Consumer Health Data Privacy Policy

Last Updated: December 1, 2025

This Consumer Health Data Privacy Policy (“Policy”) explains how ReachWell Health, LLC (“ReachWell,” “we,” “us,” or “our”) collects, uses, and shares consumer health data (“Consumer Health Data”) as that term is defined under applicable U.S. state laws.

This Policy applies to Consumer Health Data we collect through:

  • Our website at https://www.reachwell.health
  • Any ReachWell mobile applications
  • Any other online services that link to this Policy
  • Our marketing activities and related online programs

Collectively, we refer to these as the “Services.”

This Policy supplements the ReachWell Privacy Policy. If there is a conflict between the two, this Policy will control, but only for Consumer Health Data and only to the extent required by applicable U.S. state law.

This Policy does not apply to Consumer Health Data that we process solely on behalf of another organization (for example, an employer or health plan) when we act as their service provider or business associate. In those cases, our use of your data may be governed by our agreement with that organization. If your access to ReachWell is through an employer or another enterprise program, please direct questions about how your Consumer Health Data is handled in that context to that organization.

1. Consumer Health Data We Collect

Depending on how you use the Services, we may collect the following types of Consumer Health Data. Some of this data is provided directly by you, some is collected automatically, and some may come from third parties.

1.1 Consumer Health Data You Provide or We Generate

Examples include:

  • Contact Data
    Name, email address, mailing/billing address, phone number.
  • Demographic Data
    City, state, country of residence, postal code, age, date of birth, gender or gender identity, racial or ethnic identity, sexual orientation (where you choose to provide it and where permitted by law).
  • Account Data
    Username and password, profile photo, basic bio, linked social profiles, communication preferences, participation in surveys or promotions, and other information you choose to add to your profile.
  • Service-Eligibility Data
    If you access ReachWell through an employer or other program, we may receive information such as employer name, eligibility status, or program identifiers.
  • Health-Related Data
    Information about your physical or mental health, such as history, conditions, diagnoses, treatments, medications, medical images, biomarkers, lab samples and results, clinical notes, and similar health information. This may include:
    • Data entered in forms or onboarding flows
    • Uploaded medical records
    • Information from connected devices or apps (if enabled)
  • Genetic Data
    If, in the future, you use tests that include genetic components, we may receive results or markers related to inherited traits, as allowed by law and your consents.
  • Audiovisual Data
    Video or audio recordings of you (for example, if you participate in recorded sessions, events, or support calls where we notify you of such recording).
  • Transactional Data
    Order details, subscription information, purchase history, and related transaction metadata (excluding full payment card numbers, which are processed by payment providers).
  • Communications Data
    Content of messages you send us (e.g., emails, in-app messages, chat interactions, survey responses, or social media communications).
  • Relationship Data
    Information about family members or others you identify to us (for example, if you buy a kit for someone else or list an emergency contact).
  • Payment Data
    Payment method information (such as partial card details or billing identifiers) needed to complete purchases, typically handled by our payment processors.
  • Marketing & Preference Data
    Your preferences for receiving marketing communications from us and your engagement with them (e.g., whether you opened, clicked, or unsubscribed).
  • User-Generated Content
    Content you choose to share, such as photos, comments, messages, or stories, plus associated metadata (e.g., when and where it was created, tags, and formatting information).
  • Other Data
    Any other information you provide that relates to your health or could be treated as Consumer Health Data under applicable law.

1.2 Consumer Health Data We Collect Automatically

When you use the Services, certain information may be collected automatically and may be considered Consumer Health Data when linked or reasonably linkable to your health status or health-related inferences.

Examples include:

  • Device Data
    Device type (phone, tablet, computer), operating system and version, browser type, screen resolution, device identifiers, language settings, mobile carrier, and network information (e.g., Wi-Fi, LTE).
  • Approximate Location Data
    General location such as city, state, or region inferred from your IP address.
  • Precise Geolocation Data
    If you allow our mobile app or browser to access your precise location, we may receive GPS or similar location signals.
  • Online Activity Data
    Pages or screens viewed, the time spent on them, navigation paths, referral pages, and how you interact with elements on a page or within the app.
  • Communication Interaction Data
    Information about how you interact with our emails or messages, such as whether you open or forward them or click on links. We may use technologies like pixel tags in emails for this purpose.

These data may be collected through cookies, SDKs, web beacons, local storage, and similar technologies. For more detail, see our general Privacy Policy.

1.3 Consumer Health Data from Third Parties

We may also receive Consumer Health Data from third parties, such as:

  • Corporate Affiliates
    Other entities under common ownership or control with ReachWell, where permitted by law.
  • Labs and Health Service Partners
    Third-party CLIA-certified labs and other clinical or diagnostic partners who perform testing or services related to the Services.
  • Enterprise Customers
    Employers or wellness programs that sponsor access to ReachWell and share information needed to administer your benefit.
  • Linked Third-Party Services
    For example, if you use Google or another provider to log into your account or connect a third-party account, we may receive information from those services depending on your settings (e.g., name, profile picture).
  • Linked Devices & Apps
    Wearables, health apps, or other devices you connect to ReachWell may share activity, biometrics, or other health-related data, in line with your choices and their privacy settings.
  • Third Parties You Designate
    For example, lab providers or apps you direct us to connect with, even if we don’t have a direct contract with them.
  • Service Providers
    Vendors that collect or process data on our behalf (for example, analytics providers, communication platforms, or hosting providers).

1.4 Consumer Health Data We Create, Infer, or Generate

We may derive or generate Consumer Health Data from the information we collect. For example:

  • Scoring, trends, or risk flags based on your biomarker results
  • Segments or profiles based on your usage patterns
  • AI-generated insights about your health metrics

We may also create aggregated, de-identified, or anonymized data by removing direct identifiers or combining data so it can no longer reasonably be linked to you. Subject to applicable law, this type of data is not treated as Consumer Health Data, and we may use or share it for research, analytics, and other lawful business purposes. We will not attempt to re-identify such data except as permitted or required by law.

2. How We Use Consumer Health Data

We use Consumer Health Data for the purposes described here (and as otherwise disclosed at the time of collection or with your consent). The table below summarizes core purposes and categories of data involved.

2.1 Purposes of Use

Service delivery and operations
To provide, operate, secure, and support the Services, including:

  • Setting up and managing your account
  • Registering and processing test kits
  • Displaying your results and trends
  • Communicating with you about your account, tests, and updates
  • Providing customer support

Data categories used:
Contact, demographic, account, service-eligibility, health-related, genetic (if applicable), audiovisual, transactional, communications, relationship, payment, marketing, user-generated content, device, approximate or precise location (if enabled), online activity, communication interaction data.

Service personalization
To personalize your experience, including:

  • Tailoring dashboards and insights
  • Remembering preferences and settings
  • Showing content relevant to your interests and health areas

Data categories used:
Same as above, where relevant to personalization.

Insights, research & development
To improve and develop the Services, including:

  • Analyzing how users interact with the Services
  • Improving our algorithms and health insight models
  • Testing new features or products

Data categories used:
Same categories as above, often in aggregate or de-identified form where possible.

Direct marketing
Where allowed by law and your preferences, to:

  • Send you emails or messages about new features, offers, or educational content
  • Invite you to events, surveys, or programs

You can opt out of marketing communications at any time (see below).

Data categories used:
Primarily contact, demographic, account, marketing, and certain usage data; we do not use genetic data for interest-based advertising.

Promotions, programs, and contests
To run and administer programs such as:

  • Discounts or referral programs
  • Contests, giveaways, or special pilot groups

Data categories used:
Contact, account, eligibility, transactional, communications, and related data needed to run the program.

Service improvement and analytics
To better understand:

  • Which features are used most
  • Where users get stuck
  • How effective our communications are

This helps us refine the product and support.

Data categories used:
Most categories above, particularly device, activity, and interaction data.

Compliance and protection
 To:

  • Comply with applicable laws and legal processes
  • Respond to lawful requests from regulators, courts, or law enforcement
  • Protect the rights, privacy, safety, and property of you, ReachWell, or others
  • Detect, investigate, and help prevent fraud, abuse, security incidents, or other harmful activity
  • Enforce our Terms of Service and other agreements

Data categories used:
Any relevant Consumer Health Data as necessary to comply with law or protect rights and safety.

Corporate transactions
In connection with a merger, acquisition, financing, reorganization, or similar corporate event involving ReachWell, your Consumer Health Data may be used and shared as part of the evaluation or completion of that transaction.

Aggregated, de-identified, and/or anonymized data
We may:

  • Transform Consumer Health Data into de-identified or aggregated data
  • Use such data for analytics, research, and business purposes
  • Share de-identified data with partners or researchers where permitted by law

3. How We Share Consumer Health Data

We may “share” Consumer Health Data (as defined by applicable law) with your consent, as needed to provide the Services, or as otherwise permitted or required by law. Examples include:

  • Corporate Affiliates
    We may share Consumer Health Data with other ReachWell-affiliated entities, where allowed.
  • Payment Processors
    Payment card information you use is collected and processed directly by our payment processors (e.g., Stripe). Their use of your payment data is governed by their own privacy policies.
  • Research Partners
    We may share Consumer Health Data (often in de-identified or aggregated form) with research or academic partners, where permitted by law and, where required, by your consent.
  • Labs and Health Service Partners
    We share Consumer Health Data with third-party labs and other health-related service providers that perform testing or services related to your use of ReachWell.
  • Enterprise Customers
    If you access ReachWell through an employer or other enterprise program, we may share certain limited data with that organization (for example, to confirm eligibility or usage in aggregate form), in line with our agreements and applicable laws.
  • Linked Third-Party Services & Devices
    If you log in with a third-party account or connect a device or app, we may share data with that third party as you direct or as needed to facilitate the connection. Their use of the data is subject to their privacy policy and your settings with them.
  • Service Providers
    Vendors that provide services on our behalf (e.g., hosting, support, communications, analytics, security) may receive Consumer Health Data as needed to perform their work for us, subject to contractual confidentiality and data protection obligations.
  • Legal and Law Enforcement
    We may access, preserve, and disclose Consumer Health Data when we believe it is necessary to:
    • Comply with law or legal processes
    • Respond to valid requests from law enforcement or regulators
    • Protect our customers, the public, or ReachWell
    • Enforce our terms or protect against fraud or security threats
  • Business Transferees
    In an actual or potential merger, acquisition, financing, asset sale, or similar event, Consumer Health Data may be shared with advisors and counterparties, and may ultimately be transferred to a successor entity.

For additional detail about sharing of personal information more broadly, please refer to the “How we share your personal information” section in our general Privacy Policy.

4. Your Consumer Health Data Rights & Choices

Depending on where you live and which state laws apply, you may have certain rights with respect to your Consumer Health Data. These rights can vary by jurisdiction and may be subject to conditions or limitations.

Where applicable law grants you these rights, you may be able to:

4.1 Withdraw Consent

If we rely on your consent to collect or share certain Consumer Health Data, you may withdraw that consent for future collection or sharing.

4.2 Access and Confirm

You may have the right to:

  • Confirm whether we have collected, shared, or sold your Consumer Health Data; and
  • Request access to a copy of that Consumer Health Data.

You may also be able to request a list of certain third parties and affiliates with whom your Consumer Health Data has been shared, to the extent required by law.

4.3 Correction

You may have the right to ask us to correct inaccuracies in your Consumer Health Data.

4.4 Deletion

You may have the right to request that we delete your Consumer Health Data, subject to certain exceptions (for example, where we must retain data to comply with law, enforce agreements, or complete transactions).

4.5 Appeal

If we deny your request to exercise a right, you may have the right to appeal our decision. We will tell you how to appeal in our response.

4.6 How to Exercise Your Rights

To submit a Consumer Health Data rights request, you can contact us at:

📧 Email: privacy@reachwell.health

We may need to verify your identity before fulfilling your request. Verification may involve:

  • Confirming information we already have on file (e.g., email address, recent transactions); or
  • Requesting additional information solely for verification and security purposes.

If we cannot verify your identity, we may not be able to honor your request, and we will let you know why.

4.7 Declining to Provide Consumer Health Data

Certain Consumer Health Data is necessary for us to provide specific services (for example, processing a lab test). If you choose not to provide data we mark as required, or if you later ask us to delete certain required Consumer Health Data or withdraw consent for its use, we may not be able to provide some or all of the Services to you.

4.8 Linked Third-Party Platforms

If you log into ReachWell using a third-party account (e.g., Google) or link a device or app (e.g., a wearable), you may be able to manage what data is shared with ReachWell via your settings with that third party.

If you revoke our access via the third party’s settings, that revocation will not affect Consumer Health Data we have already received from them, but we will stop receiving new data from that connection going forward.

5. Changes to This Consumer Health Data Privacy Policy

We may update this Policy from time to time to reflect:

  • Changes to the Services
  • Changes in how we handle Consumer Health Data
  • Changes in applicable laws and regulations

When we make material changes, we will:

  • Update the “Last Updated” date at the top of this Policy; and
  • Provide additional notice as required (for example, by posting a notice on the site or sending you a notification).

Your continued use of the Services after the effective date of an updated Policy means you acknowledge that the revised Policy applies to your interactions with ReachWell and your Consumer Health Data.

6. How to Contact Us

If you have questions about this Policy, our handling of Consumer Health Data, or wish to exercise your Consumer Health Data rights, you can contact us at:

📧 Email: privacy@reachwell.health

🌐 Website: https://www.reachwell.health

We care about your data, and we'd use cookies only to improve your experience. By using this website, you accept our Cookies Policy.
Okay