Legal

Privacy Policy

Effective date: March 12, 2026 · Last updated: March 12, 2026

Summary: Healix collects health data you provide (bloodwork, meals, wearable metrics) to power your personal health dashboard and AI assistant. We do not sell your data. You can delete your account and data at any time.

1. Who We Are

Healix is operated by MioMarker ("we," "us," "our"). Healix is a wellness and informational platform — it is not a medical device and is not intended to diagnose, treat, cure, or prevent any disease. Our website is usehealix.com.

For privacy questions, contact us at: support@usehealix.com

2. Data We Collect

Account Information

When you create an account, we collect your email address and password. Authentication is handled by Supabase, our infrastructure provider.

Profile Information

You may voluntarily provide: name, date of birth, sex, height, weight, activity level, medical history, and family health history. This information helps personalize your health dashboard and AI insights.

Health & Wellness Data

This is the core of what Healix processes. It includes:

Bloodwork results — extracted from lab report PDFs you upload (biomarker names, values, units, reference ranges, flags)
Wearable metrics — synced from Apple HealthKit via our companion app HealthBite (heart rate, resting heart rate, sleep stages, steps, distance, calories burned, respiratory rate, exercise minutes)
Meal logs — meal descriptions, macronutrient and micronutrient data
Fitness assessments — strength test results, VO2 max estimates
Weight logs — weight tracking entries
Supplement tracking — supplements you log

Uploaded Documents

PDF files you upload (typically lab reports). We extract text content for analysis and store the original file securely.

AI Chat Conversations

Messages you send to the Healix AI assistant, along with the AI's responses, are stored to maintain conversation history and improve your experience.

Technical Data

We automatically collect: browser type, device type, IP address, pages visited, and session duration. We use this to maintain and improve the service.

3. How We Use Your Data

Purpose	Data Used
Display your health dashboard and Vitality Age score	All health & wellness data, profile
Power the AI health assistant (chat)	Health data, profile, conversation history
Analyze meals and estimate nutrition	Meal descriptions, profile (height, weight)
Extract biomarkers from uploaded lab reports	Uploaded PDF documents
Generate health insights and summaries	All health & wellness data
Account management and authentication	Email, password
Service improvement and bug fixes	Technical data, usage patterns (aggregated)
Communicate with you about the service	Email

4. AI Processing and Third-Party Services

Important: To provide AI-powered features, portions of your health data are sent to third-party AI providers for processing.

When you use the AI chat assistant or log a meal for AI analysis, relevant health data is sent to OpenAI via our secure server infrastructure for processing. Specifically:

Health metrics, bloodwork results, meal data, and profile information may be included as context for AI responses
Data is transmitted encrypted (TLS) to our Supabase Edge Functions, which then call OpenAI's API
Under OpenAI's API terms, data sent via the API is not used to train their models
We do not send your name or email address to AI providers — only health metrics and conversation content

5. How We Store and Protect Your Data

Your data is stored on Supabase infrastructure (hosted on Amazon Web Services in the United States). Security measures include:

Encryption in transit — all data transmitted over TLS 1.2+
Encryption at rest — database and file storage encrypted using AES-256
Access controls — row-level security policies ensure you can only access your own data
Authentication — JWT-based token authentication with automatic expiration and refresh
Session security — automatic logout after 30 minutes of inactivity

No system is 100% secure. While we implement industry-standard protections, we cannot guarantee absolute security. We will notify you of any breach affecting your data in accordance with applicable law.

6. Data Sharing

We do not sell your personal data. We do not share your data for advertising purposes. We share data only with:

Supabase — infrastructure and database provider (data processor)
OpenAI — AI processing for chat and meal analysis (data processor, API-only, no model training)
Law enforcement — only when required by valid legal process

If we ever add analytics or other third-party services, we will update this policy and notify you.

7. Apple HealthKit Data

Healix receives health data from Apple HealthKit through our companion app, HealthBite. In compliance with Apple's requirements:

HealthKit data is not sold to any third party
HealthKit data is not used for advertising or marketing
HealthKit data is not shared with third parties except as necessary to provide the core health intelligence service (AI analysis)
You control which HealthKit data categories are shared through your device's Health app permissions

8. Data Retention and Deletion

We retain your data for as long as your account is active. You may:

Delete individual data — remove specific meals, documents, or fitness tests from within the app
Delete your account — contact us at support@usehealix.com and we will delete your account and all associated data within 30 days
Export your data — contact us to request a copy of your data in a portable format

After account deletion, we may retain anonymized, aggregated data that cannot be linked back to you for service improvement purposes.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access — request a copy of the data we hold about you
Correction — update or correct inaccurate data
Deletion — request deletion of your data and account
Portability — receive your data in a structured, machine-readable format
Withdraw consent — stop data processing by deleting your account

To exercise any of these rights, contact support@usehealix.com. We will respond within 30 days.

10. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:

Right to know what personal information we collect, use, and disclose
Right to delete your personal information
Right to correct inaccurate personal information
Right to opt out of the sale or sharing of personal information — we do not sell or share your data
Right to limit the use of sensitive personal information — health data is used only to provide the service
Right to non-discrimination for exercising your privacy rights

11. Washington Residents (My Health My Data Act)

If you are a Washington state resident, you have rights under the My Health My Data Act regarding your consumer health data:

We collect consumer health data only with your consent, provided when you create an account and use our services
You have the right to access and delete your consumer health data
You have the right to withdraw consent for the collection of your health data by deleting your account
We do not sell consumer health data
We do not use geofencing around healthcare facilities

12. Children's Privacy

Healix is intended for users aged 18 and older. We do not knowingly collect data from anyone under 18. If we learn that we have collected data from a minor, we will promptly delete it. If you believe a minor has provided us with personal data, please contact us.

13. HIPAA Notice

Healix is a direct-to-consumer wellness application. We are not a "covered entity" or "business associate" under HIPAA. The health data you store in Healix is not an electronic health record or electronic medical record. For medical recordkeeping, please use your healthcare provider's systems.

14. Cookies

Healix uses localStorage (not cookies) to maintain your session and preferences. We do not use third-party tracking cookies or advertising pixels. If we introduce analytics in the future, we will update this policy.

15. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we will provide notice via email or an in-app notification.

16. Contact

For questions, concerns, or to exercise your privacy rights:

MioMarker
Email: support@usehealix.com
Website: usehealix.com