Notrispace Privacy Policy:

Effective Date: 2026-01-01

Domus Lab Ltd ("Notrispace", "we", "us", or "our") operates the Notrispace platform ("Platform").

This Privacy Policy explains how we collect, use, process, and protect personal data when you use our services.

By using the Platform, you agree to the practices described in this policy.

1. Who We Are

Domus Lab Ltd

Flat 2, 8 Henry Road

London, SW9 7BQ

United Kingdom

Email: support@notrispace.com

Depending on the context, Notrispace may act as:

  • A data processor on behalf of professionals and organizations using the Platform
  • A data controller for account management, billing, analytics, security, and business operations

2. Information We Collect

We may collect and process the following categories of information.

Professional Users

  • Name and contact details
  • Account credentials
  • Business and professional information
  • Billing and transaction data
  • Communications and support interactions

Clients / Patients

  • Identification and contact information
  • Health and nutrition data
  • Medical history and conditions
  • Body measurements and lifestyle information
  • Laboratory results and uploaded files
  • Messages and communications
  • Photos or documents
  • Wearable or device data
  • Appointment and billing information

3. Special Category Health Data

The Platform may process health-related data classified as special category data under applicable law.

Such data is processed only:

  • On behalf of professionals providing services
  • In accordance with applicable legal bases
  • With safeguards designed to protect confidentiality and security

Professionals are responsible for ensuring they have appropriate legal authority to collect and use client data.

4. How We Use Information

We use information to:

  • Provide and operate the Platform
  • Enable professionals to deliver services
  • Facilitate communication, scheduling, and workflows
  • Support invoicing, billing, and payment processing
  • Provide analytics, automation, and insights
  • Improve functionality and user experience
  • Maintain security, integrity, and compliance
  • Provide customer support
  • Meet legal and regulatory obligations
  • Conduct research, analysis, and service development using aggregated or de-identified data

5. AI and Automated Processing

We may use artificial intelligence or automated technologies to process information and generate insights, summaries, or other outputs.

These technologies:

  • Operate based on user-provided information
  • May involve limited processing by trusted service providers
  • Are used to support Platform functionality
  • Do not replace professional judgment

We implement safeguards designed to protect information when such technologies are used.

6. Aggregated and De-Identified Information

We may create aggregated, statistical, or de-identified information derived from Platform data that does not identify any individual or organization and cannot reasonably be used to do so.

Such information may be used for purposes including:

  • Product development and improvement
  • Analytics and benchmarking
  • Research and innovation
  • Service optimization
  • Industry insights and reporting

We may retain, use, disclose, or otherwise make available such information in accordance with applicable law.

7. Legal Bases for Processing (GDPR)

Where applicable under data protection laws, we rely on the following legal bases:

  • Performance of a contract
  • Legitimate interests, including improving services, maintaining security, and business operations
  • Consent, where required for certain types of data or communications
  • Compliance with legal obligations

For health data processed on behalf of professionals, the relevant legal basis is typically determined by the professional acting as data controller.

8. Data Sharing

We may share information with:

  • Professionals, organizations, or entities using the Platform
  • Service providers supporting infrastructure, hosting, analytics, communications, or operations
  • Payment processors and financial service providers
  • Integration partners or services connected by users
  • Affiliates or business partners involved in providing or improving services
  • Legal or regulatory authorities where required
  • Parties involved in corporate transactions such as mergers or acquisitions

We may also share aggregated or de-identified information that does not identify individuals.

We do not sell identifiable personal data.

9. Payment Processing

Payments may be processed by third-party providers such as Stripe.

We do not store full payment card information.

Payment processing is subject to the policies of those providers.

10. Data Storage and Security

We implement administrative, technical, and organizational measures designed to protect information.

Infrastructure may be hosted by trusted cloud providers, including services such as Amazon Web Services (AWS).

No system is completely secure, and users acknowledge inherent risks of online services.

11. International Data Transfers

Information may be transferred to and processed in countries outside your jurisdiction.

Where required, appropriate safeguards such as contractual protections are used to protect personal data.

12. Data Retention

We retain information for as long as necessary to provide services, comply with legal obligations, and support legitimate business purposes.

Information may be retained until deletion is requested.

Upon verified request, data will be deleted within a reasonable timeframe unless retention is legally required.

13. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access your information
  • Correct inaccurate data
  • Request deletion
  • Restrict processing
  • Object to certain processing
  • Request data portability

Requests may be submitted to support@notrispace.com.

14. HIPAA

Where applicable, we support compliance with HIPAA requirements when customers enter into a Business Associate Agreement with Notrispace.

15. Communications

We may send service-related communications, product updates, and information about the Platform.

You may opt out of marketing communications at any time.

16. Cookies and Tracking

We use cookies and similar technologies to:

  • Operate and secure the Platform
  • Maintain sessions
  • Analyze usage and performance

We do not use advertising or marketing cookies.

17. Children

The Platform is intended only for individuals aged 18 or older.

We do not knowingly collect data from children.

18. Changes to This Policy

We may update this Privacy Policy periodically.

Continued use of the Platform constitutes acceptance of updates.

19. Contact

Domus Lab Ltd

Flat 2, 8 Henry Road

London, SW9 7BQ

United Kingdom

Email: support@notrispace.com