Privacy Policy

Last updated: January 2026

1. Introduction

Vita Health, Inc. ("Vita," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

We understand that health data is among the most sensitive personal information. We treat your data with the utmost care and transparency.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Email address, name, and password when you create an account
  • Health Data: Lab results, DNA data, wearable device data, supplement information, and health journal entries you choose to share
  • Payment Information: Billing details processed securely through our payment provider (we do not store full credit card numbers)
  • Communications: Messages you send us for support or feedback

2.2 Information Collected Automatically

  • Usage Data: How you interact with the Service, features used, and time spent
  • Device Information: Device type, operating system, browser type, and IP address
  • Cookies: Session and preference cookies to improve your experience

2.3 Information from Third Parties

  • Connected Services: Data from DNA testing providers, lab services, and wearable devices you authorize
  • Analytics Providers: Aggregated usage data from our analytics tools

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Generate personalized health insights and recommendations
  • Process transactions and send related information
  • Send administrative messages, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues and fraud
  • Comply with legal obligations

4. How We Share Your Information

We do NOT sell your personal health data.

We may share your information in the following circumstances:

  • Service Providers: With trusted vendors who help us operate the Service (hosting, analytics, payment processing), bound by confidentiality agreements
  • With Your Consent: When you explicitly authorize sharing with third parties
  • Legal Requirements: When required by law, subpoena, or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with continued protection of your data)
  • Aggregated Data: We may share anonymized, aggregated data that cannot identify you for research or statistical purposes

5. Data Security

We implement robust security measures to protect your data:

  • Encryption in transit (TLS) and at rest (AES-256)
  • Regular security audits and penetration testing
  • Access controls and authentication requirements
  • Employee security training and background checks
  • Incident response procedures

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account deletion:

  • Personal health data is deleted within 30 days
  • Some data may be retained in anonymized form for analytics
  • Certain data may be retained as required by law
  • Backup data is purged within 90 days

7. Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Export your data in a machine-readable format
  • Withdraw Consent: Disconnect third-party services at any time
  • Opt-Out: Unsubscribe from marketing communications

To exercise these rights, contact us at privacy@getvita.fit or use the settings in your account.

8. Children's Privacy

The Service is not intended for children under 18. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 18, we will delete it promptly.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including standard contractual clauses approved by relevant authorities.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your rights

11. HIPAA Notice

While Vita is not a covered entity under HIPAA, we voluntarily implement HIPAA-aligned security practices for your health information. We use business associate agreements where appropriate with our service providers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Vita Health, Inc.
Email: privacy@getvita.fit
Data Protection Officer: dpo@getvita.fit