Consumer Health Data Privacy Notice
This Consumer Health Data Privacy Notice ("Notice") is published by Wellbee App, LLC, a Florida limited liability company doing business as Qire ("Company," "we," "us," or "our"), and supplements our general Privacy Policy. This Notice is provided pursuant to, and in compliance with, the Washington My Health My Data Act, Chapter 19.373 RCW ("MHMDA"), Nevada Senate Bill 370 (as codified in NRS Chapter 603B), Connecticut Public Act No. 23-56 Section 10, and any substantially similar state or federal consumer health data privacy law that may become effective during the term of this Notice (collectively, "Applicable Health Data Laws").
Where terms used in this Notice are defined by Applicable Health Data Laws, the statutory definitions control. To the extent this Notice conflicts with our general Privacy Policy, this Notice shall govern with respect to Consumer Health Data.
1. Definitions
For purposes of this Notice:
- "Consumer Health Data" means personal information that is linked or reasonably linkable to a consumer and that identifies the consumer's past, present, or future physical or mental health status, including, but not limited to, data falling within the categories enumerated in MHMDA Section 1(8)(a)(i)-(xvi).
- "Biometric Data" means data generated by the automatic measurement of an individual's biological characteristics, including heart rate, heart rate variability, respiratory rate, blood oxygen saturation, electrodermal activity, and gait patterns.
- "Consumer" means a natural person who is a resident of a jurisdiction covered by Applicable Health Data Laws and whose Consumer Health Data is collected or processed by the Company.
- "Processor" means a person or entity that processes Consumer Health Data on behalf of the Company pursuant to a binding contract.
- "De-identified Data" means data that cannot reasonably be used to infer information about, or otherwise be linked to, an identified or identifiable consumer, provided that the Company has taken reasonable measures to ensure the data cannot be associated with a consumer, publicly commits to maintaining and using the data in a de-identified fashion, and contractually obligates any recipients to comply with this definition.
2. Categories of Consumer Health Data Collected
The Company collects the following categories of Consumer Health Data, exclusively based on the Consumer's voluntary input or explicit device-level permissions:
- Physiological measurements: Height, weight, body fat percentage, lean body mass estimates, body mass index, waist circumference, and longitudinal body composition trends.
- Biometric data: Heart rate, heart rate variability (HRV), resting heart rate, blood oxygen saturation (SpO₂), respiratory rate, and skin temperature differentials. Pursuant to Section 5 of this Notice, all Biometric Data is processed exclusively on the Consumer's physical device and is never transmitted to Company servers.
- Sleep data: Sleep duration, sleep stages (deep, REM, light, awake), sleep onset latency, sleep efficiency scores, and circadian trend analysis.
- Nutrition data: Food logs, caloric intake, macronutrient and micronutrient breakdowns, meal timing, hydration intake, dietary restriction profiles, and allergen declarations.
- Fitness and activity data: Workout logs, exercise modalities, sets, repetitions, weight loads, perceived exertion, active energy expenditure, step counts, and distance metrics.
- Recovery and physiological stress data: Recovery readiness scores, autonomic stress indices, strain metrics, CNS fatigue indicators, and cardio load estimates.
- Health-related objectives: Weight goals, body composition targets, caloric deficit/surplus targets, fitness programming preferences, and training frequency constraints.
- Biological sex data: Biological sex at birth, used exclusively for evidence-based metabolic rate calculations (Harris-Benedict, Mifflin-St Jeor) and physiological modeling parameters.
3. Purposes of Collection and Use
The Company collects and uses Consumer Health Data strictly and exclusively for the following purposes:
- Core service delivery: Metabolic profiling, adaptive meal plan generation, workout programming, recovery scoring, and health analytics as integral components of the Qire application's stated functionality.
- AI-assisted coaching: Generation of personalized, context-aware health and fitness recommendations through the Company's conversational AI interface.
- Cross-device synchronization: Secure replication of Consumer-generated content (food logs, workout entries, daily summaries) across the Consumer's authenticated devices.
- Product improvement: Computation of aggregate, De-identified Data for internal analytics to improve algorithmic accuracy and user experience. No individual-level Consumer Health Data is used for this purpose.
The Company does not collect, use, share, sell, or otherwise process Consumer Health Data for advertising, marketing, advertising targeting, cross-behavioral profiling, data brokerage, or any purpose not expressly disclosed in this Notice.
4. Sources of Consumer Health Data
- Direct consumer input: Manual food logs, workout entries, body measurements, health objectives, and onboarding questionnaire responses provided voluntarily by the Consumer.
- Connected device APIs: Apple Health (HealthKit) on iOS and Health Connect on Android. Data is accessed only after the Consumer grants explicit, granular, category-level permissions through the operating system's native permission dialogs. The Company does not access categories the Consumer has not authorized.
- AI session context: Transient health summaries generated during conversational AI coaching sessions. These summaries are derived from data the Consumer has already provided and are subject to the same protections as the underlying Consumer Health Data.
5. Technical Data Architecture and Safeguards
The Company maintains a strict tiered data architecture designed to minimize the volume of Consumer Health Data transmitted off-device:
- Tier 1 — Device-Only Processing: All raw Biometric Data streams (continuous heart rate, HRV samples, respiratory rate, sleep staging signals, accelerometer data) are processed exclusively within the Consumer's physical device. This data never leaves the device, is never transmitted to Company infrastructure, and is not accessible to any Company employee, contractor, or automated system.
- Tier 2 — Encrypted Cloud Synchronization: Consumer-generated content (food logs, workout entries, daily summaries, and derived scores) is synchronized via TLS 1.3 encrypted connections to Company-managed database infrastructure. All synchronized data is protected by PostgreSQL Row-Level Security (RLS) policies that cryptographically enforce per-user data isolation.
- Tier 3 — Transient AI Processing: Summarized health context provided to third-party AI inference endpoints is transmitted in-session, is not persisted by the third-party provider, and is contractually excluded from the provider's model training datasets.
Additional technical safeguards include, but are not limited to: AES-256-GCM encryption at rest, TLS 1.3 for all data in transit, per-user database isolation via RLS policies, and automated key rotation on a 90-day cycle.
6. Third-Party Sharing and Sub-Processors
The Company does not sell Consumer Health Data. The Company has never sold Consumer Health Data. The Company will not sell Consumer Health Data.
The Company shares Consumer Health Data exclusively with the following categories of Processors, each operating under a Data Processing Agreement ("DPA") that contractually prohibits any secondary use, independent processing, or onward transfer of Consumer Health Data:
- Cloud infrastructure provider (Supabase/AWS): Encrypted database storage and synchronization services. Consumer Health Data is stored in RLS-protected PostgreSQL instances with geographic residency in the United States.
- AI inference provider (Google Cloud / Gemini API): Receives summarized health context (not raw biometric streams) for the purpose of generating coaching responses. Data transmitted to Google's Gemini API is governed by Google's Cloud Data Processing Addendum and is contractually exempt from model training.
- Food database provider: Receives anonymized food name queries for nutritional data lookup. No Consumer Health Data or personally identifiable information is transmitted to food data providers.
7. Consent Architecture
Pursuant to MHMDA Section 5, the Company obtains valid, voluntary consent for the collection of Consumer Health Data as follows:
- Onboarding consent: During initial account creation, the Consumer is presented with a clear, conspicuous disclosure of the categories of Consumer Health Data that will be collected and the purposes for such collection. The Consumer must affirmatively consent before any Consumer Health Data is collected.
- Device API permissions: Access to HealthKit and Health Connect data requires separate, granular, category-by-category consent through the operating system's native permission framework. The Company honors the Consumer's per-category decisions and does not condition service on granting all requested permissions.
- AI coaching consent: Prior to the first AI coaching interaction, the Consumer is informed that summarized health data will be transmitted to the AI inference provider, and must affirmatively consent to this processing.
Consent may be withdrawn at any time through the mechanisms described in Section 8 of this Notice. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.
8. Consumer Rights
Under Applicable Health Data Laws, Consumers have the following rights with respect to their Consumer Health Data:
- Right of access: The right to confirm whether the Company is collecting, sharing, or selling Consumer Health Data concerning the Consumer, and to obtain a copy of such data in a portable, machine-readable format.
- Right of deletion: The right to request deletion of Consumer Health Data. Consumers may exercise this right directly through the Qire application (Settings → Account → Delete Account) or by contacting the Company. Upon a verified deletion request, the Company will permanently delete the Consumer's data from all production systems within thirty (30) calendar days and from backup systems within ninety (90) calendar days.
- Right to withdraw consent: The right to revoke previously granted consent. For HealthKit/Health Connect permissions, consent is withdrawn through the device's system settings. For AI coaching consent, consent may be withdrawn through the application's settings.
To exercise any right under this section, contact the Company at privacy@qire.app with the subject line "Consumer Health Data Rights Request." The Company will authenticate the request through the email address associated with the Consumer's account and will respond within thirty (30) calendar days of receipt, or within such shorter period as required by Applicable Health Data Laws.
9. Data Retention
Consumer Health Data is retained for the duration of the Consumer's active account. Upon account deletion (whether initiated by the Consumer or by the Company), Consumer Health Data is:
- Purged from production databases within 30 calendar days;
- Purged from encrypted backup systems within 90 calendar days;
- Excluded from any new De-identified Data computations as of the deletion request date.
The Company does not retain Consumer Health Data beyond the periods stated above, except where retention is required by applicable law, regulation, or valid legal process.
10. Geofencing Prohibition
Pursuant to MHMDA Section 8, the Company does not implement geofencing technology around any physical health care facility, mental health facility, reproductive health facility, or substance use disorder treatment facility for the purpose of identifying, tracking, collecting data from, or sending notifications to Consumers.
11. Data Breach Notification
In the event of a breach of security involving Consumer Health Data, the Company will provide notice to affected Consumers and to applicable state authorities within the timeframes and through the mechanisms required by MHMDA Section 7, NRS 603A.220, and any other applicable breach notification law.
12. Changes to This Notice
The Company reserves the right to modify this Notice. Material changes will be communicated through the Qire application and/or via the email address associated with the Consumer's account. Continued use of the Service after the effective date of any modification constitutes acceptance of the modified Notice as it pertains to Consumer Health Data collected after such modification.
13. Contact Information
- Privacy Team: privacy@qire.app
- Legal Department: legal@qire.app
- Corporate Address: Wellbee App, LLC, 7901 4th St N, Ste 9076, Saint Petersburg, FL 33702, United States