Privacy Policy

The privacy of your data — and it is your data, not ours! — is a big deal to us. Here's the rundown of what we collect and why, when we access your information, and your rights. Last updated: December 26, 2023

The privacy of your data—and it is your data, not ours!—is a big deal to us. In this policy, we lay out: what data we collect and why; how your data is handled; and your rights with respect to your data. We promise we never sell your data: never have, never will.

This policy is split into sections. For your convenience, links to each of those sections is as follows:

• Privacy policy
  • Data Anonymization and HIPAA Compliance
    • Data Anonyimization
    • HIPAA Compliance
    • Request to Delete
  • What we collect and why
    • Identity and access
    • Billing information
    • General Geolocation data
    • Website interactions
    • Advertising and Cookies
    • Voluntary correspondence
    • How we approach mobile app permissions
  • When we access or disclose your information
  • How we secure data
  • Location of site and data
  • When transferring personal data from the EU
  • Residents of California and Nevada
  • Changes and questions

This policy applies to all products built and maintained by 121Health LLC, currently including the 121Health mobile app.

This policy applies to our handling of information about site visitors, prospective customers, and customers and authorized users (in relation to their procurement of the services and management of their relationship with 121Health). We refer collectively to these categories of individuals as "you" throughout this policy.

However, this policy does not cover information about a customer's end users that 121Health receives from a customer, or otherwise processes on a customer’s behalf, in connection with the services provided by 121Health to the customer pursuant to an applicable services agreement (including the content of messages of customer end users ("End User Communications")). 121Health processes End User Communications under the instructions of the relevant customer, which is the "data controller" or "business" (or occupies a similar role as defined in applicable privacy laws), as described in the applicable services agreement between such customer and 121Health. 121Health’s obligations as a "data processor" or "service provider" with respect to such information are defined in such services agreement and applicable data protection addendum and are not made part of this policy.

If you are a customer’s end user and you have questions about how your information is collected and processed through the services, please contact the organization who has provided your information to us for more information.

§Data Anonymization and HIPAA Compliance

§Data Anonyimization

Currently, the 121Health mobile app only offers Sign in With Apple. Upon sign in, we produce a unique UUID that relates your Apple ID to your 121Health account. This is how we relate your Apple Health & other data data to your 121Health account.

At no point does 121Health store your Apple ID email, name, or any other information. We only store this unique identifier, which cannot be traced back to your.

To clarify, this means that even if our servers were breached, your email, name, and other personal information would not be compromised.

§HIPAA Compliance

121Health is HIPAA compliant via the "Safe Harbor Method." This means that our database and servers are so anonymized that they meet HIPAA compliance.

Below are the 18 conditions of the Safe Harbor Method, and how 121Health meets each one of them:

1. Names. 121Health does not collect names.
2. Geographic subdivisions smaller than a state. 121Health does not collect any geographic data.
3. All elements of dates (except year) directly related to an individual. 121Health collects the year you were born.
4. Telephone numbers. 121Health does not collect telephone numbers.
5. Fax numbers. 121Health does not collect fax numbers.
6. Electronic mail addresses. 121Health does not collect email addresses that can be related to your user data. With your consent, we may retain your email address for marketing purposes, but it is not tied to your data.
7. Social Security numbers. 121Health does not collect social security numbers.
8. Medical record numbers. 121Health does not collect medical record numbers.
9. Health plan beneficiary numbers. 121Health does not collect health plan beneficiary numbers.
10. Medical/Financial Account numbers. 121Health does not collect medical, financial, or any other account numbers, besides the unique identifier that we generate and tie to your account.
11. Certificate/license numbers. 121Health does not collect certificate/license numbers.
12. Vehicle identifiers and serial numbers, including license plate numbers. 121Health does not collect vehicle identifiers and serial numbers, including license plate numbers.
13. Device identifiers and serial numbers. 121Health does not collect device identifiers and serial numbers.
14. Web Universal Resource Locators (URLs). 121Health does not collect URLs.
15. Internet Protocol (IP) address numbers. 121Health does not collect IP addresses.
16. Biometric identifiers, including finger and voice prints. 121Health does not collect biometric identifiers, including finger and voice prints.
17. Full-face photographic images and any comparable images. 121Health does not collect full-face photographic images and any comparable images.
18. Any other unique identifying number, characteristic, or code, except the unique code assigned by the investigator to code the data. _121Health does not collect any other unique identifying number, characteristic, or code.

§Request to Delete

Even though we don't store any personally identifiable information, we still offer the ability to delete your account. This will delete all of your data from our servers, and you will no longer be able to sign in to the 121Health mobile app, and must create a new account.

This action is irreversible, and such requests must be made via email.

§What we collect and why

Our guiding principle is to collect only what we need. Here’s what that means in practice:

§Identity and access

121Health does not collect or store any personally identifiable information. Only a unique identifier is stored, which cannot be traced back to you.

§Billing information

If you sign up for a paid 121Health product, you will be asked to provide your payment information and billing address. Credit card information is submitted directly to our payment processor and doesn't hit 121Health servers.

§General Geolocation data

No location data, geolocation data, or IP addresses are collected by 121Health.

§Website interactions

We collect information about your browsing activity for analytics and statistical purposes such as conversion rate testing and experimenting with new product designs. This includes, for example, your browser and operating system versions, your IP address, which web pages you visited and how long they took to load, and which website referred you to us. If you have an account and are signed in, these web analytics data are tied to your IP address and user account until your account is no longer active. The web analytics we use are described further in the Advertising and Cookies section.

§Advertising and Cookies

121Health is not ads-based and never will be. The 121Health mobile app stores a session token on your local device so that you can stay signed in. This session token is not tied to your any personally identifiable information.

§Voluntary correspondence

When you email 121Health with a question or to ask for help, we keep that correspondence, including your email address, so that we have a history of past correspondence to reference if you reach out in the future.

We also store information you may volunteer, for example, written responses to surveys. If you agree to a customer interview, we may ask for your permission to record the conversation for future reference or use. We will only do so with your express consent.

§How we approach mobile app permissions

We offer mobile apps for some of our products. Because of how the platforms are designed, our apps typically must request your consent before accessing contacts, calendar, camera, and other privacy-sensitive features of your device. Consent is always optional and our apps will function without it, though some features may be unavailable. There are a few exceptions, for example:

• Our iOS apps will ask for permission to use push notifications upon first sign-in.
• Our iOS apps will ask for permission to sync your Apple Health data to our app (with granular permissions).
• Our iOS apps will ask for permission to sync your Fitbit Health data to our app.
• Our iOS apps will ask for permission to sync your Oura Ring data to our app.
• Our iOS apps will ask for permission to sync your Whoop data to our app.

§When we access or disclose your information

Again, since we don't store any personally identifiable information, we never access or disclose your information.

§How we secure data

Again, we don't store any personally identifiable information.

We also encrypt all data via SSL/TLS when transmitted from our servers to your browser.

§Location of site and data

Our products and other web properties are operated in the United States. 121Health currently does not support customers outside the United State or Canada.

§When transferring personal data from the EU

121Health currently does not support customers outside the United State or Canada.

§Residents of California and Nevada

Regarding personal information, please note again that we do not store any personally identifiable information. So the increased restrictions under California Consumer Privacy Act (CCPA) and Nevada Senate Bill 220 (SB 220) are met by default.

§Changes and questions

We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change to our policies, we will refresh the date at the top of this page and take any other appropriate steps to notify users.

Have any questions, comments, or concerns about this privacy policy, your data, or your rights with respect to your information? Please get in touch by emailing us at hello@121health.app and we'll be happy to try to answer them!