PRIVACY POLICY
Ascent Health Technologies, Inc.

Version 1.0
Last Updated: January 26, 2026
Effective Date: January 26, 2026


PRIVACY AT A GLANCE

We do not sell your personal data. We do not share your data for cross-context behavioral advertising. Your health data is used to provide our Services and, in aggregate de-identified form, for research, product improvement, and analytics. You can access, export, or delete your data at any time. We use AI to personalize your experience, and this policy explains how.


1. Introduction

Ascent Health Technologies, Inc. ("Ascent Health," "Company," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our websites, mobile applications, and related services (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Services.

This Privacy Policy applies to information we collect through our Services, including the Ascent Health mobile application, our website at www.joinascent.health, and any other platforms or services we operate that link to this Privacy Policy.

1.1 Contact Information

Ascent Health Technologies, Inc.
14205 N Mo Pac Expy Ste 570 PMB 226968
Austin, Texas 78728-6529
Email: privacy@joinascent.health


2. Information We Collect

We collect information in several ways: directly from you, automatically when you use our Services, and from third-party sources.

2.1 Information You Provide Directly

Account Information

When you create an account, we collect information such as your name, email address, and password. If you sign up using Apple or Google, we receive your name and email from those services.

Profile Information

You may provide additional profile information such as date of birth, sex, height, weight, activity level, fitness goals, and dietary preferences to personalize your experience.

Health and Fitness Data

To provide our Services, we collect health and fitness information that you provide, including:

- Body measurements (height, weight, body fat percentage, circumference measurements)
- Nutrition data (food logs, meals, recipes, calorie and macronutrient intake)
- Exercise and workout data (exercises performed, sets, reps, weights, duration)
- Health goals (weight loss, muscle gain, maintenance)
- Photos of food for AI-powered food recognition
- Progress photos (if you choose to upload them)

AI Coaching Interactions

When you use our AI coaching features, we collect your messages, questions, and interactions to provide personalized coaching and improve our AI systems.

Communications

When you contact us for support or provide feedback, we collect the content of those communications.

Payment Information

Payment processing is handled by Apple, Google, or our payment processor. We do not directly collect or store your credit card numbers. We receive limited transaction information such as subscription status and purchase history.

2.2 Information Collected Automatically

Device Information

We collect information about your device, including device type, operating system, unique device identifiers, and mobile network information.

Usage Information

We collect information about how you use our Services, including features used, actions taken, time and duration of activities, and other usage statistics.

Log Data

Our servers automatically record information when you access our Services, including IP address, browser type, referring/exit pages, and timestamps.

Location Information

We collect approximate location information based on your IP address. We do not collect precise GPS location unless you explicitly grant permission.

Cookies and Similar Technologies

We use cookies and similar tracking technologies on our website. See Section 9 for more details.

2.3 Information from Third Parties

Social Login

If you register or log in using Apple or Google, we receive information from that service in accordance with your privacy settings.

Health Platform Integrations

If you connect your account to Apple Health, Google Fit, Health Connect, or other health platforms, we receive health and fitness data from those services with your permission. This may include step counts, heart rate, sleep data, and workout information.

Wearable Devices

If you connect wearable devices or fitness trackers, we may receive activity data, heart rate, and other health metrics from those devices.


3. How We Use Your Information

3.1 Providing and Personalizing Our Services

- Create and manage your account
- Provide personalized nutrition recommendations and meal plans
- Generate customized workout programs
- Power AI coaching features and personalized wellness observations
- Track your progress toward health and fitness goals
- Enable food recognition from photos
- Facilitate sharing features with family members or partners

3.2 AI and Machine Learning

We use your information to power our AI features, including:

- Providing personalized AI coaching sessions
- Generating meal recommendations based on your preferences and goals
- Recognizing foods from photos you upload
- Creating adaptive workout programs
- Improving our AI models using aggregated and de-identified data

When you interact with AI features, your inputs may be processed by third-party AI service providers (such as Anthropic). These providers are subject to their own privacy policies and applicable data protection laws. We do not permit these providers to use your data for their own purposes.

AI Model Training: We may use aggregated and de-identified data from user interactions to improve our AI models and features. If you prefer that your data not be used for AI training purposes, you can opt out by contacting privacy@joinascent.health with "AI Training Opt-Out" in the subject line. Note that opting out will not affect your ability to use AI features, but it may limit our ability to improve those features for all users.

Automated Decision-Making: Our AI features generate personalized recommendations for nutrition, fitness, and wellness based on the data you provide. These recommendations are informational suggestions to assist you—they are not binding decisions that produce legal or similarly significant effects. You are always free to follow, modify, or disregard AI-generated recommendations. If you have concerns about specific AI-generated recommendations that you believe may be harmful or significantly inaccurate, you may request a review by contacting privacy@joinascent.health. We will respond to reasonable review requests within 30 days.

3.3 Communications

- Send service-related communications (account verification, security alerts, subscription updates)
- Respond to your inquiries and provide customer support
- Send promotional communications (with your consent)

3.4 Analytics and Improvement

- Understand how users interact with our Services
- Analyze trends and usage patterns
- Improve and develop new features
- Conduct research using aggregated, de-identified data

3.5 Safety, Security, and Legal

- Protect against fraud, abuse, and unauthorized access
- Enforce our Terms of Service
- Comply with legal obligations


4. How We Share Your Information

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.

We may share your information in the following limited circumstances:

4.1 Service Providers

We carefully select service providers who maintain appropriate privacy and security practices, including:

- Cloud hosting and infrastructure
- AI and machine learning services
- Analytics providers
- Customer support platforms
- Email service providers
- Payment processing

Our service providers are subject to their own privacy policies and applicable data protection laws. We do not permit service providers to use your personal information for their own purposes.

4.2 With Your Consent

We may share information when you direct us to, such as when you connect third-party services or use sharing features.

4.3 Legal Requirements

We may disclose your information if required by law, such as in response to a subpoena, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership.

4.5 Aggregated and De-Identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, analytics, or other purposes.


5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Services. When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain information for legal, regulatory, or legitimate business purposes.

Health and fitness data may be retained in aggregate, de-identified form for research, product improvement, and analytics after account deletion.


6. Your Rights and Choices

We provide the following rights to all users regardless of location:

6.1 Access and Portability

You can access your personal information and export your data through your account settings or by contacting us.

6.2 Correction

You can update or correct your information through your account settings or by contacting us.

6.3 Deletion

You can delete your account and associated data through the app settings or by contacting us.

IMPORTANT: Deleting your account does not automatically cancel any active subscription. Subscriptions are managed separately through your Apple App Store, Google Play Store, or direct billing account. To stop future charges, you must cancel your subscription before deleting your account. See our Terms of Service Section 5.4 for cancellation instructions.

6.4 Communication Preferences

You can opt out of promotional communications by clicking "unsubscribe" in any marketing email or adjusting your notification preferences.

6.5 Device Permissions

You can control permissions for camera access, location services, and health data through your device settings.

6.6 Non-Discrimination

We will not discriminate against you for exercising your privacy rights.

6.7 How to Exercise Your Rights

To exercise any of these rights, use the self-service features in your account settings or contact us at privacy@joinascent.health. We will respond within 30 days.


7. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

7.1 Your California Rights

- Right to Know: Request information about the categories and specific pieces of personal information we collect
- Right to Delete: Request deletion of your personal information
- Right to Correct: Request correction of inaccurate information
- Right to Opt Out: We do not sell or share personal information for cross-context behavioral advertising
- Right to Limit Sensitive Information: We use sensitive personal information only to provide the Services
- Right to Non-Discrimination: We will not discriminate against you for exercising your rights

7.2 Categories of Information Collected

In the past 12 months, we have collected the following categories of personal information:

Identifiers
- Examples: Name, email, account ID, device identifiers, IP address
- Purposes: Account creation, authentication, communications, analytics

Personal Information (Cal. Civ. Code § 1798.80)
- Examples: Name, physical characteristics (height, weight)
- Purposes: Personalization, health tracking features

Protected Classifications
- Examples: Age, sex/gender (if provided)
- Purposes: Personalization of nutrition and fitness recommendations

Commercial Information
- Examples: Subscription and transaction history
- Purposes: Billing, customer support, service delivery

Internet/Network Activity
- Examples: App usage, browsing history, interactions with Services
- Purposes: Analytics, service improvement, troubleshooting

Geolocation Data
- Examples: Approximate location based on IP address
- Purposes: Compliance, fraud prevention, localization

Sensory Data
- Examples: Food photos, progress photos (if uploaded)
- Purposes: AI food recognition, progress tracking

Sensitive Personal Information
- Examples: Health information (nutrition, fitness, body measurements)
- Purposes: Core service functionality, AI coaching, personalization

Inferences
- Examples: Preferences and characteristics derived from collected data
- Purposes: Personalization, recommendations, service improvement

We do not sell any of these categories of personal information. We share information with service providers only as necessary to provide the Services.


8. Additional State Privacy Rights

8.1 Virginia, Colorado, Connecticut, and Other States

Residents of states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, and others) have similar rights to access, delete, correct, and port their data. To exercise these rights, contact us at privacy@joinascent.health.

8.2 Washington Consumer Health Data

If you are a Washington resident, the Washington My Health My Data Act provides additional rights regarding consumer health data. We collect health data solely to provide the Services. We do not sell your health data. You have the right to access, delete, and withdraw consent for collection of your health data.

8.3 Nevada Residents

Nevada residents may opt out of the sale of personal information. We do not sell personal information as defined under Nevada law. If you are a Nevada resident and we deny your request to exercise your privacy rights, you may contact the Nevada Attorney General's Office at ag.nv.gov to file a complaint.


9. Cookies and Tracking Technologies

We use cookies and similar technologies on our website to provide, protect, and improve our Services.

Essential Cookies

Required for the Services to function, such as authentication and security.

Analytics Cookies

Help us understand how users interact with our Services to improve functionality.

Functional Cookies

Enable enhanced features and personalization, such as remembering your preferences.

Your Choices

You can control cookies through your browser settings. Disabling certain cookies may affect functionality.

Do Not Track and Global Privacy Control: Our Services do not currently respond to Do Not Track (DNT) browser signals. However, we honor Global Privacy Control (GPC) signals. If your browser or device sends a GPC signal, we will treat it as a valid opt-out request for the sale or sharing of personal information under applicable state laws, including the California Consumer Privacy Act.


10. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

- Encryption of data in transit and at rest
- Secure authentication mechanisms
- Access controls and monitoring
- Regular security assessments

However, no method of transmission over the Internet is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

10.1 Data Breach Notification

In the event of a breach of security affecting your personal information, we will notify you as required by applicable law, including the FTC Health Breach Notification Rule for health-related data.

Notification to You: We will notify affected individuals without unreasonable delay and within 60 calendar days of discovering the breach. Notification will be sent to the email address associated with your account. We may also post a notice on our website or in the app.

Our notification will include:

- Description of what occurred
- Types of information that may have been affected
- Steps we are taking in response
- What you can do to protect yourself
- How to contact us with questions

Additional Notifications: For breaches affecting 500 or more individuals, we will also notify the Federal Trade Commission. For breaches affecting 500 or more residents of a single state, we will notify prominent media outlets serving that state, as required by the FTC Health Breach Notification Rule.

Note on Unauthorized Disclosures: Under the FTC Health Breach Notification Rule, a "breach" includes not only cybersecurity incidents but also any unauthorized disclosure of health information. We maintain strict controls to prevent unauthorized disclosures to third parties.


11. Children's Privacy

Our Services are not intended for children under 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected information from a child under 18, we will delete it promptly. If you believe your child has provided us with personal information, please contact us at privacy@joinascent.health.


12. International Data Transfers

We are based in the United States. Your information will be collected, processed, and stored in the United States. If you are outside the United States, your information will be transferred to, stored, and processed in a country that may have different data protection laws.

By using our Services, you consent to the transfer of your information to the United States. For users in the European Economic Area, United Kingdom, or Switzerland, we implement appropriate safeguards such as Standard Contractual Clauses.

Geographic Availability: Our Services are intended for users in the United States and Canada only. If you are located in the European Economic Area, United Kingdom, Switzerland, or other jurisdictions outside the United States and Canada, please do not use our Services. We do not knowingly collect personal information from individuals in these regions. If we become aware that we have collected personal information from an individual located outside our service area, we may delete that information.


13. Third-Party Services

Our Services may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies.

If you connect third-party services (such as Apple Health or Google Fit), the data shared is subject to both this Privacy Policy and the third party's privacy policy.


14. Changes to This Privacy Policy

We may update this Privacy Policy at any time. We will update the "Last Updated" date at the top of this Policy when changes are made.

Your continued use of the Services after changes indicates acceptance of the updated Policy. We encourage you to review this Privacy Policy periodically.


15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Ascent Health Technologies, Inc.
Attn: Privacy Team
14205 N Mo Pac Expy Ste 570 PMB 226968
Austin, Texas 78728-6529

Email: privacy@joinascent.health

We will respond to your inquiry within 30 days (or sooner if required by applicable law).


* * *

END OF PRIVACY POLICY