Consumer Health Data Privacy Policy
Much & More Media, Inc.
This Consumer Health Data Privacy Policy explains how Much & More Media, Inc. ("MMM," "we," "us") collects, uses, shares, and protects your consumer health data in the Gina website and app (the "Service"). It is a standalone policy, available on its own page and linked from our homepage, and it adds to our general Privacy Policy. This beta is offered only in the United States and Canada.
Section 1 · What we treat as your health data
We treat the following as your consumer health data: body-signal data we receive from a wearable you connect (such as sleep, readiness, heart-rate variability, activity, and temperature); the interpretations Gina derives from your data, such as scores, reads, and patterns; health-related information you enter or notes you keep; and any other information that is linked to your past, present, or future physical or mental health. We treat the interpretations we derive as health data too, not only the raw inputs.
Section 2 · How we collect it, and your consent
We collect your health data only after you give clear, affirmative, opt-in consent that is separate from accepting our Terms. We ask for that consent before we collect. We ask for a separate consent before we would share your health data with anyone beyond the service providers strictly necessary to operate the Service for you. You can decline, and you can withdraw any consent at any time; withdrawal stops future collection or sharing but does not undo processing already completed.
Section 3 · How we use it
We use your health data only to provide the features you ask for, to generate your reads and reflections and to personalize your experience, and for the specific purposes you have consented to. We do not use your identifiable health data for advertising, and we do not use it to train third-party artificial-intelligence models. Any use to improve the Service is done with de-identified or aggregated data that is not reasonably linkable to you.
Section 4 · How we share it, and our no-sale commitment
We do not sell your health data, and we will not sell it absent a valid written authorization signed by you. We share it only with service providers that help us run the Service, under contracts that limit their use of it, and only as needed to provide the Service to you or with your separate consent.
Wearable provider. We do not sell, rent, license, or disclose wearable-sourced data to advertisers or data brokers.
Business transfers. If MMM is involved in a merger, acquisition, financing, or sale of assets, information may transfer to the successor, which must honor this Policy for the data transferred; your health data remains subject to the no-sale commitment and to any authorization the law requires.
Section 5 · How long we keep it
We keep your health data only as long as needed to provide the Service to you and as the law allows. Raw data we receive from your wearable provider is deleted no later than the provider's cache limit, currently sixty (60) days. Interpretations bound to your account may be retained so your ongoing experience works; any data used to improve the Service or held as a business asset is de-identified or aggregated. When you delete your account or your health data, we delete it, including the interpretations we derived from it, and direct our service providers to do the same.
Section 6 · Your rights and how to exercise them
You have the right to: confirm whether we are collecting, sharing, or selling your health data and access that data; obtain a list of the specific third parties and affiliates with whom we have shared it, and how to contact them; withdraw consent to collection or sharing; and have your health data deleted, including the interpretations we derived from it. To exercise any of these, use the controls in Settings or contact us at the address in Section 9. We will verify your request and respond within the time the law allows, and we will not discriminate against you for exercising these rights. If you are in Washington State and believe we have not honored these rights, you may have a claim under the Washington Consumer Protection Act.
Section 7 · How we protect it
We protect your health data with reasonable administrative, technical, and physical safeguards, including encryption of data in transit and at rest, and we limit access to those who need it to provide the Service. If a breach affecting your health data occurs, we will notify you and the authorities as required by law.
Section 8 · Changes
We may update this Policy. If a change is material, a new category of health data, a new purpose, new sharing, or a transfer in connection with a sale, we will notify you and, where the law requires, obtain your consent before the change takes effect. The "Effective date" above shows the current version.