Privacy Policy
Last updated: 7/2/2026
1. Information We Collect
We collect information that you provide directly to us, including:
- Account information (name, email address, profile picture)
- Health and medical information (conditions, medications, lab results)
- Journal entries (meals, exercise, sleep, hydration)
- Health goals and preferences
- Kitchen equipment and dietary preferences
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our services
- Personalize your AI assistant's recommendations
- Generate health insights and analyses
- Respond to your questions and requests
- Send you technical notices and updates
3. Data Storage and Security
Your data is stored securely using Firebase (Google Cloud Platform), which provides:
- Encryption of data at rest and in transit
- Secure authentication and authorization
- Regular security audits and compliance certifications
- Access controls and user-based data isolation
We implement industry-standard security measures to protect your sensitive health information from unauthorized access, alteration, disclosure, or destruction.
4. Data Ownership and Control
You own and control your data. You can:
- Access, view, and update your data at any time
- Export your data in standard formats (JSON, CSV)
- Delete your account and all associated data at any time
- Request a copy of all data we have about you
5. Data Sharing
We do not sell, trade, or rent your personal health information to third parties. We may share your information only in the following circumstances:
- With your explicit consent
- To comply with legal obligations or court orders
- To protect our rights, property, or safety, or that of our users
- With service providers who help us operate our service (subject to strict confidentiality agreements)
6. Third-Party Services
We use third-party services to provide functionality:
- Firebase (Google): For data storage, authentication, and file storage
- Google Gemini AI: For AI-powered health analysis and recommendations
These services have their own privacy policies, and we encourage you to review them. However, we only share the minimum data necessary for these services to function.
7. HIPAA and Health Data Protection
While HealthContext is not a HIPAA-covered entity, we take health data privacy seriously and implement security measures similar to HIPAA standards:
- Encryption of sensitive data
- Access controls and authentication
- Audit logs and monitoring
- User data isolation and privacy controls
8. Data Retention
We retain your data for as long as your account is active or as needed to provide you services. If you delete your account, we will delete or anonymize your data within 30 days, except where we are required to retain certain information by law.
9. Your Rights
You have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your data
- Export your data
- Opt-out of certain data processing activities
- File a complaint with relevant data protection authorities
10. Children's Privacy
HealthContext is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will delete that information immediately.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date and posting the new Privacy Policy on this page. Your continued use of the Service after such changes constitutes your acceptance of the updated Privacy Policy.
12. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at support@healthcontext.com.
By using HealthContext, you acknowledge that you have read and understood this Privacy Policy.