Draft — pending law-team review (E4-T6b). Not legal advice.

← Back to home

Consumer Health Data Privacy Notice

This is a separate, dedicated notice for consumer health data, provided to satisfy the Washington My Health My Data Act (RCW 19.373) and to address comparable consumer-health-data requirements in other states. It is intentionally kept separate from our Privacy Policy and contains no marketing content. Where this Notice and the Privacy Policy differ as to consumer health data, this Notice controls.

Effective date: _to be set on counsel sign-off_

1. What "consumer health data" means

"Consumer health data" is personal information that is linked or reasonably linkable to you and that identifies your or your loved one's past, present, or future physical or mental health status — including information derived or inferred from other data. We treat the health-related information you provide through Aging Sidekick as consumer health data.

2. Categories of consumer health data we collect

Depending on how you use Aging Sidekick, this may include:

  • conditions, diagnoses, and symptoms you choose to share about yourself or your

loved one;

  • medications and treatments you record;
  • information in documents, audio, or photos you upload (for example a hospital

discharge summary, a visit recording, or a photo of a medication) and the analysis we generate from them;

  • responses to assessment templates and the content of Life Plans;
  • voice-intake audio and transcripts, and messages to the AI assistant, to the

extent they describe health status;

  • information we infer from the above (for example an organized summary of the

care situation).

3. Sources

We collect consumer health data from you — what you type, say, upload, or generate while using the Service. We do not purchase consumer health data and do not collect it from data brokers.

4. How we use consumer health data

We use consumer health data only to provide the Service you ask for: to operate voice intake, assessments, Life Plans, document/audio/photo analysis, and the AI assistant, and to generate the summaries, organized plans, and prepared questions you request; to provide support; to maintain security and prevent abuse; and to comply with law. We do not use consumer health data to train AI models, and we do not use it for advertising.

5. How we share consumer health data, and with whom

We share consumer health data only with processors/service providers acting on our instructions under contract to run the Service — for example authentication, cloud hosting and storage, the AI/large-language-model and speech-to-text providers that power voice intake and the assistant, and email delivery. We may also disclose it when you direct us to, or where required by law or to protect safety. We do not otherwise share it.

6. We do not sell consumer health data

We do not sell consumer health data. We will not sell it. Should that ever change, the law requires a separate, valid written authorization from you that meets the statutory requirements, and we will not sell your consumer health data unless you provide one.

7. Consent

We collect and process consumer health data based on your opt-in consent, obtained before collection and separate from other terms. Any sharing beyond the service-provider processing needed to deliver the Service requires separate opt-in consent. We do not condition use of unrelated parts of the Service on your consent beyond what is necessary to provide the feature you choose.

8. Your rights

For consumer health data, you have the right to:

  • confirm and access the consumer health data we have collected about you;
  • obtain a list of the third parties with whom we have shared it;
  • withdraw consent to our collection and sharing of it;
  • delete it. When you ask us to delete it, we will delete it from our

records and direct our processors to do the same, subject to narrow legal exceptions.

You may also use one-click export (PDF and JSON) and one-click delete in the Service.

9. How to exercise your rights, and authorized agents

To exercise any right above, contact us using the channel in Section 13. We will verify your identity before responding and will respond within the timeframe the law requires. You may use an authorized agent to make a request on your behalf.

10. Appeals

If we decline a request, we will explain why and tell you how to appeal. If an appeal is denied, we will tell you how to contact the relevant state Attorney General.

11. Retention and deletion

We keep consumer health data only as long as needed to provide the Service or as required by law. When you withdraw consent or request deletion, we delete the data from active systems within a defined period and remove it from backups on our normal backup cycle, except for narrow legally required retention.

12. Security

We protect consumer health data with safeguards designed for its sensitivity: encrypted in transit and at rest, access-controlled, and never sold. Access is restricted to personnel and processors who need it to provide the Service.

13. Contact

To exercise your rights or ask about this Notice:

14. Changes to this Notice

If we make a material change to how we collect, use, or share consumer health data, we will post an updated Notice and obtain new opt-in consent where the law requires it before applying the change to previously collected data.