Privacy Policy

1. Summary

We collect information to provide personalized coaching and improve the Services. We:

• Collect only what is reasonably necessary
• Use de-identified and/or aggregated data when feasible for analytics
• Use reasonable and appropriate safeguards designed to protect information
• Give you controls over what you share (including integrations like Apple Health)

We may use artificial intelligence (AI) tools to help generate personalized coaching responses based on information you choose to provide.

2. Data Minimization (HIPAA-Adjacent Practice)

We aim to collect and process only information reasonably necessary to provide the Services and the features you use.

You can:

• Limit what you share
• Control how your data is used for coaching
• Disconnect third-party integrations at any time

3. Information We Collect

Information you provide

• Name and email
• Account credentials
• Goals and preferences
• Training, nutrition, and sleep inputs and preferences
• Body composition inputs as goals and check-ins (e.g., weight, body fat %, muscle), if you choose to enter them
• Messages and transcribed voice with the AI Coach or human coaches
• Appointment-related details

Health and fitness information (optional)

If you provide data manually or connect Apple Health (HealthKit), we may collect the data types you authorize, such as:

• Activity and workouts
• Steps
• Sleep and heart rate (if authorized)
• Energy expenditure (if authorized)
• Body measurements and composition (if authorized or entered)
• Blood glucose data and other analytes (as shared by sensors to Apple Health only)
• Environmental data such as UV light exposure
• Location for sunrise/sunset times

All health and fitness data collection is optional and based on your permissions.

Payment information

Payments are processed by third parties. We do not store full payment card numbers. We may store transaction records and receipts.

Automatically collected information

• Device identifiers and settings
• IP address and approximate location (derived from IP)
• App interactions and usage metrics
• Crash logs and performance diagnostics

4. How We Use Information

We use information to:

• Provide and personalize coaching and recommendations
• Generate AI-powered coaching responses tailored to your goals and inputs
• Adjust your plan over time
• Support paid coaching appointments
• Communicate about your account and service updates
• Improve our features and coaching effectiveness
• Protect against fraud, abuse, and security threats
• Comply with law

5. AI Processing and Third-Party Services

To provide AI-powered coaching features, we may securely transmit selected user data to third-party service providers, including artificial intelligence providers.

• We share only the data necessary to generate relevant coaching responses
• Data is used solely to provide responses and improve the Services
• We do not sell your personal or health data
• Where feasible, we minimize, de-identify, or aggregate data before analysis

These providers are contractually required to safeguard data and use it only for authorized purposes.

6. De-Identification and Analytics (Core Commitment)

When we analyze data to improve coaching and user experience, we use de-identified and/or aggregated data when reasonably feasible.

We remove or transform identifiers where appropriate and restrict access to those who need it.

De-identified and/or aggregated data may be used to:

• Improve personalization
• Evaluate coaching effectiveness
• Develop and test new features
• Improve the Services for all users

De-identification reduces risk but does not eliminate it. We take reasonable steps to prevent re-identification.

7. Sensitive Information (HIPAA-Adjacent Practice)

Some information may be sensitive (for example, health and fitness metrics). We apply heightened protections such as:

• Restricted access controls
• Secure storage practices
• Vendor safeguards and contractual protections
• Data minimization when sharing with third parties

Use of sensitive data for AI-powered coaching occurs only in connection with user-enabled features.

8. How We Share Information

We share information only as needed to operate the Services.

Service providers

We use vendors for:

• Hosting
• Analytics
• AI processing
• Customer support
• Payments
• Appointment scheduling

They are required by contract to protect information and use it only for authorized purposes.

Coaches

If you book a human coach appointment or request coach support, we share relevant information to provide the service.

Legal and safety

We may share information to comply with law or protect the rights, property, and safety of GOLD, our users, or others.

Business transfers

Information may be transferred in connection with a merger, acquisition, financing, or sale of assets, subject to protections.

No sale for money

We do not sell your personal information for monetary consideration.

9. Apple Health and Other Integrations

If you connect Apple Health:

• We access only the data types you explicitly authorize
• This data is used solely to provide and improve user-facing features
• We do not use HealthKit data for advertising, marketing, or sale
• You can revoke access at any time in iOS settings
• Apple's handling of your data is governed by Apple's policies

10. Security

We use reasonable and appropriate administrative, technical, and physical safeguards designed to protect information. These may include:

• Encryption in transit and at rest where appropriate
• Access controls and least-privilege policies
• Monitoring and incident response procedures
• Vendor security diligence and contractual protections

No system is completely secure. You are responsible for protecting your credentials and device.

11. Retention

We retain information as long as reasonably necessary to:

• Provide the Services
• Meet legal obligations
• Resolve disputes
• Enforce agreements

We may retain de-identified and/or aggregated data longer for legitimate business purposes.

12. Your Choices and Rights

Depending on your location, you may have rights to:

• Access, correct, delete, or export your information
• Object to or restrict certain processing
• Withdraw consent for optional data use (including AI coaching features)

To request these rights: privacy@goldhealth.ai

13. HIPAA Notice

Unless GOLD enters into a written HIPAA agreement (such as a Business Associate Agreement) or explicitly states HIPAA applies, information processed by GOLD is generally not regulated as protected health information (PHI) under HIPAA.

Even when HIPAA does not apply, we aim to apply privacy and security practices aligned with high standards for sensitive information.

14. AI Transparency and Improvement

We use artificial intelligence to:

• Generate coaching responses
• Improve the Services

We may analyze user interactions (including messages and coaching inputs) in a privacy-protective manner to:

• Improve coaching quality
• Enhance personalization
• Increase system safety and reliability

Where reasonably feasible, we use de-identified or aggregated data for these purposes.

15. Children's Privacy

The Services are not intended for children under 13 (or higher where required). If we learn we collected data unlawfully from a child, we will delete it.

16. International Users

If you use the Services outside the United States, your information may be transferred and processed in the U.S. or other countries where we and our vendors operate.

17. Changes to This Policy

We may update this Privacy Policy. If changes are material, we will provide notice. Continued use means you accept the updated policy.

18. Contact

GOLD, Inc.

9191 Towne Center Drive, Ste 150
San Diego, CA 92122

Contact Us

privacy@goldhealth.ai

Legal representation: Cooley