Privacy Policy

Effective Date: 02/23/2026

Your privacy is important to us. This Privacy Policy outlines how MyHealthSentry.com collects, uses, and protects the personal health data you provide while using our platform.

1. Information We Collect

We may collect the following categories of information when you interact with our Services:

  • Personal Identifiers: Name, email address, contact details, account login information.
  • Health and Wellness Data: Data you input directly (e.g., symptoms, lifestyle habits, medical history, fitness metrics). Data collected from integrated third-party wearables and health devices (e.g., sleep, glucose, activity).
  • Internet/Device Data: IP address, browser, device type, session duration, usage patterns, and diagnostic data.
  • Geolocation Data: With your consent, we may collect location data to personalize your experience.
  • Inferences: Risk scores, wellness trends, and predictive insights based on your data.

2. Lawful Basis for Processing (GDPR)

For users in the EU/EEA, we process personal data only when we have a lawful basis under Article 6 of the GDPR, including:

  • Consent (e.g., for optional health tracking or wearable integrations).
  • Contractual necessity (e.g., to provide core platform features).
  • Legitimate interests (e.g., platform improvement, research, analytics).
  • Legal obligations (e.g., in response to lawful government requests).

You may withdraw consent at any time by contacting us (see Section 12).

3. How We Use Your Information

We use your data to:

  • Deliver and maintain the Services.
  • Generate personalized health insights, risk models, and recommendations.
  • Enable integration with wearables and third-party health data providers.
  • Analyze aggregated and anonymized data for research and product development.
  • Improve user experience and security.
  • Comply with legal and regulatory requirements.

4. Mobile App Health Data Integrations

Our mobile apps integrate with platform health services to read health data with your explicit permission. We only read data from these services — we never write to them.

Health Connect (Android)

Our Android app may request read access to the following Health Connect data types:

  • Weight — Used to display body composition trends on the Health view and to calculate personalized strength training goals based on your body weight (e.g., a target of 0.5x your body weight for a given exercise).
  • Heart Rate — Used to classify exercise intensity zones for fitness competitions, so you can see whether activity counts as moderate or vigorous effort.
  • Steps & Exercise Sessions — Used to track daily activity and participation in fitness competitions with friends.
  • VO2 Max — Used to assess your cardiovascular fitness level.
  • Height, Body Fat Percentage, Lean Body Mass — Used for body composition analysis on the Health view.

You can revoke Health Connect permissions at any time through your device's Health Connect settings. Revoking permissions will stop future data syncing but will not delete previously synced data. You can request deletion of all synced health data from your account settings or by contacting us at [email protected].

Apple HealthKit (iOS)

Our iOS app may request read access to similar health data types through Apple HealthKit, including weight, height, body fat percentage, lean body mass, and VO2 Max. This data is used for the same purposes described above. You can manage HealthKit permissions at any time through the Health app on your iOS device.

5. Sharing and Disclosure of Information

We do not sell your personal information. However, we may share data under the following conditions:

  • Service Providers: Trusted vendors (e.g., hosting, analytics, infrastructure) under confidentiality agreements.
  • With Your Consent: For features requiring authorization (e.g., third-party device integrations).
  • Legal Compliance: If required by law, regulation, subpoena, or government request.
  • Security and Enforcement: To protect our rights, property, or safety and prevent misuse or fraud.
  • Corporate Transactions: In the event of a merger, acquisition, or asset transfer, with appropriate safeguards.

6. Your Rights

For EU/EEA Users (GDPR)

You have the following rights:

  • Access: Obtain a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure ("Right to be Forgotten"): Request deletion of your data.
  • Restriction: Ask us to stop certain data processing activities.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw Consent: At any time, without affecting past lawful processing.

For California Residents (CCPA/CPRA)

You have the right to:

  • Know: What personal information we collect and how we use it.
  • Access: Specific pieces of personal information we have collected about you.
  • Delete: Request deletion of your personal information.
  • Correct: Inaccurate personal information.
  • Opt-Out: You may opt out of "sharing" or "selling" of personal information (we do not engage in either).
  • Non-Discrimination: We will not treat you differently for exercising your privacy rights.

To exercise your rights, contact: [email protected]. You may also designate an authorized agent to make a request on your behalf.

7. Data Retention

We retain personal information as long as reasonably necessary to:

  • Provide the Services and maintain user accounts.
  • Fulfill legal, contractual, or regulatory obligations.
  • Support anonymized research and platform development.

When no longer needed, we will securely delete or de-identify your data.

8. Cross-Border Transfers

If you are outside the United States, your data may be transferred to and processed in the U.S., where data protection laws may differ. For EU/EEA users, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) to legitimize these transfers.

9. Data Security

We implement technical and organizational security measures, including:

  • Encryption of sensitive health data in transit and at rest.
  • Secure authentication and access controls.
  • Regular security reviews and monitoring.

Despite these efforts, no method of transmission or storage is 100% secure. You use the Services at your own risk.

10. Children's Privacy

Our Services are not directed to children under 18. We do not knowingly collect personal data from minors. If you believe a child has submitted data to us, please contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email, in-app notice, or on our website. Continued use of the Services after updates constitutes acceptance.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Email: [email protected]