NuvioLife

Terms & conditions

Effective September 1, 2025

This site, nuviolife.com, and the NuvioLife app are owned and operated by Nuvio Software Inc.(referred to as NuvioLife, we, us, or the company), based at 333 Seymour St, Vancouver, BC V6B 5A7, Canada.

These Terms — together with the Privacy Policy and any order forms — govern your access to and use of the NuvioLife platform, including HSA, LSA, PSA, WFH, and FIN wallets, our cards, integrations, APIs, and related services (the Service). Please read them carefully.

By creating an account, installing the app, or otherwise using the Service, you accept these Terms. If you do not agree, do not use the Service.

1. Definitions

  • Employer — the company or organization sponsoring plans and authorizing user access
  • Employee — an individual employed by the Employer participating in plans via the Service
  • Dependent — an eligible individual associated with an Employee's plan under plan rules
  • Service — the NuvioLife app, website, cards, integrations, APIs, and related services

2. Acceptance of terms and consent

By creating an account, installing, or accessing the Service, you agree to these Terms and the Privacy Policy. The agreement includes explicit informed consent regarding the collection, use, storage, and disclosure of personal information as described in our Privacy Policy.

Communication preferences may be managed through your account settings.

3. Eligibility and accounts

  • The Service is available to Employers and authorized users
  • Minimum age: 18 years or the age of majority; EU/EEA/UK users 16, or younger with parental consent
  • Minor dependents are covered under Employee accounts with data managed accordingly
  • You must maintain a strong password, enable multi-factor authentication, and immediately report any suspected compromise
  • You are responsible for all activity under your account

4. Regulatory compliance and verification

We perform identity verification and monitoring for compliance purposes, including KYC, AML/ATF, and fraud prevention. The Service complies with export controls and sanctions screening (OFAC). We reserve the right to audit Employer compliance with these Terms and applicable regulations.

5. Privacy, data residency, and security

Data residency

  • Canadian and worldwide customers: data stored in Canada
  • U.S. customers: data stored in the United States
  • EU/EEA/UK customers: data transferred to Canada or the U.S. under Standard Contractual Clauses

GDPR rights (EU/EEA/UK)

  • Right to access, rectify, and erase your personal data
  • Right to restrict processing and to data portability
  • Right to object and to withdraw consent
  • Right to lodge a complaint with your local supervisory authority
  • Response timeframe: one month, extendable by two months for complex requests

CCPA/CPRA rights (California)

  • Right to know what personal information is collected
  • Right to delete personal information, subject to exceptions
  • Right to opt out of sale or sharing — we do not sell personal data
  • Right to correct inaccurate information

Security measures

  • Information security program aligned with SOC 2
  • AES-256 encryption for sensitive data at rest and in transit
  • Privacy by design and data minimization practices

Data breach notification

In the event of a security breach affecting personal information, we will notify affected users and relevant regulators within timeframes required by applicable law.

Limitation of liability for breaches

We are not liable for breaches caused by third-party providers, user negligence, advanced threats, or force majeure events.

Backup and ransomware policy

  • Regular backups maintained per industry best practices
  • We will not pay ransoms
  • You should maintain independent records

6. Account deletion and data retention

You may request deletion via in-app controls or by emailing info@nuviolife.com. We will delete or anonymize personal information within a reasonable time — within 30 days for GDPR requests.

Deletion excludes legally required retention periods: 7 years for tax records and 3–6 years for business records depending on jurisdiction.

Claims retention: seven years for CRA/IRS audit compliance. Only minimum non-diagnostic data is disclosed.

GDPR retention: personal data is retained only as long as necessary for the stated purposes or legal obligations.

7. Services; benefits administration; U.S. participants; HIPAA

We administer PHSP, HSA, FSA, and HRA plans per CRA rules.

For U.S. HSA participants

  • We file IRS Forms 1099-SA and 5498-SA
  • We provide information for Form 8889
  • We report employer contributions for W-2 purposes
  • We provide year-end tax statements
  • We apply 24% backup withholding if required

Tax form delivery

Tax forms are delivered electronically by default (with consent) or via mail by January 31 for 1099s and May 31 for 5498s.

HIPAA

When acting as a business associate, we comply with HIPAA, enter into BAAs, and apply the minimum necessary standard.

Plan modifications

Changes to benefit plans will be communicated with at least 30 days' notice where possible.

8. Claims processing, verification, and fraud prevention

Claim review rights

  • We reserve the absolute right to review, audit, and verify any claim before, during, or after payment
  • We may request documentation, contact providers, or require itemized receipts
  • We may conduct random audits, including of previously paid claims
  • We may hold claims up to 30 days for verification

Grounds for denial

  • Ineligible expenses or insufficient documentation
  • Services not rendered or duplicate submissions
  • Submission after deadlines or fraudulent activity
  • Non-response to verification within specified timeframes

Account suspension for fraud

Upon suspicion, we may immediately suspend claims, freeze access, recover payments, report to law enforcement, and terminate access permanently.

Provider verification

  • We may contact service providers and verify services
  • We may request clinical notes where permitted
  • We may report suspected provider fraud

Employer notification

We notify Employers of confirmed fraudulent claims, systematic abuse patterns, criminal investigations, and material violations.

Recovery rights

  • Recover improperly paid claims
  • Offset future claims against amounts owed
  • Initiate collections and credit agency reporting
  • Pursue criminal charges

Fraud penalties

  • Immediate termination
  • Recovery plus interest
  • Potential criminal prosecution
  • Permanent ban
  • Civil litigation for damages including legal costs
  • There is no time limit on our right to investigate, reverse, or recover fraudulent claims

9. Service level and availability

  • Target 99.9% uptime for core services (excluding maintenance)
  • Scheduled maintenance typically 11 PM – 3 AM PT with 48 hours' notice
  • Emergency maintenance may occur without notice for critical issues
  • Critical issues acknowledged within 2 hours

10. Cards; funds; partners

You agree to issuer and network terms for payment cards. Funds may be held in a custodial or trust account pending disbursement; interest may accrue and, unless otherwise required by law or agreement, may be retained to offset program costs.

In the event of bankruptcy or insolvency, funds held on behalf of Employers and Employees will be returned to the applicable account holder, less any applicable fees.

Services are priced in CAD (Canada) or USD (U.S.). Payment is accepted via ACH, wire, credit card, and other specified methods.

11. Fees, taxes, and refunds

You agree to pay fees communicated at signup, in order forms, or in fee schedules. Fees may include onboarding/setup, custom integrations, late payment, and processing fees.

Taxes

  • Canada: GST/HST/QST applies
  • U.S.: federal and state taxes apply; backup withholding may apply if a valid TIN is not provided; state sales tax is collected where required

Tax liability

You are responsible for determining and fulfilling your tax obligations.

Refund policy

Refund requests must be submitted within 30 days of charge. Setup fees are non-refundable. Monthly or annual fees may be prorated for partial periods.

Error resolution

Payment errors must be reported within 60 days; resolution within 10 business days.

Chargebacks

Initiating a chargeback without first contacting us may result in immediate account suspension.

12. Acceptable use

You will not engage in any unlawful, fraudulent, or prohibited activity, including:

  • Money laundering, terrorist financing, or sanctions evasion
  • Bypassing security, reverse engineering, or data scraping
  • Submitting false claims or misrepresenting eligibility
  • Sharing credentials or allowing unauthorized access
  • Harassment, defamation, or harm to others
  • Uploading malicious code
  • Violating intellectual property rights

13. Employer rights and responsibilities

Employers must maintain accurate plan information and promptly update eligibility. Employer administrators may access aggregated plan usage data and individual employee data only as necessary for plan administration.

For EU/EEA/UK employers, we will enter into Data Processing Agreements per GDPR Article 28.

Non-payment may result in suspension. Employees will receive 30 days' notice before service termination due to Employer non-payment.

Employers are responsible for ensuring compliance with employment law, benefits regulations, and collective agreements, and must cooperate with fraud investigations and implement recommended controls.

14. API and integration terms

API access requires compliance with documentation, rate limits, and technical requirements. Data must conform to specified formats and validation rules. You are responsible for securing integration credentials and any data received.

15. Non-compete and non-circumvention

For 24 months from first access or first presentation of the Service, you will not design, develop, market, or assist others in competing with the Service. Exception: independent development that does not use confidential information or our IP.

This applies primarily to Employer accounts and enterprise users, not individual Employees. Enforceability is limited to lawful provisions.

16. Suspension, freezes, and termination

We reserve the right, in our sole discretion, to cancel, freeze, hold, suspend, or terminate any account or transaction (Employer, Employee, or Dependent) for any reason — including suspected fraud, misuse, policy violations, non-payment, risk concerns, or to meet legal or regulatory obligations.

You may stop using the Service anytime; termination does not relieve accrued fees or obligations. Pending eligible claims are processed per plan terms.

17. Intellectual property; license; feedback

NuvioLife and its licensors own all rights in the Service. You are granted a limited, revocable, non-exclusive, non-transferable license to use it. You grant us a royalty-free, irrevocable license to use any feedback you provide.

18. Third-party services

The Service may rely on third-party services (identity verification, card issuers, hosting, analytics). Their terms and privacy practices are governed by their own policies.

19. Accessibility

We target WCAG 2.1 Level AA compliance for our web and mobile applications and comply with the ADA (U.S.) and AODA (Ontario). Contact info@nuviolife.com for accessibility issues.

20. Changes to the Service and to these Terms

Right to modify

We reserve the right to modify these Terms, the Privacy Policy, and the Service at any time at our sole discretion.

Notice requirements

  • Material changes: 30 days' notice via email or prominent in-app notification
  • Non-material changes: may be made without notice but posted with an updated date
  • Emergency changes: may take effect immediately with prompt notice

Acceptance and review

Continued use after changes constitutes acceptance. You are responsible for regularly reviewing these Terms; the updated effective date is indicated at the top of the document.

Special consent

GDPR material privacy changes require explicit renewed consent rather than continued use.

21. Disclaimers

The Service is provided "as is" and "as available." We disclaim warranties of merchantability, fitness for a particular purpose, and non-infringement. We do not guarantee that the Service will be error-free, uninterrupted, or secure against all threats.

22. Limitation of liability

We are not liable for indirect, incidental, special, consequential, exemplary, or punitive damages, or for lost profits or data. Our aggregate liability will not exceed the amounts you paid for the Service in the 12 months preceding the event.

For data breaches: liability is limited to direct damages from gross negligence or willful misconduct, credit monitoring as required by law, and statutory damages where mandated.

23. Indemnification

You will defend, indemnify, and hold harmless NuvioLife and its affiliates against claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees).

24. Dispute resolution

Informal resolution

The parties will attempt good-faith resolution through direct communication for at least 30 days before formal proceedings.

Arbitration

Disputes are resolved through binding arbitration under ADR Institute of Canada rules, conducted in Vancouver, BC, or virtually by agreement.

Class action waiver

To the extent permitted by law, you waive any right to bring claims as a plaintiff or class member in any purported class action.

Exceptions

Claims for injunctive relief, intellectual property disputes, or small-claims-court jurisdiction may be brought in court.

25. Force majeure

Neither party is liable for delays or failures from causes beyond reasonable control, including acts of God, natural disasters, war, terrorism, pandemic, or infrastructure failures.

26. Governing law and venue

These Terms are governed by the laws of the Province of British Columbia and the Canadian federal law applicable therein, without regard to conflicts of law.

Jurisdiction

  • Vancouver, BC courts have exclusive jurisdiction where applicable
  • EU/EEA/UK users retain rights to bring claims in local courts
  • U.S. users retain state consumer protection rights

27. Notices

Legal notices are sent to: Nuvio Software Inc., 333 Seymour St, Vancouver, BC V6B 5A7, Canada. Privacy inquiries: privacy@nuviolife.com.

Electronic notices to users are sent to your registered email and are deemed received 24 hours after sending, unless we receive an automated bounce-back message. You are responsible for maintaining a valid email address; for critical notices that bounce, we will attempt alternative contact methods.

28. Assignment; severability; entire agreement; survival

You may not assign these Terms without our consent; we may assign without restriction. If any provision is held invalid, it will be limited or severed to the minimum extent necessary.

These Terms, the Privacy Policy, and any order forms constitute the entire agreement. All updates become binding when effective.

Survival: the following sections survive termination — Definitions, Privacy provisions, Retention, Email obligations, Claims verification rights, Recovery rights, Intellectual Property, Disclaimers, Limitation of Liability, Indemnification, Dispute Resolution, Governing Law, and modification provisions.

29. Text messaging and communications

U.S. users who provide a mobile number consent to receive text messages about their accounts and claims. We comply with the TCPA. You may opt out by replying STOP.

Communication occurs via email, in-app notifications, SMS (where consented), or mail. You are responsible for maintaining current contact information.

30. Email communications and compliance

We comply with Canada's CASL and the U.S. CAN-SPAM Act.

Email categories

  • Transactional (no opt-out): security alerts, resets, confirmations, receipts, suspensions, terms updates
  • Administrative (opt-out available): benefit info, plan updates, wellness, announcements
  • Marketing/promotional (explicit opt-in required): features, partner offers, surveys, promotions

Verification, unsubscribe, and changes

  • Your email address must be verified at registration; periodic re-verification may be required
  • All non-transactional emails include a one-click unsubscribe link, processed within 10 business days
  • Email address changes require verification through both the old and new addresses

Delivery limitations

We do not guarantee delivery. You are responsible for maintaining a valid address, checking spam folders, whitelisting the nuviolife.com domain, and ensuring your provider accepts our messages.

Email security

  • Sensitive information is minimized or encrypted where feasible
  • We never request passwords, full card numbers, or SIN/SSN via email
  • Report phishing to security@nuviolife.com

Service providers and retention

Third-party email providers (e.g. SendGrid, AWS SES) are bound by confidentiality. Standard tracking technologies monitor opens, clicks, and delivery. Communication logs are retained 24 months for security, compliance, and dispute resolution. Email addresses are not sold or rented; they are shared with providers only under strict confidentiality for service delivery.

Anti-phishing

Legitimate NuvioLife emails come from the @nuviolife.com domain, include your name or account identifier, never request sensitive information, and include our physical address in the footer. For suspicious emails: do not click links or attachments — forward to security@nuviolife.com, delete the email, and verify any issue by signing in directly.

Contact

Questions about these Terms? Email info@nuviolife.com or write to Nuvio Software Inc., 333 Seymour St, Vancouver, BC V6B 5A7, Canada.

Read our privacy policy
Questions about these terms?

Talk to the NuvioLife team

Reach out to info@nuviolife.com for clarification, plan administration, or compliance questions.

  • No credit card required

  • 14-Day free trial