Innovative Wellness ("we," "our," or "us") operates the Innovative Wellness mobile application, the Provider Portal, and our static web pages (collectively, the "Service"). This Privacy Policy explains what information we collect, how we use it, who we share it with, how long we keep it, and the choices you have. By using the Service, you agree to the practices described here and in our Terms of Service.
When you create an account, we collect your email address and the name you provide. If you sign in with Google or Apple, we receive your name and email from those services. If you use Apple's "Hide My Email" feature, we receive only the anonymized relay address, and you remain identifiable to us only via Apple's anonymized identifier.
You may voluntarily log health metrics including weight, body composition, lean mass, glucose, cholesterol, inflammation markers, hormones, sleep, stress, mobility, nutrition, workouts, and vital signs. All such data is manually entered by you. We do not read data from Apple HealthKit, Google Health, or any wearable device.
If you are a member of a partner clinic and a clinic provider writes a visit note for you through the Provider Portal, that note (visit type, visit date, free-text body, and the authoring provider's identity) is stored on our servers and is visible to you in the Service. See Section 9 for full details on the Provider Portal.
We may collect device type, operating system version, app version, language, and timezone for troubleshooting and analytics. If error monitoring is enabled, we collect crash stack traces and limited diagnostic context via Sentry. If product analytics is enabled, we collect anonymized event data via PostHog. You can opt out of analytics in Profile → Settings.
Every time a provider opens a patient record, and every time a provider creates or modifies a visit note, we record the action in an immutable audit log (acting user, target patient, action type, resource type and identifier, timestamp). This is required by our HIPAA-conscious posture and is retained on the schedule in Section 6.
If you contact us by email, we retain your message and contact details so we can respond and improve support.
| Category | Examples | Linked to you? |
|---|---|---|
| Contact Info | Email, name | Yes |
| Health & Fitness | Weight, sleep, vitals, all user-entered logs | Yes |
| User Content | Provider visit notes, profile fields | Yes |
| Identifiers | User ID (Supabase UUID) | Yes |
| Diagnostics | Crash data (Sentry), product interaction (PostHog) | No — anonymized |
We do not collect: precise location, photos & videos, contacts, browsing history, search history, financial info, purchases, audio data, or third-party advertising identifiers.
We do not use your data for behavioral advertising, do not sell it, and do not share it with advertising networks.
Your data is stored locally on your device (using AsyncStorage for app state and the iOS Keychain via expo-secure-store for authentication tokens). If you have enabled cloud sync, your data is also stored in our cloud database hosted by Supabase (servers in the United States).
Specifically:
No system is perfectly secure. While we take industry-standard precautions, we cannot guarantee absolute security. We will notify you of any data breach affecting your information as required by applicable law.
We do not sell, rent, or trade your personal information. We share data only in the following circumstances:
We process your personal information based on:
We use your information only for the purposes described in this policy and do not repurpose it without notifying you and obtaining consent where required.
We retain different categories of data for different periods. The schedule below summarizes our default retention practices. Where local law requires shorter or longer retention, the legal requirement controls. This schedule mirrors Section 6 of our Terms of Service.
| Category | Retention | Notes |
|---|---|---|
| Account profile | While active + 30 days | Deleted within 30 days of account deletion request |
| Wellness logs (weight, sleep, vitals, etc.) | While active + 30 days | Soft-deleted on request; hard-deleted within 30 days |
| Provider visit notes | While active + 30 days | Removed when the patient account is deleted |
| HIPAA audit log | 6 years from event date | Retained per 45 CFR §164.530(j) regardless of account status |
| Authentication logs (sign-in, password reset) | 13 months | Security incident response and abuse detection |
| Error reports (Sentry, where enabled) | 90 days | Stripped of personal data before storage |
| Product analytics (PostHog, where enabled) | 13 months | Anonymized; you may opt out via Profile settings |
| Email correspondence | 24 months | Support ticket history; auto-purged thereafter |
When you delete your account from Profile → Delete Account, we initiate deletion of your account and personal data from production systems within 30 days. Backups are overwritten on a rolling basis and the data is unrecoverable from backup within an additional 60 days. The HIPAA audit log is retained as required by federal regulation, but with your personally identifying information replaced by a hash so the trail remains intact without exposing identity.
Depending on where you live, you may have additional rights regarding your personal information. We honor the rights below for all U.S. users regardless of state of residence; legal residents of the states named have the additional, legally enforceable rights described.
If you are a California resident, the California Consumer Privacy Act as amended ("CCPA") gives you the right to (a) know what categories of personal information we collect and the purposes; (b) request access to and a copy of your personal information; (c) request deletion of your personal information; (d) correct inaccurate personal information; (e) opt out of any "sale" or "sharing" for cross-context behavioral advertising; (f) limit use of sensitive personal information; and (g) not be discriminated against for exercising any of these rights.
We do not sell your personal information within the meaning of the CCPA, and we do not share it for cross-context behavioral advertising. The categories of personal information we collect, the sources, the purposes, and our retention practices are described in Sections 1, 2, 4, and 6 of this policy.
To exercise any CCPA right, email privacy@innovativewellness.app with the subject line "CCPA Request" — or use the Profile → Delete Account flow for deletion. We may need to verify your identity before fulfilling the request. You may also authorize an agent to make a request on your behalf in accordance with CCPA rules.
Residents of Virginia, Colorado, Connecticut, Utah, Texas, and other states with similar consumer-privacy statutes have rights substantially similar to the CCPA rights above, including access, deletion, correction, and (where applicable) opt-out of targeted advertising or profiling that has a legal effect. Submit requests to privacy@innovativewellness.app with the subject "State Privacy Request" and your state of residence. We will respond within the timeframe required by the applicable statute (typically 45 days).
If we deny your request, you may appeal by replying to our denial with the subject "Privacy Appeal." If the appeal is denied, residents of certain states may contact their state attorney general's office to file a complaint.
Health and wellness data you log is treated as sensitive personal information under California law. We use it only for the purposes described in Section 2 (providing the Service) and do not use it for advertising or inferences for any other purpose. You may direct us to limit our use of sensitive personal information by emailing the address above.
The Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are under 13, do not create an account or submit any information to the Service.
For users between 13 and the age of majority (typically 18), a parent or legal guardian must read these Terms and consent to the use of the Service on the minor's behalf, and remains responsible for that use.
If you are a parent or guardian and you believe a child under 13 has provided personal information to the Service, please contact us immediately at privacy@innovativewellness.app. We will take prompt steps to delete the account and any associated information from our systems, consistent with the Children's Online Privacy Protection Act ("COPPA") and FTC guidance.
If we become aware that we have inadvertently collected personal information from a child under 13 without verified parental consent, we will delete that information as soon as practicable.
The Service includes a Provider Portal, a role-gated interface available only to clinic staff whose accounts have been designated as a provider or admin by their clinic administrator. Provider designation is performed by an authorized clinic administrator in our backend and is not available through self-service signup.
Providers see only patients within their own clinic, enforced by Postgres row-level security at the database layer. For each patient, the provider can view the patient's profile (name, email, age, sex, height, stated goal), their recent wellness-log entries, and the history of visit notes written for that patient by any provider in the same clinic. Providers cannot edit or delete data the patient entered themselves.
Providers may create new clinical visit notes through the Add Visit Note screen. Each note records the patient, the authoring provider, a visit date, a visit type, and a free-text body.
Visit notes are visible to the patient. By default, every visit note a provider writes appears in the patient's app under "Notes From Your Provider" on the Insights screen. Providers should write notes in patient-friendly language. Clinic-internal observations should be recorded in the clinic's primary electronic health record instead, not in this app.
Every provider record-access and every provider note write is recorded in our immutable audit log with the acting provider's identity, the patient's identity, the action type, the resource type and identifier, and a timestamp. Audit-log records are retained for 6 years from event date as required by 45 CFR §164.530(j), and may be inspected by your clinic's administrators.
If your clinic has entered into a written Business Associate Agreement ("BAA") with us, the Service operates as a Business Associate under HIPAA with respect to patient data created or stored in the clinic's instance, and we comply with the HIPAA Security Rule and applicable Privacy Rule provisions. If your clinic has not entered into a BAA, the Service is a consumer wellness product and the data you input is not classified as Protected Health Information ("PHI") under HIPAA. We nonetheless apply HIPAA-conscious design — row-level security, audit logs, soft deletes on clinical records, and encrypted transit and storage — for all users.
If you do not want any provider notes to appear in your app, you may delete your account at any time from Profile → Delete Account; this removes all provider notes addressed to you. You may also contact your clinic directly to be removed from the Provider Portal roster.
The iOS app does not use cookies. Authentication tokens for the mobile app are stored locally in the iOS Keychain via expo-secure-store; cached app state is stored in AsyncStorage. Neither is shared with third parties.
Our static web pages (this Privacy Policy and the Terms of Service at innovative-wellness-xw7i.vercel.app) are hosted on Vercel. Vercel may set strictly-necessary cookies for CDN and security functions; these are not used for advertising or cross-site tracking, and you cannot disable them without breaking the site. We do not set analytics or marketing cookies on the static legal pages.
If we later launch a full web application, we will update this section and present a cookie banner consistent with applicable law before any non-strictly-necessary cookies are set.
The Service is operated from the United States, and our service providers store data in the United States. By using the Service from outside the U.S., you understand and consent to the transfer of your information to, and processing in, the United States, which may have data-protection laws different from those of your country.
If you are in the European Economic Area, United Kingdom, or Switzerland, you may have additional rights under the General Data Protection Regulation ("GDPR") and similar laws, including the right to lodge a complaint with your local data protection authority. To exercise GDPR rights, email privacy@innovativewellness.app.
We may update this Privacy Policy from time to time. If we make material changes, we will provide notice through the Service or by email to the address on file at least 14 days before the changes take effect, unless the change is required for legal or security reasons. Your continued use of the Service after the effective date constitutes acceptance of the updated policy. If you do not agree, you must stop using the Service and may delete your account.