§ 01
Collection of Consumer Health Data
We collect the following categories of consumer health data only where you provide it to us directly, or where you elect to connect a third-party application to Syntic.ai that contains your consumer health data:
Categories we may collect
- Information about your health-related conditions, symptoms, status, diagnoses, medical interventions, surgeries, procedures, testing, or treatments.
- Vital signs, bodily functions, symptoms, or health measurements that reveal your health status — including heart rate, blood pressure, blood glucose, sleep duration and quality, respiratory rate, and similar metrics.
- Body measurements, including weight, height, body composition (body fat percentage, lean mass, BMI), and similar data shared by fitness or wellness apps.
- Diet, nutrition, and food intake information, including calorie counts, macronutrient breakdowns, meals logged, and dietary preferences or restrictions.
- Exercise and physical activity information, including workouts performed, steps taken, distance, pace, route, calories burned, and training plans.
- Reproductive or sexual health information, including menstrual cycle tracking data if shared via a connected app.
- Mental health, mood, or stress-tracking information shared via a connected app.
- Information about your use or purchase of prescribed or over-the-counter medication, supplements, or wellness products.
- Biometric and genetic data.
- Precise location information shared by a connected app (for example, GPS routes from a running app).
- Information, including location or precise location information, that could identify your attempt to seek health care services or supplies.
- Any other information you share in conversations with Syntic that reveals or could be used to infer or derive consumer health data.
How we collect this data
We collect consumer health data in three ways:
- From your direct input. Anything you type, paste, dictate, or upload into a conversation with Syntic.
- From third-party integrations you connect. When you choose to connect a diet, fitness, wellness, or other health-related app to Syntic, that app may share your data with us through its API at your direction. Examples of categories of apps we may integrate with include:
Fitness Trackers
Wearables, smartwatches, activity trackers
Workout Apps
Strength training, running, cycling, yoga apps
Nutrition & Diet Apps
Calorie tracking, meal logging, macro counters
Wellness & Sleep
Sleep trackers, meditation, mood, cycle tracking
- Automatically, in limited form. Technical data described in our Privacy Policy (such as device and connection information) may be collected when you use our Services, but we do not derive consumer health data from this technical data unless you have provided it through one of the two methods above.
You can revoke your consent to third-party integrations that provide Syntic.ai access to consumer health data at any time in your Settings. Revoking consent will stop new data from flowing into Syntic. To request deletion of data already collected, see Section 4.
For additional information about the types of personal data we collect, please review "1. Collection of Personal Data" in our Privacy Policy.
§ 02
How We Use Consumer Health Data
We use your consumer health data only for the following purposes:
- To deliver the integration and the conversation you requested. When you connect a third-party health, diet, or fitness app to Syntic, we use the data the app shares so that you can discuss it with Syntic — for example, to analyze your training week, plan meals, summarize sleep trends, or answer questions about your data.
- To respond to your prompts. When you include health-related information in a conversation, Syntic uses it to generate the Output you requested.
- To prevent and investigate fraud, abuse, and violations of our Usage Policy, unlawful or criminal activity, unauthorized access to or use of personal data or Syntic AI systems and networks, to protect our rights and the rights of others, and to meet legal, governmental, and institutional policy obligations.
- In aggregated or de-identified form, to help us develop, test, and improve our Services. We do not re-identify aggregated or de-identified data, and we contractually require third parties who receive such data to refrain from doing so.
What we do not do
- We do not sell your consumer health data, as that term is defined under the Washington My Health My Data Act and similar laws.
- We do not use your consumer health data to train our AI models, unless you have explicitly provided opt-in consent (for example, by submitting Feedback that includes such data, or by enabling training in your account settings with full knowledge that health data may be included).
- We do not share your consumer health data with advertisers or use it for targeted advertising.
- We do not provide your consumer health data to any third party for their own independent purposes, except as described in Section 3.
We may seek your consent to specific uses of consumer health data in accordance with applicable laws. For example, when you first connect a third-party health app, we will obtain your separate, specific consent to integrate with that app and to process the data we collect through the integration.
For additional information about how we use personal data more generally, please review "2. Uses of Personal Data Permitted Under Applicable Data Protection Laws" in our Privacy Policy.
§ 03
How We Disclose Consumer Health Data
Syntic AI discloses consumer health data only in limited circumstances:
- To service providers and processors who help us operate the Services — for example, cloud hosting providers and infrastructure partners. These parties are contractually bound to process the data only on our behalf and only as needed to provide the Services to you.
- To the third-party app you connected, if you direct us to share data back to it (for example, sending a workout plan generated by Syntic back into your training app).
- To our affiliates and related entities that operate under privacy practices materially consistent with this Policy.
- As part of a significant corporate event such as a merger, acquisition, or sale of business assets. In such cases, we will require the recipient to honor this Policy with respect to your consumer health data.
- To comply with legal obligations, respond to lawful requests from public authorities, protect against fraud or harm, or enforce our legal rights.
- With your specific consent for any other purpose disclosed to you at the time of consent.
If you choose to integrate the Services with third-party apps, by interacting with those apps you may provide information directly to the third party, and that party's privacy policy governs what it does with the data. To learn more about your third-party integrations and how to manage them, please review Setting Up Syntic Integrations.
For additional information, please review "3. How We Disclose Personal Data" in our Privacy Policy.
§ 04
Your Rights and Choices
Depending on your state of residence and the laws that apply to you, you have the following rights with respect to your consumer health data:
- Right to confirm and access. You may request confirmation of whether we are processing your consumer health data, the categories of data we collect, and the categories of third parties to whom we have disclosed it. You may also request a copy of the data.
- Right to delete. You may request that we delete the consumer health data we have collected about you. We will honor verified deletion requests and pass them on to any affiliate, processor, contractor, or third party with whom we have shared that data.
- Right to withdraw consent. Where our processing is based on your consent — including the consent you provided to connect a third-party health app — you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
- Right to appeal. If we decline your request, you have the right to appeal that decision. We will respond to appeals within the timeframes required by applicable law.
How to exercise your rights
Syntic AI gives you several ways to exercise your rights:
- Manage connected health apps and revoke integration consent at any time in your Privacy Settings.
- Delete individual conversations from your conversation history. Deleted conversations are removed immediately from your view and automatically deleted from our back-end within 30 days.
- For broader requests (access, deletion of all consumer health data, withdrawal of consent, appeals), or if you are submitting a request through an authorized agent, email us at privacy@syntic.ai.
We may verify your request by asking for information sufficient to confirm your identity. We will respond within the timeframes required by applicable law. Syntic AI will not discriminate against you for exercising any of these rights.
§ 05
Security and Retention
We maintain a written data security program that includes administrative, technical, and physical safeguards designed to protect consumer health data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Access to consumer health data within Syntic AI is restricted to employees and contractors who need access for the purposes described in this Policy.
We retain consumer health data only for as long as is reasonably necessary to provide the Services to you, comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer required, we delete or de-identify it in accordance with applicable laws.
§ 06
Contact Us
If you have any questions about this Consumer Health Data Privacy Policy, or to exercise any of the rights described above, please contact us:
Residents of Washington who believe Syntic AI has violated the My Health My Data Act may also file a complaint with the Washington State Attorney General. Residents of other states may file complaints with the supervisory authority in their jurisdiction.