Last updated: 29 April 2025
Welcome to Healthefi ("we", "our", "us"). We value your privacy and are committed to protecting your personal information. This Privacy Policy explains what data we collect, why we collect it, how we use it, and the choices you have regarding your information. By using the Healthefi mobile or web application (collectively, the "App") you agree to the practices described in this Policy.
| Category | Examples | Purpose |
|---|---|---|
| Account Information | Name, email address, password, company affiliation, number of employees, profile photo | • Create & secure your account • Authenticate you on sign‑in |
| Health & Activity Data | Workout completions (e.g., 90‑second sessions), calories burned, streaks, weight entries, goals, streak statistics | • Track progress • Award HEC tokens & participation badges • Populate personal & company dashboards |
| Company Data | Company name, subscription tier, active employees count, challenge settings | • Provide Employer dashboards • Administer company challenges |
| Transaction Data | Subscription price tier, payment status (via Stripe), purchase history | • Process payments • Provide invoices • Prevent fraud |
| Device & Usage Data | Device type, operating system, crash logs, in‑app actions, referral source, IP address | • Improve performance • Debug issues • Analytics |
| Cookies & Similar Tech (Web only) | Session cookies, analytics tags | • Maintain session state • Measure traffic |
We do not request precise location data or sensitive personal identifiers (e.g., Social Security numbers).
Legal bases under GDPR: Contractual necessity, Legitimate interests, and Consent (for optional marketing).
| Recipient | Reason |
|---|---|
| Service Providers (e.g., AWS, Stripe, analytics vendors) | Cloud hosting, payment processing, analytics, customer support |
| Employers / Company Admins | Aggregate, de‑identified statistics about employee participation and rewards (never raw health metrics) |
| Legal / Regulatory Bodies | When required by law, court order, or to protect rights and safety |
| Business Transfers | In connection with a merger, acquisition, or asset sale (you will be notified) |
We never sell your personal information.
We retain personal data for as long as you have an active account, or as needed to:
Aggregated, de‑identified data may be retained indefinitely.
Depending on your locale, you may have rights to:
To exercise these rights, use the in‑app Delete Account option or email us at privacy@healthefi.com.
Healthefi is not directed to children under 13. We do not knowingly collect data from children. If you believe a child has provided us information, contact us for deletion.
We implement industry‑standard safeguards including encryption in transit (HTTPS), encryption at rest, access controls, and regular security audits. No method is 100% secure, but we strive to protect your data.
The App may contain links or integrations (e.g., Apple HealthKit, Google Fit). Their collection and use of data is governed by their own policies.
We may update this Policy from time to time. Material changes will be announced via in‑app notice or email. Continued use after changes indicates acceptance.
For questions about this Privacy Policy or to exercise your rights, please contact:
Email: privacy@healthefi.com
Address: Healthefi Inc., 123 Wellness Street, San Francisco, CA 94103, USA