Consumer Health Data Privacy Policy
This Consumer Health Data Privacy Policy is published by Reta ("we," "us," or "our") as required by the Washington My Health My Data Act (RCW 19.373) and the Connecticut Data Privacy Act consumer health data provisions. This is a standalone document separate from our general Privacy Policy.
This policy describes how we collect, use, and protect consumer health data in connection with the Reta mobile application (the "App").
1. Categories of Consumer Health Data Collected
Reta collects the following categories of consumer health data, as defined by the Washington My Health My Data Act:
| Category | Specific Data | Description |
|---|---|---|
| Medication information | GLP-1 medication type, custom medication name, administration method (injection or non-injection), starting dosage, dosage (mg), injection site, pain level (0–4 scale), injection date/time, preferred injection days, next planned dose date/amount/site, notes | Records of prescribed medication use, including dosing and injection tracking |
| Physical health data | Body weight, height, body circumference measurements (waist, hips, chest, arms, thighs, neck — planned feature) | Physical health metrics entered by the user. Body measurement logging is a planned feature not yet available for user input. |
| Symptom and side effect data | Symptom type (e.g., nausea, fatigue, headache), severity (1–5 scale), notes | Self-reported symptoms and side effects related to medication use |
| Nutrition and hydration data | Food item names, calories, protein, carbohydrates, fat, fiber, meal type, notes, water intake, water intake notes | Dietary intake and hydration records |
| Mental and behavioral health data | Mood rating (1–5 scale), energy level (1–5 scale), food noise level (1–5 scale), mood notes — planned feature | Self-reported emotional and behavioral health indicators. Mood and energy logging is a planned feature not yet available for user input. |
| Fitness and activity data | Workout type, duration, daily step counts | Exercise and physical activity records |
| Body images | Progress photos | Photographs of the user's body captured or selected for personal progress tracking |
| Biometric data imported from Apple Health | Body mass, height, step count (read-only, with user permission) | Health metrics imported from Apple's HealthKit framework |
| Health-related goals | Goal weight, target date, calorie target, protein goal, fiber goal, water goal, step goal, workout goal, treatment stage, GLP-1 start date/weight | Personal wellness goals and treatment timeline information |
2. Purpose for Collection
We collect consumer health data solely to provide the App's core functionality. Specifically:
- Medication tracking: To help you log and review your GLP-1 injection history, dosages, and injection sites
- Health trend visualization: To display your weight, nutrition, symptom, mood, and activity trends over time through charts and summaries
- Goal tracking: To show your progress toward weight, nutrition, hydration, and activity goals you set
- Reminders: To send you local notifications for injection schedules, weigh-ins, and meal logging based on your preferences
- Progress documentation: To store progress photos for your personal before-and-after reference
- Data sync: To sync your data across your own Apple devices via iCloud (if you choose to enable this feature)
We do not collect consumer health data for:
- Advertising, marketing, or targeted promotions
- Sale to third parties
- Data mining or data brokering
- Training artificial intelligence or machine learning models
- Profiling or automated decision-making
- Research, clinical studies, or any purpose beyond providing the App's features to you
3. Categories of Sources
Consumer health data is collected from the following sources:
| Source | Description |
|---|---|
| You (direct input) | All health data is entered by you manually through the App's interface. You decide what to log, when to log it, and how much detail to include. |
| Apple HealthKit (with your permission) | If you grant permission, Reta may import body mass, height, and step count from Apple Health. This is optional and requires your explicit authorization through the iOS system prompt. |
We do not purchase, receive, or otherwise obtain consumer health data from data brokers, social media platforms, public records, healthcare providers, pharmacies, or any other third-party source.
4. Categories of Consumer Health Data Shared
We do not share any consumer health data.
We do not share, sell, or disclose consumer health data to any third party for any purpose. Your health data remains on your device and, if you choose to enable iCloud sync, in your personal iCloud account (managed by Apple under your Apple ID).
5. Categories of Third Parties and Affiliates With Whom Data Is Shared
None.
We do not share consumer health data with any third parties or affiliates. We have no third-party data sharing agreements. We do not have affiliates.
For clarity:
- We do not share data with advertisers
- We do not share data with data brokers
- We do not share data with analytics providers (no health data is ever included in analytics, if analytics are implemented in the future)
- We do not share data with healthcare providers, pharmacies, or insurance companies
- We do not share data with government entities (unless compelled by valid legal process)
The only instance in which consumer health data may be disclosed is in response to a valid legal obligation, such as a court order or subpoena, as required by applicable law.
6. How to Exercise Your Rights
6.1 Your Rights
Under the Washington My Health My Data Act and similar state laws, you have the right to:
- Know what consumer health data we have collected about you
- Access your consumer health data
- Delete your consumer health data
- Withdraw consent to the collection of your consumer health data
6.2 How to Exercise Your Rights Within the App
You can exercise most of your rights directly within the App:
| Right | How to Exercise |
|---|---|
| Access | All of your data is visible within the App. Navigate to any section (Shots, Weight, Nutrition, Symptoms, etc.) to view your full history. |
| Delete all data | Go to Settings > Manage Your Data > Delete All Data. This permanently removes all consumer health data from your device. |
| Delete individual entries | Navigate to the relevant section and delete specific entries. |
| Export your data | Go to Settings > Manage Your Data > Export Data to download your data in CSV format. |
| Withdraw consent | Delete your data within the App and/or uninstall the App. You may also revoke specific permissions (such as HealthKit access) in iOS Settings. |
6.3 How to Exercise Your Rights by Contacting Us
You can also exercise your rights by contacting us:
Email: support@reta.app
When you submit a request, we will:
- Acknowledge your request within 5 business days
- Verify your identity to protect your data (we may ask you to confirm details about your App usage since we do not collect email addresses or maintain user accounts)
- Fulfill your request within 30 calendar days
- Notify you when your request has been completed
6.4 Appeal Process
If we deny your request, we will provide a written explanation. You may appeal by contacting us at support@reta.app with the subject line "Privacy Rights Appeal." We will respond to your appeal within 30 calendar days.
You may also file a complaint with the Washington State Attorney General at atg.wa.gov or the Connecticut Attorney General at portal.ct.gov/ag.
7. Additional Information
7.1 Data Storage
All consumer health data is stored locally on your device. We do not maintain copies on external servers. If you enable iCloud sync, your data is also stored in your personal iCloud account, managed by Apple.
7.2 Consent
We obtain your consent to collect consumer health data during the App's onboarding flow, before data collection begins. You can withdraw your consent at any time by deleting your data or uninstalling the App.
We do not collect consumer health data without your consent. Consent for data collection is separate from any consent for data sharing (though we do not share data).
7.3 Geofencing
We do not use geofencing technology. We do not collect location data. We do not establish virtual boundaries around any healthcare facility or location.
7.4 Children
The App is intended for individuals aged 18 and older. We do not knowingly collect consumer health data from individuals under 18.
7.5 Contact
Email: support@reta.app
This Consumer Health Data Privacy Policy is a standalone document published in compliance with the Washington My Health My Data Act (RCW 19.373). For our complete privacy practices, please see our separate Privacy Policy.