Privacy Policy

Effective Date: 11/15/2024

Your privacy is important to us. This Privacy Policy outlines how MyHealthSentry.com collects, uses, and protects the personal health data you provide while using our platform.

1. Information We Collect

We may collect the following categories of information when you interact with our Services:

  1. Personal Identifiers: Name, email address, contact details, account login information.
  2. Health and Wellness Data: Data you input directly (e.g., symptoms, lifestyle habits, medical history, fitness metrics). Data collected from integrated third-party wearables and health devices (e.g., sleep, glucose, activity).
  3. Internet/Device Data: IP address, browser, device type, session duration, usage patterns, and diagnostic data.
  4. Geolocation Data: With your consent, we may collect location data to personalize your experience. e. Inferences: Risk scores, wellness trends, and predictive insights based on your data.

2. Lawful Basis for Processing (GDPR)

For users in the EU/EEA, we process personal data only when we have a lawful basis under Article 6 of the GDPR, including:

  • Consent (e.g., for optional health tracking or wearable integrations).
  • Contractual necessity (e.g., to provide core platform features).
  • Legitimate interests (e.g., platform improvement, research, analytics).
  • Legal obligations (e.g., in response to lawful government requests).

You may withdraw consent at any time by contacting us (see Section 11).

3. How We Use Your Information

We use your data to:

  • Deliver and maintain the Services.
  • Generate personalized health insights, risk models, and recommendations.
  • Enable integration with wearables and third-party health data providers.
  • Analyze aggregated and anonymized data for research and product development.
  • Improve user experience and security.
  • Comply with legal and regulatory requirements.

4. Sharing and Disclosure of Information

We do not sell your personal information. However, we may share data under the following conditions:

  • Service Providers: Trusted vendors (e.g., hosting, analytics, infrastructure) under confidentiality agreements.
  • With Your Consent: For features requiring authorization (e.g., third-party device integrations).
  • Legal Compliance: If required by law, regulation, subpoena, or government request.
  • Security and Enforcement: To protect our rights, property, or safety and prevent misuse or fraud.
  • Corporate Transactions: In the event of a merger, acquisition, or asset transfer, with appropriate safeguards.

5. Your Rights

For EU/EEA Users (GDPR)
You have the following rights:

  • Access: Obtain a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure (“Right to be Forgotten”): Request deletion of your data.
  • Restriction: Ask us to stop certain data processing activities.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw Consent: At any time, without affecting past lawful processing.

For California Residents (CCPA/CPRA)
You have the right to:

  • Know: What personal information we collect and how we use it.
  • Access: Specific pieces of personal information we have collected about you.
  • Delete: Request deletion of your personal information.
  • Correct: Inaccurate personal information.
  • Opt-Out: You may opt out of “sharing” or “selling” of personal information (we do not engage in either).
  • Non-Discrimination: We will not treat you differently for exercising your privacy rights.

To exercise your rights, contact: [email protected] or use our Data Request Form. You may also designate an authorized agent to make a request on your behalf.

6. Data Retention

We retain personal information as long as reasonably necessary to:

  • Provide the Services and maintain user accounts.
  • Fulfill legal, contractual, or regulatory obligations.
  • Support anonymized research and platform development.

When no longer needed, we will securely delete or de-identify your data.

7. Cross-Border Transfers

If you are outside the United States, your data may be transferred to and processed in the U.S., where data protection laws may differ. For EU/EEA users, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) to legitimize these transfers.

8. Data Security

We implement technical and organizational security measures, including:

  • Encryption of sensitive health data in transit and at rest.
  • Secure authentication and access controls.
  • Regular security reviews and monitoring.

Despite these efforts, no method of transmission or storage is 100% secure. You use the Services at your own risk.

9. Children’s Privacy

Our Services are not directed to children under 18. We do not knowingly collect personal data from minors. If you believe a child has submitted data to us, please contact us so we can delete it.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email, in-app notice, or on our website. Continued use of the Services after updates constitutes acceptance.

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us: