Privacy Policy

Last updated: March 30, 2026

MyBloodIQ ("we," "us," or "our") is committed to protecting the privacy and security of your personal and health-related information. This Privacy Policy describes how we collect, use, store, and share your data when you use the MyBloodIQ website and analysis tools (the "Service").

1. Information We Collect

We may collect the following categories of information:

• Contact Information: First name and email address, collected when you register to use the analysis tool.
• Health Data: Blood test lab values that you voluntarily enter into our analysis tool. This may include biomarker values such as blood counts, metabolic panels, thyroid markers, lipid panels, hormones, and other lab values.
• Usage Data: Browser type, device information, IP address, pages viewed, and interaction patterns collected automatically through standard web technologies.
• Cookies & Analytics: We may use cookies and similar tracking technologies to improve user experience and analyze usage patterns.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide the Service: To analyze your lab values against functional optimal ranges and generate your Blood IQ score and personalized recommendations.
• Improve Our Tools: Anonymized, de-identified health data may be used in aggregate to improve our analysis engine, refine optimal ranges, and develop new features.
• Communications: To send you your results, educational content, product updates, and health-related information. You can unsubscribe at any time.
• Research: Aggregated, de-identified data may be used for wellness research. Individual data is never published or shared in identifiable form.

3. How We Protect Your Data

We take the security of your health data seriously:

• All data is transmitted using TLS/SSL encryption.
• Health data is processed client-side in your browser. Lab values you enter are not stored on our servers unless you explicitly opt in to saving your results.
• Access to any stored data is restricted to authorized personnel only.
• We implement administrative, technical, and physical safeguards consistent with industry best practices for handling sensitive health information.

Important note: While MyBloodIQ is not a HIPAA-covered entity (we are not a healthcare provider, health plan, or clearinghouse), we voluntarily adopt privacy practices aligned with HIPAA Privacy Rule principles because we believe your health data deserves the highest standard of protection.

4. Data Sharing & Third Parties

We do not sell your personal information to third parties. We may share data in the following limited circumstances:

• Service Providers: Trusted vendors who assist with email delivery, analytics, or infrastructure — bound by confidentiality obligations.
• Legal Requirements: When required by law, subpoena, or legal process.
• Aggregated Data: De-identified, aggregated data may be shared for research purposes. This data cannot be traced back to any individual.

5. Data Retention

We retain your contact information for as long as your account is active or as needed to provide the Service. You may request deletion of your data at any time by contacting us at privacy@mybloodiq.com. Health data entered into the analysis tool is processed in your browser and is not retained on our servers by default.

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your personal data.
• Opt-out: Unsubscribe from marketing communications at any time.
• Portability: Request your data in a portable format.
• Restrict Processing: Request that we limit processing of your data.

7. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• The right to know what personal information we collect, use, and disclose.
• The right to request deletion of your personal information.
• The right to opt out of the sale of your personal information. We do not sell your personal information.
• The right to non-discrimination for exercising your CCPA rights.

To exercise any of these rights, contact us at privacy@mybloodiq.com.

8. European Users (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

• We process your data based on your explicit consent, which you provide when creating your account and agreeing to our terms.
• You have the right to withdraw consent at any time.
• You have the right to lodge a complaint with your local data protection authority.
• Health data is classified as special category data under GDPR. We process it only with your explicit consent and implement appropriate safeguards.

9. Children's Privacy

MyBloodIQ is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a person under 18, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or prominent notice on our website. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise any of your data rights, please contact us:

Email: privacy@mybloodiq.com

MyBloodIQ
Privacy Team