🔐 Privacy Policy

Last updated: July 24, 2025.
Legal Entity: WellnessJourneyApp LLC (d/b/a “MyWellnessJourney”)
Registered in: The State of Wyoming, United States
Contact: privacy@mywellnessjourney.health

1. Introduction and Scope

This Privacy Policy is issued by WellnessJourneyApp LLC, a limited liability company duly organized and existing under the laws of the State of Wyoming, United States of America (hereinafter, the “Company,” “we,” “us,” or “our”). The Company operates under the brand name MyWellnessJourney and provides general wellness-oriented Services through its mobile application, website, and affiliated technologies.

For the avoidance of doubt, all references to “MyWellnessJourney” herein shall be construed as referring to WellnessJourneyApp LLC, unless otherwise expressly stated.

This Privacy Policy governs the manner in which the Company collects, uses, discloses, stores, and protects information of users (hereinafter “you” or “User”) who access or utilize the Services. This Policy is intended to satisfy applicable obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the General Data Protection Regulation (GDPR) of the European Union, and relevant U.S. federal and state laws, including those of the State of Wyoming.

2. Types of Information Collected

We may collect, process, and store the following categories of data:

a) Personally Identifiable Information (PII)

  • Full name

  • Email address

  • Date of birth

  • Gender

  • Contact preferences

b) Self-Reported Health and Wellness Data

  • Sleep activity and patterns

  • Mood tracking and emotional self-assessment

  • Brain exercise logs

  • User-defined medication and habit reminders

  • Journaling and behavioral reflections

c) Technical and Usage Information

  • IP address

  • Device type, OS version, and browser type

  • Session activity, app navigation behavior, and diagnostic metadata

3. Lawful Basis for Processing

We process personal data pursuant to the following lawful grounds:

  • Consent: For sensitive data (e.g., health logs) and optional communications

  • Contractual Necessity: To provide access to purchased or subscribed Services

  • Legal Obligation: To fulfill regulatory, tax, and audit requirements

  • Legitimate Interest: To enhance system security, optimize UX, and evaluate app performance

4. Protected Health Information (PHI) and HIPAA Compliance

To the extent that any data collected or processed constitutes Protected Health Information (PHI) under the applicable provisions of HIPAA, the Company shall comply with all legal and procedural safeguards mandated by said statute.

The Company has executed a Business Associate Agreement (BAA) with Google LLC in order to use Google Workspace and Cloud Services in a HIPAA-compliant manner. PHI is stored and transmitted using end-to-end encryption protocols, and access is strictly restricted to authorized personnel under role-based security controls.

5. Purposes for Data Use

We may use the information collected from or about you for the following legitimate and disclosed purposes:

  • To create and manage your user account

  • To deliver personalized app features and content

  • To administer notifications and reminders as configured by the user

  • To provide technical support and customer assistance

  • To comply with applicable laws, regulations, and internal policies

  • To monitor system usage for security and fraud detection purposes

  • To improve and enhance the overall functionality and quality of the Services

6. Retention of Data

We retain your personal and health-related information for the period necessary to achieve the purposes outlined herein, unless a longer retention period is required or permitted by applicable law.

At your written request, and subject to legal and contractual constraints, we will take reasonable steps to delete or de-identify your data.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • The right to access the personal data we hold about you

  • The right to request correction of inaccurate or incomplete data

  • The right to request deletion of your personal data

  • The right to object to or restrict certain processing activities

  • The right to data portability

  • The right to withdraw previously granted consent

Requests may be submitted via email to privacy@mywellnessjourney.health.

8. Disclosure to Third Parties

We do not sell or rent personal data. We may share your information only in the following limited circumstances:

  • With third-party service providers acting under contractual obligations of confidentiality and security

  • With legal or governmental authorities where required by law, subpoena, or regulatory investigation

  • With successor entities in the event of a merger, sale, restructuring, or other corporate transaction

9. Data Transfers and International Users

If you are accessing the Services from outside the United States, be advised that your data may be transferred to and processed in the United States. We rely on appropriate legal mechanisms such as Standard Contractual Clauses (SCCs) where applicable.

10. Children’s Privacy

The Services are not intended for use by children under 13 years of age. We do not knowingly collect personal data from minors. If we become aware that data has been collected from a minor without verifiable parental consent, it will be promptly deleted.

11. Governing Law and Jurisdiction

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Wyoming, without giving effect to any conflict of law principles. Any legal action or proceeding arising out of or related to this Policy shall be submitted exclusively to the competent courts located in Wyoming.