# HealthGeek Privacy Policy
**Last Updated: January 2025**
This Privacy Policy describes how Betterlife Pte Ltd ("Betterlife," "we," "us," or "our") collects, uses, shares, and protects your personal information when you use the HealthGeek mobile application, website, and related services (collectively, the "Platform").
We are committed to protecting your privacy. We do not sell your personal data. We only share your health information with service providers who help us operate the Platform, as required by law, or with your consent—as described in detail in Section 3 below.
---
## 1. INFORMATION WE COLLECT
### 1.1 Information You Provide
When you create an account or use our Platform, you may provide us with:
**Account Information**
- Name and email address
- Password or authentication credentials
- Profile photo (optional)
- Date of birth, gender, height, and weight
**Health and Wellness Information**
- Health goals and preferences
- Medical conditions or limitations you choose to share
- Subjective wellness inputs (e.g., energy levels, mood, stress ratings)
- Responses to wellness questionnaires
**Payment Information**
- Subscription purchases are processed through Apple App Store or Google Play Store. We do not directly collect or store your payment card information.
**Communications**
- Messages you send to our support team
- Feedback, surveys, and reviews you provide
### 1.2 Information from Health Platforms
With your explicit permission, we collect health and fitness data from:
**Apple HealthKit** (iOS)
- Sleep data (duration, stages, quality metrics)
- Activity data (steps, distance, workouts, calories burned)
- Heart rate and heart rate variability (HRV)
- Resting heart rate
- Respiratory rate
- Blood oxygen saturation (SpO2)
- Body measurements
**Google Health Connect** (Android)
- Sleep data (duration, stages)
- Activity data (steps, distance, workouts, calories)
- Heart rate and heart rate variability
- Respiratory rate
- Body measurements
We only access the specific data types you authorize. You can modify these permissions at any time through your device settings.
### 1.3 Information Collected Automatically
When you use our Platform, we automatically collect:
**Device Information**
- Device type, model, and operating system version
- Unique device identifiers
- App version
**Usage Information**
- Features you use and actions you take
- Time, frequency, and duration of use
- Crash reports and performance data
**Log Data**
- IP address
- Access times
- Pages viewed and links clicked
### 1.4 Information from AI Interactions
When you use our AI-powered features:
- Prompts and questions you submit to the AI
- AI-generated responses and insights
- Your interactions with AI recommendations (e.g., marking as helpful)
---
## 2. HOW WE USE YOUR INFORMATION
We use your information for the following purposes:
### 2.1 Providing Our Services
- Creating and managing your account
- Analyzing your health data to generate personalized insights
- Providing AI-powered wellness recommendations
- Calculating readiness scores, sleep analysis, and activity metrics
- Syncing data across your devices
### 2.2 AI Processing
- Processing your health data through our AI systems to generate insights
- Identifying trends and patterns in your wellness data
- Improving AI recommendations through prompt engineering and system configuration (not model training)
**Important - AI Model Training Distinction**:
- **What we DO**: We use your data to generate personalized insights for you. We may improve how we prompt or configure AI systems based on aggregated, anonymized usage patterns.
- **What we DO NOT do**: We do not use your individual health data to train, fine-tune, or modify AI model weights unless you explicitly opt in to a research or improvement program.
- **Third-party AI providers**: Our AI service providers have their own data usage policies. We use commercial API services that do not use customer data for model training by default.
### 2.3 Improving Our Services
- Understanding how users interact with our Platform
- Diagnosing technical issues and bugs
- Developing new features and improvements
- Conducting research and analytics (using aggregated, anonymized data)
### 2.4 Communications
- Sending service-related notifications (e.g., subscription updates, security alerts)
- Responding to your inquiries and support requests
- Sending marketing communications (with your consent, where required)
### 2.5 Safety and Compliance
- Detecting and preventing fraud, abuse, and security incidents
- Complying with legal obligations
- Enforcing our Terms of Use
---
## 3. HOW WE SHARE YOUR INFORMATION
**We do not sell your personal data.** We do not share your health information for advertising purposes.
We may share your information only in the following circumstances:
### 3.1 Service Providers
We work with trusted third-party service providers who assist us in operating our Platform, including:
- Cloud hosting and data storage providers
- AI and machine learning service providers (for generating insights)
- Analytics providers
- Customer support tools
- Email and notification services
These providers are contractually obligated to protect your data and may only use it to provide services to us.
### 3.2 AI Processing Partners
To provide AI-generated insights, certain data may be processed by third-party AI service providers. When this occurs:
- We minimize the personal data shared
- Data is transmitted securely using encryption
- Providers are prohibited from using your data for their own purposes
- Providers are bound by strict confidentiality obligations
### 3.3 Third-Party Integrations
If you choose to connect your HealthGeek account with third-party apps or services (e.g., fitness apps, social platforms), we may share data as you direct. These integrations are governed by the third party's privacy policy.
### 3.4 Legal Requirements
We may disclose your information if required to do so by law or in response to:
- Valid legal process (court orders, subpoenas)
- Government requests
- Protection of our rights, property, or safety
- Prevention of fraud or illegal activity
### 3.5 Business Transfers
If Betterlife is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the successor entity. We will notify you of any such change and any choices you may have.
### 3.6 With Your Consent
We may share your information for other purposes with your explicit consent.
---
## 4. DATA STORAGE AND SECURITY
### 4.1 Where We Store and Process Data
**On-Device Processing:**
- Health metrics calculations (e.g., readiness scores, sleep quality) are computed locally on your device where possible
- HealthKit/Health Connect data is accessed directly from your device
**Cloud Processing (Required for AI Features):**
- To generate AI-powered insights and recommendations, your health data must be transmitted to our servers and third-party AI service providers
- This transmission is necessary because AI/LLM processing cannot be performed locally on your device
- Data sent for AI processing is encrypted in transit and is not permanently stored by AI providers under our contractual agreements
**Cloud Storage:**
- Account information (name, email, preferences) is stored on our servers
- Historical health summaries may be stored to enable trend analysis
- Our servers are located in Singapore and the United States
**Important for App Store Privacy Labels:** We "collect" health data in the sense that it leaves your device for AI processing. This is disclosed in App Store privacy labels as data collection for "App Functionality" and "Product Personalization."
### 4.2 Security Measures
We implement industry-standard security measures to protect your data:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure authentication mechanisms
- Regular security assessments and audits
- Access controls limiting employee access to personal data
- Incident response procedures
### 4.3 Your Responsibilities
You are responsible for:
- Keeping your login credentials secure
- Using a strong, unique password
- Logging out of shared devices
- Keeping your device's operating system updated
---
## 5. DATA RETENTION
We retain your personal data for as long as necessary to:
- Provide our services to you
- Comply with legal obligations
- Resolve disputes and enforce agreements
**Retention Periods**:
- **Account Data**: Retained while your account is active and for up to 3 years after deletion for legal compliance
- **Health Data**: Retained while your account is active; deleted within 30 days of account deletion (unless legally required)
- **AI Interaction Logs**: Your prompts and AI responses are retained for up to 90 days for service quality and troubleshooting, then deleted or anonymized. Note: If your AI prompts contain health information, this health-related content is subject to the same 30-day deletion timeline as other health data upon account deletion. The 90-day period applies only to active accounts.
- **Analytics Data**: Aggregated and anonymized data may be retained indefinitely
---
## 6. YOUR RIGHTS AND CHOICES
Depending on your location, you may have the following rights:
### 6.1 Access and Portability
You can request a copy of your personal data in a portable format.
### 6.2 Correction
You can update or correct inaccurate personal data through your account settings or by contacting us.
### 6.3 Deletion
You can request deletion of your personal data. We will delete your data unless we are required to retain it for legal purposes.
### 6.4 Restriction and Objection
You may request that we restrict processing of your data or object to certain processing activities.
### 6.5 Withdraw Consent
Where processing is based on consent, you can withdraw your consent at any time.
### 6.6 Opt-Out of Marketing
You can opt out of marketing communications by:
- Using the unsubscribe link in emails
- Adjusting notification settings in the app
- Contacting us at [aki@healthzilla.ai](mailto:aki@healthzilla.ai)
### 6.7 Health Platform Permissions
You can revoke access to HealthKit or Health Connect data at any time through your device settings:
- **iOS**: Settings > Privacy & Security > Health > HealthGeek
- **Android**: Settings > Privacy > Health Connect > HealthGeek
### 6.8 Exercising Your Rights
To exercise your rights, contact us at [aki@healthzilla.ai](mailto:aki@healthzilla.ai). We will respond within the timeframe required by applicable law (typically 30 days).
---
## 7. REGION-SPECIFIC DISCLOSURES
### 7.1 European Economic Area (EEA) and United Kingdom
If you are in the EEA or UK, the General Data Protection Regulation (GDPR) applies to you.
**Legal Basis for Processing**:
- **Contract**: Processing necessary to provide our services to you
- **Consent**: Processing based on your explicit consent (e.g., health data, marketing)
- **Legitimate Interests**: Processing for business purposes that do not override your rights
- **Legal Obligation**: Processing required by law
**Data Transfers**: When we transfer data outside the EEA/UK, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.
**Data Protection Officer**: For GDPR-related inquiries, contact: [aki@healthzilla.ai](mailto:aki@healthzilla.ai)
**Supervisory Authority**: You have the right to lodge a complaint with your local data protection authority.
### 7.2 California (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide additional rights.
**Categories of Personal Information Collected** (in the past 12 months):
| Category | Examples | Collected? |
|----------|----------|------------|
| Identifiers | Name, email, IP address, device ID | Yes |
| Personal Information (Cal. Civ. Code § 1798.80(e)) | Name, account information | Yes |
| Protected Classifications | Age, gender | Yes |
| Commercial Information | Subscription purchase history | Yes |
| Internet/Network Activity | App usage, feature interactions | Yes |
| Geolocation Data | Country/region from IP address (not precise GPS) | Limited |
| Sensory Data | Profile photo (optional) | Limited |
| Professional/Employment | N/A | No |
| Education Information | N/A | No |
| Inferences | Wellness insights, readiness scores | Yes |
| Sensitive Personal Information | Health data from HealthKit/Health Connect | Yes (with consent) |
**Your California Rights**:
- **Know**: Request disclosure of data collected about you
- **Delete**: Request deletion of your data
- **Correct**: Request correction of inaccurate data
- **Opt-Out of Sale/Sharing**: We do not sell or share your data for cross-context behavioral advertising
- **Limit Use of Sensitive Data**: Request limits on use of sensitive personal information
- **Non-Discrimination**: We will not discriminate against you for exercising your rights
**To Exercise Your Rights**: You may submit a request through any of the following methods:
- **Email**: [aki@healthzilla.ai](mailto:aki@healthzilla.ai)
- **In-App**: Use the "Privacy Request" feature in Settings (when available)
- **Mail**: Betterlife Pte Ltd, [Address - see Section 13]
We will verify your identity before processing your request. Verification may require you to confirm account details or provide additional information. We will respond within 45 days as required by law.
### 7.3 Singapore (PDPA)
If you are in Singapore, the Personal Data Protection Act (PDPA) applies to you.
We collect, use, and disclose your personal data in accordance with the PDPA. You may:
- Access your personal data
- Correct inaccurate data
- Withdraw consent for data collection/use
**Data Protection Officer**: [aki@healthzilla.ai](mailto:aki@healthzilla.ai)
### 7.4 Other Jurisdictions
We comply with applicable privacy laws in the jurisdictions where we operate. If you have questions about your rights under local law, please contact us.
---
## 8. CHILDREN'S PRIVACY
**Age Requirements:**
- Our Platform is not intended for children under the age of **13**. We do not knowingly collect personal information from children under 13.
- Users between **13 and 18** may only use the Platform with parental or guardian consent and supervision, as described in our Terms of Use.
- In the **European Economic Area (EEA)**, users must be at least **16 years old**, or have verifiable parental consent.
If you believe a child has provided us with personal information without appropriate consent, please contact us at [aki@healthzilla.ai](mailto:aki@healthzilla.ai), and we will promptly delete such information.
---
## 9. THIRD-PARTY LINKS AND SERVICES
Our Platform may contain links to third-party websites, apps, or services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before providing any personal information.
---
## 10. COOKIES AND TRACKING TECHNOLOGIES
### 10.1 Website Cookies
When you visit our website, we may use cookies and similar technologies to:
- Remember your preferences
- Understand how you use our website
- Improve our services
- Provide relevant content
**Types of Cookies**:
- **Essential**: Required for basic website functionality
- **Analytics**: Help us understand usage patterns
- **Preferences**: Remember your settings and choices
### 10.2 Managing Cookies
You can manage cookies through your browser settings. Note that disabling cookies may affect website functionality.
### 10.3 Mobile Analytics
Our app uses analytics tools to understand app usage. You can limit tracking through your device settings:
- **iOS**: Settings > Privacy & Security > Tracking
- **Android**: Settings > Privacy > Ads
---
## 11. DO NOT TRACK
Some browsers offer a "Do Not Track" (DNT) feature. We do not currently respond to DNT signals, as there is no industry standard for compliance.
---
## 12. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top
- Notify you through the app, by email, or other prominent means
- Where required by law, obtain your consent
We encourage you to review this Privacy Policy periodically.
---
## 13. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
**Betterlife Pte Ltd**
- **General Inquiries**: [aki@healthzilla.ai](mailto:aki@healthzilla.ai)
- **Privacy Inquiries**: [aki@healthzilla.ai](mailto:aki@healthzilla.ai)
- **Data Protection Officer**: [aki@healthzilla.ai](mailto:aki@healthzilla.ai)
**Mailing Address**:
Betterlife Pte Ltd
160 Robinson Road, #14-04
Singapore Business Federation Center
Singapore 068914
**EU/EEA Representative** (for GDPR inquiries):
Betterlife Oy
Finland
Contact: [aki@healthzilla.ai](mailto:aki@healthzilla.ai)
---
## 14. ADDITIONAL INFORMATION FOR HEALTH DATA
### 14.1 Apple HealthKit and Google Health Connect Compliance
**Required Disclosures for HealthKit (per Apple App Store Guidelines):**
We access HealthKit data solely to provide you with personalized health insights. In compliance with Apple's requirements:
- We **do not** use HealthKit data for advertising or marketing purposes
- We **do not** sell HealthKit data to advertising platforms, data brokers, or information resellers
- We **do not** use HealthKit data for purposes unrelated to improving your health or health research (with your consent)
- We **do not** disclose HealthKit data to third parties without your express permission, except as required to provide core app functionality (AI processing) or as required by law
**Required Disclosures for Health Connect (per Google Play Guidelines):**
We access Health Connect data solely to provide you with personalized health insights. In compliance with Google's requirements:
- We only request access to data types necessary for the app's core functionality
- We provide clear disclosure of how health data is used
- We do not use Health Connect data for advertising purposes
### 14.2 Consumer Health Data Protections
We recognize the sensitive nature of health data. In addition to the protections described above:
- **No Sale**: We do not sell your health data to any third party
- **No Advertising**: We do not use your health data for advertising, marketing, or to serve you targeted ads
- **Consent Required**: We obtain your explicit consent before accessing health data from HealthKit or Health Connect
- **Purpose Limitation**: We only use health data to provide the health and wellness features you requested
- **Minimal Sharing**: Health data is only shared with AI service providers as necessary to generate insights, under strict contractual protections
### 14.3 AI and Your Health Data
When you use AI features:
- Your health data is transmitted to AI systems to generate personalized insights
- We do not use your individual health data to train AI models without explicit opt-in consent
- AI-generated insights are for informational purposes only and do not constitute medical advice
- You can delete your AI interaction history through account settings
### 14.4 Health Data Rights
You have the right to:
- Withdraw consent for health data collection at any time via device settings
- Request deletion of your health data
- Request confirmation of what health data we have collected
- Request a copy of your health data in a portable format
To exercise these rights, contact [aki@healthzilla.ai](mailto:aki@healthzilla.ai).
---
*This Privacy Policy is effective as of January 2025.*