Consumer Health Data Privacy Policy

This Consumer Health Data Privacy Policy supplements our Privacy Policy and describes how TechnicallyFit Dynamics Inc. collects, uses, shares, and protects Consumer Health Data. Where it conflicts with the general Privacy Policy on Consumer Health Data, this policy controls.

What is Consumer Health Data

Personal information linked or reasonably linkable to you that identifies your past, present, or future physical or mental health status. For TechnicallyFit this may include self-reported pain, soreness, injury, and symptom inputs; readiness, recovery, fatigue, and stress inputs and derived signals; bodyweight and measurements; wearable-derived metrics (heart rate, HRV, sleep, activity) obtained when you connect a device through Terra; and inferences from the above.

How and why we use it

We collect Consumer Health Data only to provide the features you use, including generating programs, computing readiness/recovery signals, tracking progress, and enabling coaching relationships you opt into, and to secure and improve the Services. We process Consumer Health Data based on your consent where consent is required, and otherwise as necessary to provide the service you request.

How we share it

Only with subprocessors that process it on our behalf under contract, and with your coach or organization where you have opted into that relationship, limited to what the feature requires. We do not sell Consumer Health Data and will not do so without your valid authorization as required by law.

Subprocessors that may process Consumer Health Data

The subprocessors below may process Consumer Health Data on our behalf, limited to the feature or scope listed. PostHog and Sentry are configured to exclude Consumer Health Data from event payloads — they are listed here for transparency, not because they routinely receive CHD.

  • Stream (GetStream) — chat messages and channel membership, to the extent you include health information in messages you send.

  • Resend — transactional email, to the extent you include health information in a support thread.

  • Clerk — identity binding for the account that holds your CHD; Clerk does not receive raw CHD payloads.

  • Stripe — billing identity for the account; Stripe does not receive CHD.

  • PostHog — product analytics; configured to exclude CHD from events.

  • Sentry — error monitoring; configured to exclude CHD from events.

  • Expo / EAS — push tokens and device identifiers; no CHD payloads.

  • DigitalOcean (App Platform, Managed Postgres, Spaces) — hosting and the primary database where CHD is stored at rest.

  • Anthropic / OpenRouter — AI interpretation layer; CHD is minimized in prompts and providers are configured for zero-retention where supported.

The full engineering-truth subprocessor list (with DPA/BAA status) lives at docs/compliance/subprocessors.md and is reconciled quarterly against apps/api/app/config.py.

Your rights

You may confirm, access, withdraw consent to, and delete your Consumer Health Data, and appeal a denial. Use in-app account export/deletion where available, or contact our privacy team. When you withdraw consent or request deletion, we will delete the data and direct our subprocessors to do the same, except where retention is required by law, within the timeframe required by applicable law. See the Data Deletion and Support page for the public, sign-in-free channel.

Retention of Consumer Health Data

We retain Consumer Health Data only as long as needed to provide the features you use or as required by law. The concrete retention schedule per data class is maintained in our internal Notion control register and reviewed quarterly. Withdrawal of consent and deletion requests result in deletion within the timeframe required by applicable law.

Protection and geofencing

We restrict access to Consumer Health Data, encrypt it in transit, manage secrets through a secrets manager, and log and monitor access. We do not use geofencing to identify or track consumers seeking health services.

Contact

Direct consumer-health-data requests to our privacy contact. See the Data Deletion and Support page.

Other documents: Privacy Policy, Terms of Service, Data Deletion and Support, Support