Legal

Privacy Policy

Your data is yours. Period. Here's exactly how we protect it.

Last updated: May 22, 2026

Never Sold

We never sell your data. Ever.

Encrypted

End-to-end, in transit and at rest.

Delete Anytime

One tap in the app. Gone.

You're in Control

Toggle sharing on or off.

SeeMyHealth ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard your information when you use our website (seemyhealth.ai), online store (shop.seemyhealth.ai), mobile application, and connected health devices.

This policy applies to all users worldwide. Where specific regional laws grant additional rights, those are detailed in the Regional Privacy Rights section below.

1. Information We Collect

Personal Information

Name, email address, shipping address, phone number, and payment details when you create an account or place an order.

Usage Data

How you interact with our website, app, and devices: IP address, browser type, device identifiers, pages visited, and feature usage patterns.

Communications

Records of support interactions, survey responses, and your marketing preferences.

Location Data

Approximate location derived from IP address for regional pricing, shipping, and language preferences. We do not track precise GPS location via our website.

2. Health & Wellness Data

Special Category Data

Health and wellness data is classified as sensitive personal data under GDPR, CCPA, POPIA, and other applicable laws. We process this data only with your explicit consent, which you provide when you set up your device and sync it with the SeeMyHealth app. You may withdraw this consent at any time.

Each SeeMyHealth device collects specific health metrics:

Ring One

Heart rate, heart rate variability (HRV), blood oxygen (SpO2), skin temperature, sleep stages (deep, light, REM, awake), step count, activity levels

The Scale / Scale Pro

Weight, body fat percentage, muscle mass, bone density, water percentage, BMI, visceral fat, metabolic age

BP Monitor

Systolic and diastolic blood pressure, pulse rate, irregular heartbeat detection, measurement timestamps

Hydra One

Water intake volume, hydration frequency, daily hydration goals, temperature of liquid

Hema One

Blood glucose levels, blood biomarkers, test timestamps. Blood biomarker data receives the highest level of protection and is encrypted separately from other health data.

All health data is synced to your account through the SeeMyHealth app and is stored encrypted at rest. We do not use your individual health data for advertising purposes.

3. Lawful Basis for Processing

We process your personal data under the following legal bases (as required by GDPR and similar regulations):

  • Contractual Necessity: Processing required to fulfill your order, deliver products, and provide our services
  • Explicit Consent: Processing of health and wellness data, which we collect only after you provide clear, informed consent during device setup. You may withdraw consent at any time without affecting the lawfulness of prior processing.
  • Legitimate Interest: Improving our products, preventing fraud, and ensuring platform security, where our interests do not override your fundamental rights
  • Legal Obligation: Tax record-keeping, regulatory reporting, and responding to lawful government requests

4. How We Use Your Data

We use your information to:

  • Process orders, payments, and deliver products
  • Provide and improve health tracking features in the SeeMyHealth app
  • Personalize your experience and deliver relevant content
  • Send transactional emails (order confirmations, shipping updates)
  • Send marketing communications (with your consent)
  • Analyze usage patterns in aggregate to improve our products and services
  • Ensure security and prevent fraud
  • Comply with legal obligations

We may use aggregated, de-identified data (data that cannot be linked back to you) for research and product development. Individual health data is never used for advertising or shared with advertisers.

5. How We Share Your Data

We do not sell your personal or health data to anyone. We have never sold personal data and have no plans to do so.

We may share information with:

  • Service providers who assist with order fulfillment, payment processing, and email delivery, bound by data processing agreements
  • Analytics partners who receive only aggregated, de-identified data to help us understand usage patterns
  • Healthcare providers if you explicitly choose to share health data with a doctor, practitioner, or wellness professional through the SeeMyHealth app. Once shared, the recipient becomes the data controller for that data.
  • Legal authorities when required by law, court order, or to protect our rights, safety, or property
  • Business transfers in the event of a merger, acquisition, or sale of assets. You will be notified before your data is transferred and becomes subject to a different privacy policy

All service providers are contractually obligated to protect your data, use it only for the purposes we specify, and delete it when no longer needed.

6. Third-Party Services

We use the following third-party services to operate our platform:

Shopify

E-commerce, payments, order processing

Cloudflare

Hosting, CDN, security, analytics

Google Analytics

Traffic analysis & insights

Klaviyo

Email marketing (with your consent)

SendGrid

Transactional email delivery

Each service has its own privacy policy. We encourage you to review their respective policies. We select service providers that maintain appropriate data protection standards and are bound by data processing agreements.

7. International Data Transfers

SeeMyHealth operates globally with warehouse and fulfillment locations in the United States, Kenya, Qatar, and China. Your personal data may be transferred to and processed in countries other than your own.

When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EEA
  • Data processing agreements with all service providers that require them to maintain equivalent data protection standards
  • Encryption in transit and at rest for all health and personal data regardless of location

Health data collected by your devices is processed on servers within the region where you created your account, unless you explicitly consent to cross-border transfer (e.g., sharing data with a healthcare provider in another country).

8. Cookies & Tracking

We use cookies and similar technologies to enhance your browsing experience, analyze site traffic, and understand user preferences.

  • Essential cookies are required for basic site functionality (cart, authentication, security). These cannot be disabled.
  • Analytics cookies (Google Analytics, Cloudflare Web Analytics) help us understand traffic patterns. Used only with your consent where required by law.
  • Marketing cookies are used to measure ad effectiveness. Used only with your explicit consent.

You can manage cookie preferences through your browser settings. Disabling non-essential cookies will not affect core site functionality.

9. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256) for all personal and health data
  • Secure authentication via Shopify Customer Account API with OAuth 2.0 PKCE
  • HttpOnly, Secure, SameSite cookies for session management
  • Cloudflare WAF and DDoS protection on all endpoints
  • Write-only secrets management (Cloudflare encrypted environment variables)
  • HMAC-SHA256 webhook signature verification

While we take reasonable precautions, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your data.

10. Data Breach Notification

In the unlikely event of a data breach that affects your personal or health data:

  • We will notify affected users via email within 72 hours of becoming aware of the breach, as required by GDPR
  • We will notify the relevant supervisory authority (data protection regulator) within the same timeframe
  • Our notification will include the nature of the breach, data affected, likely consequences, and measures taken to address it
  • We will provide guidance on steps you can take to protect yourself

If you believe your account has been compromised, contact us immediately at privacy@seemyhealth.ai.

11. Your Rights

You're always in the driver's seat. Here's what you can do:

Access

Request a copy of all personal data we hold about you in a portable format.

Correct

Fix inaccurate or incomplete data in your account.

Delete

Erase your personal data and account. One tap in the app or via email request.

Restrict Processing

Limit how we use your data while a dispute is resolved.

Data Portability

Export your health data in a structured, machine-readable format.

Withdraw Consent

Revoke consent for health data processing or marketing at any time.

To exercise any of these rights, contact us at privacy@seemyhealth.ai. We will respond within 30 days (or sooner where required by local law). If we deny a request, we will explain why and inform you of your right to appeal or lodge a complaint with a supervisory authority.

12. Regional Privacy Rights

European Economic Area, UK & Switzerland (GDPR / UK GDPR)

If you are located in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation:

  • Right to lodge a complaint with your local supervisory authority (data protection regulator)
  • Right to object to processing based on legitimate interest
  • Right not to be subject to automated decision-making, including profiling
  • 14-day cooling-off period for online purchases (see Terms of Sale)

International transfers from the EEA are governed by Standard Contractual Clauses (SCCs). For data protection inquiries specific to the EEA/UK, contact privacy@seemyhealth.ai.

United States (CCPA / State Privacy Laws)

If you are a California resident or reside in a state with comprehensive privacy legislation (Colorado, Connecticut, Virginia, Utah, and others), you have the right to:

  • Know what personal information we collect and how it is used
  • Request deletion of your personal information
  • Opt out of the sale of personal information. We do not sell personal data.
  • Non-discrimination for exercising your privacy rights
  • Submit requests via an authorized agent

SeeMyHealth is not a covered entity or business associate under HIPAA. Our devices and app are consumer wellness products, not medical devices, and health data collected is not Protected Health Information (PHI) under HIPAA. For consumer health data under state-specific laws (e.g., Washington's My Health My Data Act), health metrics collected by our devices are treated as consumer health data with enhanced protections as described in this policy.

South Africa (POPIA)

If you are located in South Africa, you have rights under the Protection of Personal Information Act:

  • Right to be notified when personal information is collected
  • Right to request access, correction, or deletion of your personal information
  • Right to object to processing of your personal information
  • Right to lodge a complaint with the Information Regulator

Health data is classified as special personal information under POPIA and is processed only with your explicit consent.

Kenya (Data Protection Act 2019)

If you are located in Kenya, you have rights under the Data Protection Act:

  • Right to be informed of how your data is used
  • Right to access, correct, and delete your personal data
  • Right to object to processing that causes unwarranted damage or distress
  • Right to lodge a complaint with the Office of the Data Protection Commissioner

Qatar, Middle East & Other Regions

If you are located in Qatar or other regions where we operate, we process your data in compliance with local data protection laws. Where local law requires explicit consent for processing sensitive personal data (including health data), we obtain that consent during device setup. Contact privacy@seemyhealth.ai to exercise your rights under local law.

13. Data Retention

  • Account data: Retained for as long as your account is active, plus 30 days after deletion request to process the deletion
  • Health data: Retained until you request deletion. When you delete your account, all associated health data is permanently erased within 30 days.
  • Transaction records: Retained for 7 years as required by applicable tax and accounting laws
  • Support communications: Retained for 2 years after resolution to improve our service
  • Analytics data: Aggregated and de-identified data may be retained indefinitely as it cannot be linked to you

14. Children's Privacy

Our services are not intended for children under 13 (or under the age of digital consent in your jurisdiction, whichever is higher). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us immediately at privacy@seemyhealth.ai and we will delete it promptly.

15. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes that affect how we handle your health data, we will notify you via email at least 30 days before the changes take effect. For other updates, we will post the revised policy on our website and update the "Last updated" date.

Continued use of our services after changes constitutes acceptance. If you do not agree with the revised policy, you may delete your account and cease using our services.

16. Contact Us

For questions about this policy, to exercise your data rights, or to report a data protection concern:

Privacy inquiries: privacy@seemyhealth.ai
General support: support@seemyhealth.ai
Website: seemyhealth.ai

Related legal documents

Your Cart

Your cart is empty