Biometric Data Policy

Effective Date: [EFFECTIVE_DATE]

Last Updated: [LAST_UPDATED]

[ENTITY_NAME], LLC ("Vital IQ," "we," "us," or "our")

1. Purpose

This Biometric Data Policy describes how [ENTITY_NAME], LLC collects, uses, stores, and destroys biometric data in connection with the Vital IQ mobile application and related services (collectively, the "Service"). This policy is provided in compliance with the Illinois Biometric Information Privacy Act (740 ILCS 14), commonly known as BIPA, and is applied universally to all Vital IQ users regardless of geographic location.

We believe all users deserve the same strong protections for their biometric data, and we therefore apply the standards set forth in this policy to every user of the Service, not only those residing in jurisdictions with biometric-specific privacy laws.

This Biometric Data Policy supplements our Privacy Policy and Consumer Health Data Privacy Policy. In the event of a conflict between this policy and those documents regarding biometric data, this policy controls.

2. Biometric Data We Collect

Vital IQ collects biometric data from wearable devices (such as Apple Watch via HealthKit and compatible devices via Google Health Connect) and, where applicable, from manual user entry. We classify the biometric data types we collect into two risk tiers based on their sensitivity and identifiability.

[ATTORNEY NOTE: Counsel should review whether each data type listed below qualifies as "biometric information" or "biometric identifier" under BIPA and other applicable biometric privacy statutes. Classification may vary by jurisdiction.]

2.1 HIGH Risk Biometric Data

These data types are physiologically unique, continuously collected, and capable of identifying or authenticating an individual based on biological characteristics:

Heart Rate Variability (HRV) — beat-to-beat interval variation, used for recovery and stress analysis
Blood Oxygen Saturation (SpO2) — peripheral oxygen levels measured via photoplethysmography
Sleep Staging Data — classification of sleep into REM, deep, core, and awake phases
Resting Heart Rate — baseline cardiac rhythm measured at rest
Active Heart Rate — cardiac rhythm measured during physical activity
Walking Heart Rate Average — heart rate patterns correlated with ambulatory movement
Atrial Fibrillation (AFib) Burden — percentage of time spent in irregular atrial rhythm
Irregular Heart Rhythm Patterns — detected deviations from normal sinus rhythm
High/Low Heart Rate Events — discrete events where heart rate exceeds or falls below configured thresholds
Peripheral Perfusion Index — measurement of pulsatile blood flow at the sensor site

2.2 MODERATE Risk Biometric Data

These data types are health-related measurements that, while not uniquely identifying on their own, constitute biometric information when combined with other data or collected over time:

Blood Pressure — systolic and diastolic arterial pressure readings
Respiratory Rate — breaths per minute measured during rest or sleep
Body Temperature — core or peripheral temperature readings
Body Fat Percentage — proportion of body mass composed of fat tissue
Blood Glucose — blood sugar concentration levels
Sleep Duration — total time spent asleep per session
Insulin Delivery — units and timing of insulin administered via connected devices

3. Purpose of Collection

We collect and process biometric data solely to provide and improve the health-related features of the Service. Specifically, we use biometric data for the following purposes:

Recovery Score Calculation: HRV, resting heart rate, sleep staging, and SpO2 data are combined to generate your daily recovery score, which reflects your body's readiness for physical and cognitive demands.
Biological Age Estimation: Biometric data points contribute to our biological age model, which compares your physiological markers against population baselines to estimate your functional age relative to your chronological age.
AI Companion Insights: Your biometric data provides context to Vital IQ's AI companion, enabling personalized health observations, trend identification, and contextually relevant suggestions. The AI companion does not diagnose or treat medical conditions.
Health Trend Analysis: Longitudinal biometric data is analyzed to identify meaningful patterns, changes, and trends in your health markers over time, presented to you through charts, summaries, and alerts.
Daily Briefing Generation: Your most recent biometric data is synthesized into a daily health briefing that highlights notable changes, recovery status, and areas of attention.
Remote Patient Monitoring (RPM): For users enrolled in RPM programs through participating healthcare providers, biometric data may be shared with your designated provider in accordance with your explicit authorization and applicable HIPAA requirements.

We do not use biometric data for advertising, marketing, or any purpose unrelated to the delivery and improvement of the Service.

4. Retention Schedule

We retain biometric data in accordance with the following schedule:

Active Account: Biometric data is retained for the duration of your active account to provide continuous health tracking, trend analysis, and historical comparisons. You may view and manage your data at any time through the app.
Account Deletion: Upon account deletion, all biometric data is permanently destroyed within 30 calendar days. This includes data stored in primary databases, backups, and any derived datasets.
Consent Withdrawal: If you withdraw your consent for biometric data collection, we will cease collecting new biometric data immediately and destroy all previously collected biometric data within 30 calendar days of your withdrawal request.
Maximum Retention Period: Regardless of account status, biometric data is not retained for longer than 3 years from the date of collection. Data exceeding this retention period is automatically flagged for destruction.

Aggregated, de-identified statistical data that cannot be used to identify any individual may be retained beyond these periods for product improvement and research purposes.

5. Destruction of Biometric Data

We permanently destroy biometric data when any of the following conditions are met:

Account Deletion: When you delete your Vital IQ account, all associated biometric data is queued for permanent destruction.
Written Request: Upon receipt of a written request (including email to [PRIVACY_EMAIL]) to destroy your biometric data, we will process the destruction within 30 calendar days.
Retention Expiry: When biometric data reaches the end of its applicable retention period as described in Section 4, it is automatically destroyed.
Purpose Fulfillment: When the initial purpose for collecting the biometric data has been satisfied, and the data is no longer needed for any authorized purpose described in this policy.

Destruction is carried out using industry-standard methods appropriate to the storage medium, including cryptographic erasure for encrypted data stores and secure deletion for unencrypted records. We verify destruction through automated confirmation processes.

We do not sell, lease, trade, or otherwise profit from your biometric data. We do not disclose your biometric data to third parties except in the following limited circumstances:

6.1 AI Processing Partners

Biometric data may be transmitted to our AI processing partners — currently Anthropic (Claude) and Google (Vertex AI) — solely for the purpose of generating health insights, companion responses, and analytical summaries within the Service. These processors:

Process data only according to our instructions and for the purposes described in this policy
Are contractually prohibited from retaining, using, or disclosing your biometric data for their own purposes
Are bound by data processing agreements that require security standards consistent with the protections described in this policy

6.2 Legal Process

We may disclose biometric data when required by a valid court order, subpoena, or other legal process, or when necessary to comply with applicable law. We will notify you of any such disclosure to the extent permitted by law.

We may disclose biometric data to third parties if you have provided separate, informed, written consent (which may be provided electronically) specifically authorizing the disclosure. This includes sharing with healthcare providers through RPM enrollment or data export features you initiate.

7. Your Rights

You have the following rights with respect to your biometric data:

Right to Access: You may request a copy of the biometric data we have collected about you. We will provide the data in a commonly used, machine-readable format within 30 days of a verified request.
Right to Deletion: You may request the permanent destruction of all biometric data we hold about you. We will complete destruction within 30 calendar days and provide written confirmation upon completion.
Right to Withdraw Consent: You may withdraw your consent for biometric data collection at any time. Withdrawal of consent will not affect the lawfulness of processing conducted prior to withdrawal. After withdrawal, we will cease collecting new biometric data and destroy existing biometric data per the schedule in Section 4.
Private Right of Action: If you believe we have violated this policy or applicable biometric data privacy laws, you may have a private right of action under applicable law, including but not limited to BIPA (740 ILCS 14/20), which provides for statutory damages and reasonable attorney's fees.

To exercise any of these rights, you may:

Use the self-service features in the app (Settings > Privacy)
Email us at [PRIVACY_EMAIL]

We will verify your identity before processing any rights request. We do not charge a fee for processing biometric data rights requests.

8. Questions

If you have questions about this Biometric Data Policy, our biometric data practices, or wish to exercise your rights, please contact us:

[ENTITY_NAME], LLC
Attn: Privacy Officer
[ADDRESS_LINE_1]
[CITY], Florida [ZIP]

Email: [PRIVACY_EMAIL]

We will acknowledge receipt of your inquiry within 5 business days and provide a substantive response within 30 days.

This Biometric Data Policy is part of Vital IQ's legal documentation, which also includes our Privacy Policy, Terms of Service, Medical Disclaimer, Consumer Health Data Privacy Policy, HIPAA Notice of Privacy Practices, and Cookie Policy.