/home/u618079740/domains/agencyfbinternational.com/public_html/tjwright573/wp-content/mu-plugins Consumer Health Data Privacy Policy – tjwright573
Consumer Health Data Privacy Policy - Entropy Lifestyle

Consumer Health Data Privacy Policy

Supplemental Privacy Notice for Health Information

Last Updated: January 6, 2026 | Effective Date: January 6, 2026

This Consumer Health Data Privacy Policy supplements our Privacy Policy and provides additional information about how KPMS3 LLC, operating as Entropy Lifestyle, collects, uses, and protects your consumer health data as required by state laws including the Washington My Health My Data Act, Nevada's Consumer Health Data Privacy Law, and similar state regulations.

1. What is Consumer Health Data?

Under applicable state laws, "consumer health data" includes personal information that is linked or reasonably linkable to a consumer and that identifies past, present, or future physical or mental health status. This includes:

  • Health Conditions: Information relating to individual health conditions, status, diseases, or diagnoses
  • Health Interventions: Social, psychological, behavioral, and medical interventions
  • Health-Related Surgeries or Procedures: Past or scheduled procedures
  • Bodily Functions: Information about bodily functions, vital signs, or symptoms
  • Diagnoses: Health diagnoses or diagnostic testing
  • Treatments: Treatment or medication information
  • Biometric Data: Data generated from measurements of the body used to identify an individual
  • Genetic Data: Information about genetic characteristics
  • Health-Related Inferences: Inferences derived from other data that relate to health
For Entropy Lifestyle Users: Consumer health data we may process includes sleep metrics, heart rate variability (HRV), recovery scores, activity/strain data, and wellness-related information you provide or that we receive from connected health platforms (Apple Health, Health Connect) and wearable devices (WHOOP, Oura Ring).

2. Categories of Consumer Health Data We Collect

Category Examples Source
Sleep Data Sleep duration, sleep stages (REM, deep, light), sleep efficiency, sleep consistency, sleep start/end times WHOOP, Oura Ring, Apple Health, Health Connect
Recovery Metrics Recovery score, readiness score, wellbeing score, HRV (heart rate variability), resting heart rate WHOOP, Oura Ring, Apple Health, Health Connect
Activity Data Strain score, activity level, steps, active calories, distance, active minutes, workout type WHOOP, Oura Ring, Apple Health, Health Connect
Vital Signs Heart rate (resting, average, max, min), respiratory rate, skin temperature, blood oxygen (SpO2) estimates WHOOP, Oura Ring, Apple Health, Health Connect
Heart Rate Variability HRV RMSSD, HRV SDNN WHOOP, Oura Ring, Apple Health, Health Connect
Self-Reported Wellness Energy levels, mood, stress, wellness goals, daily check-in responses User input in App
Health-Related Inferences Wellness recommendations, protocol suggestions, recovery predictions, energy curve forecasts Generated by Entropy Lifestyle

3. How We Collect Consumer Health Data

3.1 Direct Collection

  • Onboarding: When you complete our wellness questionnaire (goals, schedule, preferences)
  • Daily Check-ins: When you log energy levels, mood, or protocol feedback
  • Account Creation: When you provide profile information

3.2 Collection from Wearable Devices and Health Platforms

  • Apple Health (iOS): When you grant HealthKit permissions, we receive sleep, activity, and heart data via the Sahha SDK
  • Health Connect (Android): When you grant Health Connect permissions, we receive sleep, activity, and heart data via the Sahha SDK
  • WHOOP: When you connect your WHOOP account via OAuth, we receive sleep, recovery, and strain data
  • Oura Ring: When you connect your Oura account via OAuth, we receive sleep, readiness, and activity data

We only collect health data after you explicitly authorize the connection. You can revoke access at any time through your device settings (for Apple Health/Health Connect) or app settings (for WHOOP/Oura).

3.3 Derived/Inferred Data

  • We generate wellness recommendations and protocol suggestions based on your health data
  • We calculate trends and patterns from your historical data

4. Purposes for Collecting Consumer Health Data

We collect and use consumer health data for the following purposes:

Purpose Description
Service Delivery To provide personalized wellness protocols and recommendations based on your health status
Display Health Metrics To show you your health data, trends, and progress in the App
Schedule Optimization To recommend optimal times for wellness activities based on your recovery and energy levels
Personalization To adapt recommendations based on your feedback and historical patterns
Service Improvement To improve our protocols and features using aggregated, de-identified data
What We Do NOT Do:
  • We do NOT sell your consumer health data
  • We do NOT use your health data for advertising or marketing purposes
  • We do NOT share your health data with advertisers
  • We do NOT use health data for employment, insurance, or credit decisions

5. Third Parties with Whom We Share Consumer Health Data

We share consumer health data only with the following categories of third parties:

Category Purpose Data Shared
Database Provider (Supabase) Secure storage of your data All user data (encrypted)
Health Data Processor (Sahha) Process Apple Health / Health Connect data Health metrics from device health stores, user identifier
AI Service Providers (Anthropic, Google) Generate personalized recommendations Anonymized health indicators only (e.g., "recovery: high" not exact values)
Push Notification Provider (OneSignal) Deliver protocol reminders User ID, device token (no health data)
Legal Authorities Compliance with legal obligations As required by law

We do NOT sell consumer health data to any third party.

6. Your Rights Regarding Consumer Health Data

You Have the Right To:

  • Know: Confirm whether we are collecting, sharing, or selling your consumer health data and access the specific data we hold
  • Withdraw Consent: Withdraw your consent for the collection and sharing of your consumer health data at any time
  • Delete: Request deletion of your consumer health data
  • Non-Discrimination: Exercise your rights without discriminatory treatment

6.1 Washington State Residents

Under the Washington My Health My Data Act, you have the right to:

  • Confirm whether we are collecting, sharing, or selling your consumer health data
  • Access a list of all third parties with whom we have shared your consumer health data during the prior 12 months
  • Withdraw consent for the collection or sharing of your consumer health data
  • Request deletion of your consumer health data

6.2 Nevada Residents

Under Nevada's Consumer Health Data Privacy Law, you have similar rights including:

  • Access to your consumer health data
  • Deletion of your consumer health data
  • Restriction on sale of consumer health data (we do not sell this data)

6.3 Connecticut Residents

Under the Connecticut Data Privacy Act, you have the right to:

  • Access your personal data including health data
  • Correct inaccuracies
  • Delete your data
  • Obtain a portable copy of your data
  • Opt out of targeted advertising (we do not engage in this with health data)

7. How to Exercise Your Rights

You can exercise your consumer health data rights through the following methods:

7.1 In-App Controls

  • View Your Data: Access your health metrics in the Health tab
  • Delete Account: Profile > Privacy Settings > Delete Account
  • Disconnect Wearables: Profile > Connected Devices > Disconnect
  • Opt Out of AI: Profile > Privacy Settings > AI Processing toggle

7.2 Contact Us

You may also submit requests by contacting us:

Email: hello@entropylifestyle.com

Subject Line: Consumer Health Data Request - [Your Request Type]

Response Time: We will respond within 45 days of receiving your verified request

7.3 Verification

To protect your privacy, we will verify your identity before processing requests. We may ask you to:

  • Confirm your email address associated with your account
  • Provide information that matches our records
  • Verify through your registered device

8. Consent and Withdrawal

8.1 How We Obtain Consent

We obtain your consent to collect and process consumer health data when:

  • You create an account and agree to our Terms of Service and Privacy Policy
  • You connect a wearable device and authorize data sharing via OAuth
  • You complete onboarding questionnaires about your health and wellness

8.2 Withdrawing Consent

You may withdraw your consent at any time by:

  • Disconnecting wearable devices in the App
  • Disabling AI processing in Privacy Settings
  • Deleting your account
  • Contacting us to request data deletion

Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

9. Data Security

We implement robust security measures to protect your consumer health data:

  • Encryption in Transit: TLS 1.3 for all data transmission
  • Encryption at Rest: AES-256 encryption for stored data
  • Token Encryption: Wearable OAuth tokens are encrypted before storage
  • Access Controls: Row-level security and role-based access
  • Audit Logging: Monitoring of data access
  • SOC 2 Compliant Infrastructure: Our database provider maintains SOC 2 Type II certification

10. Data Retention

We retain consumer health data as follows:

Data Type Retention Period
Active Account Health Data Retained while your account is active (up to 2 years of history)
Wearable Data Retained while wearable is connected; deleted upon disconnection request
AI-Generated Recommendations 90 days rolling retention
Deleted Account Data Purged within 30 days of deletion request

11. Geofencing

We do not use geofencing technology to collect consumer health data or to identify consumers for the collection of consumer health data.

12. Changes to This Policy

We may update this Consumer Health Data Privacy Policy to reflect changes in our practices or applicable law. When we make material changes, we will:

  • Update the "Last Updated" date
  • Notify you via email
  • Display a prominent notice in the App

We encourage you to review this policy periodically.

13. Contact Us

If you have questions about this Consumer Health Data Privacy Policy or wish to exercise your rights, please contact us:

Consumer Health Data Requests: hello@entropylifestyle.com

Privacy Questions: hello@entropylifestyle.com

Mailing Address:
KPMS3 LLC (Entropy Lifestyle)
Attn: Privacy Team
Glen Allen, Virginia
United States

© 2026 KPMS3 LLC. All rights reserved.

Privacy Policy | Terms of Service | Medical & AI Disclosure

Scroll to Top