# MyLifeHealth Privacy Policy
**Effective Date:** [April 5th, 2025]
**Last Updated:** [April 5th, 2025]
## 1. Introduction
Welcome to MyLifeHealth (the "**Service**," "**we**," "**us**," or "**our**"). We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard information from users ("**you**" or "**user**") when you visit our website or use our app.
### Consumer-Focused Health Platform
MyLifeHealth provides consumer-facing tools that allow users to track their personal health information and access general health-related advice from a chatbot ("**LLM**"). **We are not a covered entity under HIPAA**, nor do we act as a Business Associate to any covered entity. However, we recognize that some of the data you enter may be considered Protected Health Information ("PHI") if it can be used to identify you along with your health details. We store such data securely in our private database but do not share it directly with any non-HIPAA-compliant third parties.
---
## 2. Information We Collect
### 2.1 User-Entered Data (Including PHI)
- **Personal Health Information (PHI)**: You may voluntarily enter information about your health, including symptoms, conditions, medications, or other sensitive details, into your MyLifeHealth profile.
- **Identifying Details**: You may also provide your name, email address, or other contact information to manage your account.
> **Important**: By using our Service, you acknowledge that you may enter PHI, and you understand that MyLifeHealth is a consumer-facing platform **not** subject to the HIPAA requirements that apply to covered entities. Nevertheless, we handle your data responsibly with technical and administrative safeguards.
### 2.2 Automatically Collected Data
- **Usage & Device Data**: We may collect information about how you access and interact with the Service (e.g., device type, browser version, pages visited, time spent) to improve user experience.
- **Cookies & Analytics**: We may use cookies, pixels, or similar technologies to track and store usage data. This helps us analyze trends and better understand how users engage with MyLifeHealth.
---
## 3. How We Use Your Information
1. **Storing PHI Securely**
- We store any health information or PHI you provide in a secure database. This allows you to view, manage, and track your personal health over time.
2. **Chatbot Services (LLM)**
- When you use our chatbot feature, we **do not** send your full PHI to the LLM provider.
- Instead, we only send **de-identified or aggregated data** as needed to generate generalized health-related insights or information. This means that personal identifiers (e.g., name, date of birth, address, etc.) are removed or masked, so they are not accessible to the LLM provider.
3. **General Health Tips & Guidance**
- The chatbot is designed to offer general health information **only** and is **not** a substitute for professional medical advice.
4. **Service Improvements & Analytics**
- We use aggregated or anonymized data to enhance app functionality, conduct analytics, and improve the user experience.
- We do not sell or rent your personal or health data to third parties.
5. **Legal & Regulatory Compliance**
- We may use or disclose your information as required by law or if we believe it is necessary to comply with a legal obligation, protect our rights, or ensure the safety of our users.
---
## 4. Sharing Your Information
1. **Third-Party Service Providers**
- We may share **de-identified** information with third-party services (e.g., cloud hosting, analytics).
- These providers only have access to information necessary to perform tasks on our behalf and are contractually obligated to protect your data.
2. **Chat LLM Provider**
- The LLM chatbot integration receives **only de-identified or aggregated data**.
- This ensures that no personally identifiable information or direct PHI is exposed to the LLM.
3. **Business Transfers**
- If MyLifeHealth is involved in a merger, acquisition, or asset sale, your data may be transferred. We will notify users via a prominent notice on our Service if such a transfer occurs.
4. **Legal Requirements**
- We may disclose your data if required to do so by law, court order, or regulatory authority.
---
## 5. Data Retention & Security
1. **Retention of PHI**
- We store your PHI as long as your account remains active, or as needed to provide the Service.
- If you delete your account, we will make reasonable efforts to securely remove or anonymize your personal information.
2. **Security Measures**
- We implement commercially reasonable measures (e.g., encryption in transit, secure servers, access controls) to protect your data.
- No transmission or storage method is 100% secure, and we cannot guarantee absolute security.
3. **De-Identification Practices**
- Before sending any health-related input to our chatbot partner, we remove or transform identifiers to ensure that the data can no longer be used to identify you personally.
---
## 6. FTC Health Breach Notification Rule
Since we are a direct-to-consumer health app, we may be subject to the [FTC Health Breach Notification Rule](https://www.ftc.gov/enforcement/statutes/health-breach-notification-rule). In the event of a security breach involving your identifiable health information, we will notify you and any required authorities as mandated by law.
---
## 7. Children’s Privacy
Our Service is not directed at individuals under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect or store personal information from children. If you believe your child has provided us with personal data, please contact us so we can promptly delete it.
---
## 8. International Users (If Applicable)
If you access MyLifeHealth from outside the United States, you acknowledge that your data may be transferred to and stored on servers located in the United States. Data protection laws may differ in your jurisdiction, but we maintain commercially reasonable safeguards wherever we process data.
---
## 9. Your Choices & Rights
1. **Access & Correction**
- You can log in to your account to view or correct personal details. If you need additional help, contact us at [Your Contact Email].
2. **Data Deletion**
- You may request deletion of your account or personal data at any time by contacting us. We will take reasonable steps to remove or anonymize your data, except where legally required to retain it.
3. **Marketing Communications**
- If you receive marketing emails from us, you can opt out via the “unsubscribe” link or by contacting us directly.
---
## 10. Updates to This Privacy Policy
We may update or modify this Privacy Policy from time to time. When we make changes, we will revise the “Last Updated” date at the top of this document. If material changes affect how we handle PHI, we will provide additional notice (e.g., via a prompt in the app or on our website).
---
## 11. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
At MyLifeHealth, accessible from http://www.mylifehealh.org, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by MyLifeHealth and how we use it.
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.
MyLifeHealth follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.
Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on MyLifeHealth, which are sent directly to users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see
on websites that you visit.
Note that MyLifeHealth has no access to or control over these cookies that are used by third-party advertisers.
MyLifeHealth's Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options. You may find a complete list of these Privacy Policies and their links here: Privacy Policy Links.
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites. What Are Cookies?
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
MyLifeHealth does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
This Privacy Policy applies only to our online activities and is valid for visitors to our website or in use of our mobile app with regards to the information that they shared and/or collect in MyLifeHealth. This policy is not applicable to any information collected offline or via channels other than this website or our mobile app..
By using our website and/or mobile app, you hereby consent to our Privacy Policy and agree to its Terms and Conditions.