DIGITALHEALTH PRIVACY POLICY

Last Updated: [06/01/2026]


DigitalHealth ("DigitalHealth," "we," "our," or "us") is a health data aggregation platform (the "Service") designed to collect, integrate, and display health-related information from connected devices and services. The Service enables users, healthcare professionals, and approved researchers to obtain a more comprehensive view of health and wellness data.

The Service also supports clinical, behavioral, and population health research by enabling approved research teams to collect and manage participant health data from connected devices and digital health services. Research activities conducted through DigitalHealth are performed in accordance with applicable institutional policies and, where required, approved by an Institutional Review Board (IRB) or equivalent ethics oversight body.

Protecting the privacy and security of user information is a core principle of DigitalHealth. This Privacy Policy explains what information we collect, how we use it, how we protect it, and the choices available to users regarding their information.

Information We Collect scroll to top

Account Information

When you create a DigitalHealth account, we collect:

  • Username
  • Email address
  • Securely hashed password

Your username serves as a unique identifier within the Service. Your email address is used for account activation, account-related communications, and password recovery.

Health Information

If you choose to connect DigitalHealth with supported third-party health platforms or devices, we may collect health and wellness information that you authorize us to access, including but not limited to:

  • Activity and exercise data
  • Step counts
  • Sleep information
  • Weight measurements
  • Blood pressure readings
  • Blood glucose readings
  • Nutrition information
  • Other health-related data authorized by you

The specific data collected depends on the services and permissions you choose to connect.

Google API Services Data scroll to top

If you choose to connect your Google account, DigitalHealth may access information authorized by you through Google APIs, including health, fitness, profile, or account information permitted by the scopes you approve.

Google user data is used solely to provide and improve the functionality requested by the user, including:

  • Synchronizing authorized health information
  • Displaying user health metrics
  • Supporting approved research activities
  • Maintaining user-requested integrations and services

DigitalHealth does not use Google user data for advertising purposes, does not sell Google user data, and does not use Google user data to develop, improve, or train generalized artificial intelligence or machine learning models.

Separately, approved research studies conducted through DigitalHealth may use participant data collected for research purposes to develop, validate, evaluate, or improve statistical, machine learning, or artificial intelligence models, subject to Institutional Review Board (IRB) approval, informed participant consent, applicable regulations, and institutional policies. Such research activities are distinct from DigitalHealth's operational use of Google API data and do not alter the restrictions described above regarding Google user data.

Device, Usage, and Log Information scroll to top

We may automatically collect certain technical information, including:

  • IP address
  • Browser type and version
  • Operating system
  • Device information
  • Date and time of access
  • Session duration
  • Pages visited
  • Features used
  • System and application logs

This information is used to operate, maintain, troubleshoot, secure, and improve the Service.

Cookies and Similar Technologies scroll to top

DigitalHealth may use cookies and similar technologies to support authentication, security, user preferences, and functionality.

Users may disable cookies through their browser settings; however, some features of the Service may not function properly if cookies are disabled.

How We Use Information scroll to top

DigitalHealth uses collected information to:

  • Provide and maintain the Service
  • Authenticate users
  • Synchronize data from connected services
  • Display and analyze health information
  • Support approved research activities
  • Improve platform functionality and user experience
  • Detect, prevent, and investigate security incidents
  • Comply with legal and regulatory obligations
  • Communicate important service-related information

We do not sell personal information to third parties.

Anonymous and Aggregated Information scroll to top

"Anonymous Information" refers to information that cannot reasonably be used to identify an individual user.

DigitalHealth may create and use aggregated or de-identified information for:

  • Service improvement
  • System performance analysis
  • Academic and scientific research
  • Statistical reporting

Anonymous or aggregated information may be shared with service providers, collaborators, researchers, or published in presentations, abstracts, publications, and conferences, provided such information does not identify individual users.

Research studies conducted using DigitalHealth generally require review and approval by an Institutional Review Board (IRB) or equivalent ethics oversight body when applicable.

Research Participation scroll to top

Users may choose to participate in research studies conducted through DigitalHealth.

Research participation is voluntary and may require separate informed consent documentation. Information collected for research purposes may be subject to retention, disclosure, and management requirements described in the applicable research consent form.

Where applicable, research data may continue to be retained and used in accordance with the approved research protocol and informed consent documents even if a user later closes their DigitalHealth account.

How We Protect Information scroll to top

DigitalHealth employs administrative, technical, and physical safeguards designed to protect personal and health information from unauthorized access, use, disclosure, alteration, or destruction.

Security measures include:

  • Encryption of data in transit using Transport Layer Security (TLS)
  • Encryption of sensitive application data before storage
  • Encryption of storage systems at rest using enterprise storage encryption technologies, including Dell PowerStore Data-at-Rest Encryption (D@RE)
  • Secure password hashing and credential protection
  • Role-based access controls
  • Least-privilege administrative access
  • Account lockout mechanisms to mitigate brute-force attacks
  • Session timeout controls
  • Security monitoring and audit logging
  • Vulnerability assessments and security testing
  • Security patch and update management processes

All HTTP requests are redirected to HTTPS whenever possible.

While no system can guarantee absolute security, DigitalHealth takes reasonable and appropriate measures to protect user information.

Sharing Information scroll to top

DigitalHealth does not sell personal information.

Sharing Authorized by Users scroll to top

Users may choose to authorize other users to access selected health information through the Service.

Access to health information is restricted to users who have been explicitly granted permission by the data owner. Users should carefully consider the implications of sharing their information before granting access.

Service Providers scroll to top

DigitalHealth may use third-party service providers to support hosting, infrastructure, monitoring, analytics, authentication, security, and related operational functions.

Such providers may process information only on behalf of DigitalHealth and only as necessary to provide contracted services.

Data Retention scroll to top

DigitalHealth retains personal information only for as long as reasonably necessary to provide the Service, fulfill research obligations, comply with legal requirements, resolve disputes, enforce agreements, and maintain security records.

Upon account closure, personal information associated with the account will generally be deleted or anonymized within ninety (90) days unless retention is required for:

  • Legal or regulatory compliance
  • Security investigations
  • Approved research activities
  • Institutional recordkeeping requirements
  • Enforcement of contractual obligations

Research data may be retained according to applicable research protocols, informed consent documents, institutional policies, and legal requirements.

Account Closure and Data Deletion scroll to top

Users may request closure of their DigitalHealth account at any time by contacting us.

Upon account closure:

  • Access to the account will be disabled.
  • Connections to third-party services will be terminated.
  • Personal information will be deleted or anonymized according to the Data Retention section above.
  • Third-party accounts connected to DigitalHealth will not be affected.

Your Rights and Choices scroll to top

Subject to applicable law, users may:

  • Access their account information
  • Update or correct account information
  • Disconnect third-party services
  • Request account deletion
  • Withdraw permissions previously granted to other users
  • Request information regarding the processing of their personal information

Research participants should consult the applicable informed consent documentation regarding rights associated with research data.

HIPAA and Health Information scroll to top

DigitalHealth implements administrative, technical, and physical safeguards designed to protect health-related information and operates in accordance with applicable institutional, contractual, ethical, and regulatory requirements.

Nothing in this Privacy Policy should be interpreted as a representation that DigitalHealth is a HIPAA-covered entity or business associate unless explicitly stated in separate contractual or regulatory documentation.

Children's Privacy scroll to top

DigitalHealth does not knowingly collect personal information from individuals in violation of applicable laws regarding children's privacy. If we become aware that such information has been collected improperly, we will take reasonable steps to delete it.

Changes to This Privacy Policy scroll to top

DigitalHealth may update this Privacy Policy from time to time.

If material changes are made, users will be notified through the Service, by email, or by other reasonable means prior to the changes becoming effective.

The "Last Updated" date at the top of this Privacy Policy indicates when the most recent revision was made.

Contact Information scroll to top

If you have questions, concerns, or requests regarding this Privacy Policy or our handling of personal information, please contact:

DigitalHealth Privacy Team

via Contact Us

or Mailing address: 98 Varsity Way, Tallahassee, FL 32306

Subject Line: Privacy Policy Inquiry