SynthVitals ← Back to Home

Privacy Policy

Effective Date: December 1, 2025

SynthVitals ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

Note: For specific information about how we handle consumer health data, including your rights under state health privacy laws, please also review our Consumer Health Data Privacy Policy.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, password, timezone and unit preferences
  • Health Data: Lab results, biomarker values, medical documents you upload
  • Profile Information: Health goals, preferences, and settings
  • Communications: Messages you send to us or through our AI assistant

1.2 Information from Connected Services

When you connect third-party services, we collect:

  • Activity Data: Steps, active minutes, calories burned, workouts
  • Sleep Data: Sleep duration, sleep stages, sleep quality scores
  • Heart Data: Heart rate, heart rate variability (HRV), resting heart rate
  • Body Measurements: Weight, body composition
  • Glucose Data: Blood glucose readings from CGM devices
  • Nutrition Data: Food logs, macronutrients, calorie intake

1.3 Automatically Collected Information

  • Device Information: Browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, timestamps
  • Log Data: IP address, access times, referring URLs

2. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Analyze your health data and generate personalized insights
  • Power AI-driven recommendations and the chat assistant
  • Sync data from connected third-party services
  • Send you notifications about your health data and account
  • Respond to your inquiries and provide customer support
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

3. How We Share Your Information

We do not sell your personal information or health data. We may share your information:

  • Service Providers: With vendors who help us operate the Service, bound by confidentiality agreements
  • Connected Services: With third-party services you choose to connect
  • Legal Requirements: When required by law, legal process, or government request
  • Safety: To protect the rights, property, or safety of SynthVitals, our users, or others
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Aggregated Data: We may share anonymized, aggregated data that cannot identify you

4. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit (TLS/HTTPS) and at rest (AES-256)
  • Secure authentication and access controls
  • Regular security assessments and monitoring
  • Employee training on data protection

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. After account deletion, we may retain certain data for legal compliance, fraud prevention, and backup purposes for a limited time.

6. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Request your data in a portable format
  • Opt-Out: Opt out of marketing communications
  • Withdraw Consent: Withdraw consent for data processing

To exercise these rights, contact us at privacy@synthvitals.com.

7. California Residents (CCPA/CPRA)

California residents have additional rights including the right to know, delete, correct, and opt-out of sale/sharing. We do not sell your personal information. To submit a request, email privacy@synthvitals.com with "California Privacy Request" in the subject line.

8. Washington Residents

Washington residents have specific rights under the My Health My Data Act. Please see our Consumer Health Data Privacy Policy for detailed information.

9. International Users (GDPR)

If you are located in the EEA, UK, or Switzerland, you have rights under GDPR including access, rectification, erasure, restriction, portability, and the right to lodge a complaint with a supervisory authority.

10. Children's Privacy

SynthVitals is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service.

12. Contact Us

SynthVitals - Privacy Team
Email: privacy@synthvitals.com
Website: https://synthvitals.com

Last Updated: December 1, 2025