the following categories of personal information.

Personal Information Category

Category of Third-Party Recipients

Business Purpose Disclosures

Sales

A: Identifiers.

Data analytic providers, internet cookie data recipients

None

B: California Customer Records personal information categories.

Data analytic providers, internet cookie data recipients

None

C: Protected classification characteristics under California or federal law.

Data analytic providers, internet cookie data recipients

None

D: Commercial information.

Data analytic providers, internet cookie data recipients

None

E: Biometric information.

Data analytic providers, internet cookie data recipients

None

F: Internet or other similar network activity.

Data analytic providers, internet cookie data recipients

None

G: Geolocation data.

Data analytic providers, internet cookie data recipients

None

H: Sensory data.

None

None

I: Professional or employment-related information.

None

None

J: Non-public education information.

None

None

K: Inferences drawn from other personal information.

Data analytic providers, internet cookie data recipients

None

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

• Deny you goods or services.

• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

• Provide you a different level or quality of goods or services.

• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time. 

Retention of Personal Information

We keep the categories of personal information described above for as long as is necessary for the purposes described in this Policy or otherwise authorized by law. For information about our retention policies, contact us using the contact information set forth below.

Other California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [info@fireflihealth.com].

Changes to Our Privacy Policy

We reserve the right to amend this privacy policy at our discretion and at any time. When we make changes to this privacy policy, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this notice, the ways in which Firefli collects and uses your information described here and in the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Email: [info@fireflihealth.com]

Postal Address: 

[Re: Privacy Compliance Officer]
[5900 Balcones Dr, Suite 14207 Austin, TX 78731]

If you need to access this Policy in an alternative format due to having a disability, please contact us at [info@fireflihealth.com].

End of Special Privacy Policy for California Residents

This website is operated by Novel Ventures, LLC, who welcomes your feedback regarding its Privacy Policy and other agreements contained herein. If you have any questions, comments, or concerns, please contact us by e-mail at [info@fireflihealth.com]. You can also reach us by mail at [5900 Balcones Dr, Suite 14207 Austin, TX 78731].