Privacy Policy

Last updated: July 24, 2025.
Legal Entity: WellnessJourneyApp LLC (d/b/a “MyWellnessJourney”)
Registered in: The State of Wyoming, United States
Contact: [email protected]

1. Introduction and Scope

This Privacy Policy is issued by WellnessJourneyApp LLC, a limited liability company duly organized and existing under the laws of the State of Wyoming, United States of America (hereinafter, the “Company,” “we,” “us,” or “our”). The Company operates under the brand name MyWellnessJourney and provides general wellness-oriented Services through its mobile application, website, and affiliated technologies.

For the avoidance of doubt, all references to “MyWellnessJourney” herein shall be construed as referring to WellnessJourneyApp LLC, unless otherwise expressly stated.

This Privacy Policy governs the manner in which the Company collects, uses, discloses, stores, and protects information of users (hereinafter “you” or “User”) who access or utilize the Services. This Policy is intended to satisfy applicable obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the General Data Protection Regulation (GDPR) of the European Union, and relevant U.S. federal and state laws, including those of the State of Wyoming.

2. Types of Information Collected

We may collect, process, and store the following categories of data:

a) Personally Identifiable Information (PII)

Full name

Email address

Date of birth

Gender

Contact preferences

b) Self-Reported Health and Wellness Data

Sleep activity and patterns

Mood tracking and emotional self-assessment

Brain exercise logs

User-defined medication and habit reminders

Journaling and behavioral reflections

c) Technical and Usage Information

IP address

Device type, OS version, and browser type

Session activity, app navigation behavior, and diagnostic metadata

3. Lawful Basis for Processing

We process personal data pursuant to the following lawful grounds:

Consent: For sensitive data (e.g., health logs) and optional communications

Contractual Necessity: To provide access to purchased or subscribed Services

Legal Obligation: To fulfill regulatory, tax, and audit requirements

Legitimate Interest: To enhance system security, optimize UX, and evaluate app performance

4. Protected Health Information (PHI) and HIPAA Compliance

To the extent that any data collected or processed constitutes Protected Health Information (PHI) under the applicable provisions of HIPAA, the Company shall comply with all legal and procedural safeguards mandated by said statute.

The Company has executed a Business Associate Agreement (BAA) with Google LLC in order to use Google Workspace and Cloud Services in a HIPAA-compliant manner. PHI is stored and transmitted using end-to-end encryption protocols, and access is strictly restricted to authorized personnel under role-based security controls.

5. Purposes for Data Use

We may use the information collected from or about you for the following legitimate and disclosed purposes:

To create and manage your user account

To deliver personalized app features and content

To administer notifications and reminders as configured by the user

To provide technical support and customer assistance

To comply with applicable laws, regulations, and internal policies

To monitor system usage for security and fraud detection purposes

To improve and enhance the overall functionality and quality of the Services

6. Retention of Data

We retain your personal and health-related information for the period necessary to achieve the purposes outlined herein, unless a longer retention period is required or permitted by applicable law. At your written request, and subject to legal and contractual constraints, we will take reasonable steps to delete or de-identify your data.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

The right to access the personal data we hold about you

The right to request correction of inaccurate or incomplete data

The right to request deletion of your personal data

The right to object to or restrict certain processing activities

The right to data portability

The right to withdraw previously granted consent

Requests may be submitted via email to [email protected].

8. Disclosure to Third Parties

We do not sell or rent personal data. We may share your information only in the following limited circumstances:

With third-party service providers acting under contractual obligations of confidentiality and security

With legal or governmental authorities where required by law, subpoena, or regulatory investigation

With successor entities in the event of a merger, sale, restructuring, or other corporate transaction

9. Data Transfers and International Users

If you are accessing the Services from outside the United States, be advised that your data may be transferred to and processed in the United States. We rely on appropriate legal mechanisms such as Standard Contractual Clauses (SCCs) where applicable.

10. Children’s Privacy

The Services are not intended for use by children under 13 years of age. We do not knowingly collect personal data from minors. If we become aware that data has been collected from a minor without verifiable parental consent, it will be promptly deleted.

11. Governing Law and Jurisdiction

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Wyoming, without giving effect to any conflict of law principles. Any legal action or proceeding arising out of or related to this Policy shall be submitted exclusively to the competent courts located in Wyoming.