Consumer Health Data Privacy Policy
MYGEVITY LLC: CONSUMER HEALTH DATA PRIVACY POLICY
Last Updated: October 3, 2025
This Consumer Health Data Privacy Policy ("Consumer Health Data Policy") describes how MyGevity LLC ("MyGevity," "we," "us" or "our") processes consumer health data as applicable U.S. state laws may define that term ("Consumer Health Data"), that we collect through our digital or online properties or services that link to this Consumer Health Data Policy (including our website, mobile application, and social media pages) as well as our marketing activities, and other activities described in this Consumer Health Data Policy (collectively, the "Service"). This Consumer Health Data Policy applies to the extent required by applicable U.S. state laws.
This Consumer Health Data Policy supplements our general Privacy Policy. In the event of a conflict between our Privacy Policy and the Consumer Health Data Policy, the Consumer Health Data Policy applies to the extent that it is consistent with applicable U.S. state law.
Consumer Health Data We Collect
Consumer Health Data you may provide to us through the Service or otherwise includes:
- Contact data, such as your first and last name, email address, billing and mailing addresses, and phone number.
- Demographic data, such as your city, state, country of residence, postal code, age, date of birth, and gender.
- Account data, such as the username and password that you may set to establish an online account on the Service, preferences, and any other information that you add to your account profile.
- Health-related data, such as mental or physical health history, conditions and diagnoses, treatments, medications, lab samples, lab results, and other physical or mental health information. This may include personal information that you provide directly to us when you complete electronic forms designed for you to self-report your health status or upload medical records.
- Genetic data, certain of the lab tests available through the Service may produce data that relates to inherited characteristics and genomic information.
- Transactional data, such as information relating to or needed to complete your orders on or through the Service, including order numbers, transaction history, and purchases of supplements and other products.
- Communications data based on our exchanges with you, including when you contact us through the Service, email, or otherwise.
- Payment data needed to complete transactions, including payment card information or bank account number.
- Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.
- Device data, such as your computer or mobile device's operating system type and version, manufacturer and model, browser type, IP address, unique identifiers, and general location information such as city or state.
- Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, and access times.
Consumer Health Data we obtain from third-party sources. We also obtain the types of Consumer Health Data described above from third parties. These third-party sources may include:
- Lab and Provider Partners, including Quest Diagnostics, True Diagnostics, and other third-party healthcare services providers and laboratory services providers.
- Linked third-party devices, such as wearable or Internet of Things devices that you link to your Service account. This may include historical data related to your use of the wearable device.
- Service providers, third parties that collect or provide Consumer Health Data in connection with work they do on our behalf.
Consumer Health Data we may create, infer or generate. We may create, infer or generate Consumer Health Data from other data we collect. We may create aggregated, de-identified, and/or anonymized information from Consumer Health Data by removing certain data components (such as your name, email address, or linkable tracking ID) that makes the data identifiable, or through aggregation, obfuscation or other means. Except as required or permitted by applicable law, we will not attempt to re-identify any data that has been aggregated, de-identified, and/or anonymized. Subject to applicable law, our use of such aggregated, de-identified, and/or anonymized information is not Consumer Health Data.
How We Use Your Consumer Health Data
We use Consumer Health Data for purposes described in this Consumer Health Data Policy or as otherwise disclosed to you. For example, we use Consumer Health Data for the following purposes:
|
Purpose of Use |
Categories of Consumer Health Data |
|
Service delivery and operations: providing the Service, enabling security features of the Service, establishing and maintaining your user profile on the Service, communicating with you about the Service, providing support for the Service and responding to your requests/questions/feedback. |
Contact data, demographic data, account data, health-related data, genetic data, transactional data, communications data, payment data, marketing data, device data, online activity data. |
|
Product fulfillment and customer service: processing and fulfilling supplement and product orders, managing subscriptions, handling returns and replacements for damaged products, providing customer support. |
Contact data, demographic data, account data, transactional data, communications data, payment data. |
|
Service personalization: understanding your needs and interests, personalizing your experience with the Service and our Service-related communications. |
Contact data, demographic data, account data, health-related data, genetic data, transactional data, communications data, marketing data, device data, online activity data. |
|
Insights and development: for insights (including research) and development purposes, including to analyze and improve the Service and our business and to develop new products and services. |
Contact data, demographic data, account data, health-related data, genetic data, transactional data, communications data, marketing data, device data, online activity data. |
|
Direct marketing: communicating with you about services, upcoming events, and other information. |
Contact data, demographic data, account data, marketing data, device data, online activity data. |
|
Service improvement and analytics: analyzing your usage of the Service, improving the Service, helping us understand user activity on the Service. |
Contact data, demographic data, account data, health-related data, genetic data, transactional data, device data, online activity data. |
|
Compliance and protection: complying with applicable laws, lawful requests, and legal process; protecting our, your or others' rights, privacy, safety or property; enforcing the terms and conditions that govern the Service; preventing, identifying, investigating and deterring fraudulent, harmful, unauthorized, unethical or illegal activity. |
Contact data, demographic data, account data, health-related data, genetic data, transactional data, communications data, payment data, device data, online activity data. |
|
To create aggregated, de-identified and/or anonymized data: We may create aggregated, de-identified and/or anonymized data from your Consumer Health Data. We may use this aggregated, de-identified and/or anonymized data and share it with third parties for our lawful business purposes, including to analyze and improve the Service, promote our business, and for research purposes. |
Contact data, demographic data, account data, health-related data, genetic data, transactional data, communications data, payment data, marketing data, device data, online activity data. |
How We Share Your Consumer Health Data
We may "share" (as the applicable law may define that term) Consumer Health Data with your consent or as we determine necessary to complete your transactions, provide the Service to you, or as otherwise permitted or required by law. For example, we may share your Consumer Health Data with:
Lab and Provider Partners. We will share your Consumer Health Data with Quest Diagnostics, True Diagnostics, and other healthcare services providers, laboratory services providers, and other providers of medical and medical-adjacent services to fulfill testing orders and provide results.
Payment processors. Any payment card information you use to make a purchase on the Service is collected and processed directly by our payment processors. Payment processors may use your payment data in accordance with their privacy policies.
Third-party fulfillment partners. We share order information with our third-party logistics provider (3PL) to fulfill supplement orders and manage shipping.
Research partners. We may share Consumer Health Data with research partners to conduct research, only with your explicit consent.
Linked third-party devices. If you choose to link a wearable or Internet of Things device to your Service account, we may share your personal information with that third-party service. The third party's use of the shared information will be governed by its privacy policy and the settings associated with your account with the third-party service.
Service providers. We share Consumer Health Data with third-party companies and individuals that provide services on our behalf or help us operate the Service (such as customer support, hosting, analytics, email delivery, marketing, and database management services).
Legal and law enforcement. We will access, share, and preserve Consumer Health Data when we believe that doing so is necessary to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies. We will also share Consumer Health Data if we believe it is necessary to protect our customers and/or the rights or property of ourselves or others.
Business transfers. We may transfer Consumer Health Data to another entity in connection with a merger, acquisition, sale of all or substantially all of our assets, or other corporate transaction.
Your Consumer Health Data Rights
You may have certain rights to your Consumer Health Data under applicable law. If you wish to exercise these rights, please email us at privacy@mygevityhealth.com.
Withdraw consent. To the extent we rely upon your consent for either our collection or sharing of your Consumer Health Data, you have the right to withdraw such consent from any future collection or sharing.
Access and confirm. You have the right to ask us to confirm whether we have collected, shared or sold your Consumer Health Data. Further, you have the right to access (in other words, request a copy of) the Consumer Health Data that we have collected, shared or sold.
Correction. You have the right to ask us to correct inaccuracies in your Consumer Health Data.
Deletion. You have the right to ask us to delete your Consumer Health Data.
Appeal. You have the right to appeal our denying a right you have attempted to exercise. We will provide details on how to appeal our denial in connection with such action.
To exercise your rights above and make a Consumer Health Data rights request, please email us at privacy@mygevityhealth.com. We may need to verify your identity in order to process your request.
Declining to provide information. We need to collect Consumer Health Data to provide certain services. If you do not provide the information we identify as required or mandatory or if you request that any required Consumer Health Data be deleted or withdraw your consent for future collection or sharing of any required Consumer Health Data, we may not be able to provide those services.
State-Specific Rights
Washington, Connecticut, and Nevada Residents:
If you are a resident of Washington, Connecticut, or Nevada, you may have additional rights under your state's consumer health data privacy laws, including:
- Right to know what Consumer Health Data we collect, share, or sell
- Right to access your Consumer Health Data
- Right to withdraw consent from future collection or sharing
- Right to delete your Consumer Health Data
- Right to correct inaccurate Consumer Health Data (Connecticut)
- Right to opt-out of targeted advertising, sale of personal data, and profiling (Connecticut)
- Right to non-discrimination for exercising your privacy rights
To exercise these rights, please contact us at privacy@mygevityhealth.com or call 727-303-6128
How to appeal decisions about your rights:
- Connecticut: Contact us at privacy@mygevityhealth.com. If denied, you may contact Connecticut's Office of the Attorney General at (860) 808-5420.
- Nevada: Contact us at privacy@mygevityhealth.com. If denied, you may contact Nevada's Office of the Attorney General at (702) 486-3132.
- Washington: Contact us at privacy@mygevityhealth.com. If denied, you may contact Washington's Office of the Attorney General at (800) 551-4636.
Data Security
We implement appropriate technical and organizational security measures to protect your Consumer Health Data, including:
- AES-256 encryption for data at rest
- TLS encryption for data in transit
- Secure storage using Google Cloud and Amazon Cloud infrastructure, both audited for HIPAA compliance
- Limited access controls ensuring only authorized personnel can access Consumer Health Data
Data Retention
MyGevity follows a data retention policy in compliance with HIPAA, GDPR, and other privacy regulations. Data is retained only as long as necessary to provide services, fulfill legal obligations, or support research and development. Upon withdrawal of consent, data is securely deleted from active systems. Some backups may take additional time to be purged, but they are removed according to our scheduled deletion processes.
Changes to This Consumer Health Data Policy
We reserve the right to modify this Consumer Health Data Policy at any time. If we make material changes to this Consumer Health Data Policy, we will notify you by updating the date of this Consumer Health Data Policy and posting it on the Service. Any modifications to this Consumer Health Data Policy will be effective upon our posting the modified version. Your use of the Service after the effective date of any modified Consumer Health Data Policy indicates your acknowledgment that the modified Consumer Health Data Policy applies to your interactions with the Service and our business.
How to Contact Us
If you have any questions about this Consumer Health Data Policy or wish to exercise your rights, please contact us:
Email: privacy@mygevityhealth.com
Phone: 727-303-6128
Address: 7901 4th St N Ste 27675, St. Petersburg, FL 33702
© 2025 MyGevity LLC. All rights reserved.