Privacy Policy

Nasoha Ltd (“we,” “our,” or “us”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website nasoha.com (“Website”) or use our services.

By using our Website and services, you agree to the terms of this Privacy Policy.

1. Who We Are

Company Name: Nasoha Ltd
Registered Address: 83–85 Baker Street, London W1U 6AG,United Kingdom
Email: [email protected]
Phone: +44 20 8050 3221
Regulatory Information: We are registered and regulated by the Financial Conduct Authority (FCA) under registration number 927654.

2. What Information We Collect

We may collect and process the following personal data:

2.1. Information You Provide to Us

Personal details (full name, date of birth, nationality, gender).
Contact details (email address, phone number, postal address).
Health information (for insurance applications and claims, including pre-existing conditions and medical history).
Payment details (bank account or credit card information for processing payments).

2.2. Information We Collect Automatically

Device and browser data (IP address, browser type, operating system, referring pages).
Website usage data (pages visited, time spent on site, interactions with content).
Cookies and tracking technologies (see our Cookie Policy).

2.3. Information from Third Parties

Data from healthcare providers (to process insurance claims and verify medical conditions).
Data from credit reference agencies (to assess financial risk and prevent fraud).
Data from regulatory authorities (to comply with legal requirements).

3. How We Use Your Information

We use your personal data for the following purposes:

To provide insurance services (processing applications, claims, renewals, and customer support).
To comply with legal and regulatory obligations (FCA compliance, anti-fraud measures).
To improve our services (analyzing Website usage, customer feedback, and service optimization).
To send marketing communications (only if you have opted in).
To prevent fraud and protect security (identity verification, fraud detection, and cybersecurity monitoring).

We will only process health-related data when necessary for insurance purposes and with your explicit consent.

4. Legal Basis for Processing Your Data

Under UK GDPR, we process your personal data based on the following legal grounds:

Contractual obligation – Processing is necessary to provide you with insurance services.
Legal compliance – To meet FCA and regulatory obligations.
Legitimate interests – To improve customer service, prevent fraud, and manage business operations.
Consent – For marketing communications (you can withdraw consent at any time).

5. Who We Share Your Data With

We may share your data with:

Regulatory authorities (e.g., FCA, HMRC, ICO).
Medical providers and hospitals (to verify claims and process insurance coverage).
Fraud prevention agencies (to detect and prevent fraudulent claims).
Payment processors and financial institutions (for handling payments securely).
IT service providers and analytics platforms (to improve our website functionality and user experience).

We do not sell or rent your personal data to third parties.

6. International Data Transfers

We may store and process your data outside the UK, including in the European Economic Area (EEA) and other jurisdictions that provide an adequate level of data protection. When transferring data outside the UK, we use:

Standard Contractual Clauses (SCCs) approved under UK GDPR.
Data processing agreements with third-party providers.

7. How Long We Keep Your Data

We retain your personal data only as long as necessary for:

Active insurance policies and claims processing.
Regulatory and legal compliance (e.g., FCA, tax laws).
Fraud prevention and internal record-keeping.

Retention periods vary, but we typically store data for 7 years after the end of your policy, in line with regulatory requirements.

Once the retention period expires, we securely delete or anonymize your data.

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right to access – Request a copy of your personal data.
Right to rectification – Request corrections to inaccurate or incomplete data.
Right to erasure (“Right to be Forgotten”) – Request deletion of your data under certain conditions.
Right to restrict processing – Request limited use of your data.
Right to data portability – Request a transfer of your data to another provider.
Right to object – Object to certain types of data processing, including marketing.
Right to withdraw consent – If we rely on consent, you can withdraw it at any time.

To exercise these rights, contact us at [email protected].

9. How We Protect Your Data

We implement strict security measures to protect your data, including:

Encryption for sensitive data.
Access controls to limit who can access your information.
Regular security audits to ensure compliance with cybersecurity standards.
Secure servers and firewalls to prevent unauthorized access.

10. Marketing Preferences

We may send marketing emails about our services only with your consent. You can unsubscribe anytime by clicking “Unsubscribe” in our emails or contacting us at [email protected].

11. Complaints and Contact Information

If you have concerns about how we process your data, you can contact us:

Nasoha Ltd
83–85 Baker Street, London W1U 6AG,United Kingdom
Email: [email protected]
Phone: +44 20 8050 3221

If you are not satisfied with our response, you have the right to complain to the Information Commissioner’s Office (ICO):

Website: www.ico.org.uk
Phone: +44 303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with the updated “Last Updated” date. We encourage you to review this policy regularly.