Go back

Resources

Jan 19, 2026

Security & Consumer Health Data

Your data privacy and security are fundamental to everything we build.

blue shade orb
blue shade orb
blue shade orb

Our Commitment to Protecting Your Health Data

At Yuth, we understand that longevity intelligence requires access to deeply personal health information. Trust is not something we take lightly—it is the foundation upon which our entire platform will be built.

While we are still in development and do not yet offer our Services, we are designing security and privacy protections into every aspect of our system from the ground up. Protecting your health data is not an afterthought—it is a core pillar of our business.

Consumer Health Data Privacy Notice

Effective Date: January 20, 2025

This Consumer Health Data Privacy Notice ("Notice") describes how Yuth Inc. ("Yuth," "we," "our," or "us") will collect, use, and protect consumer health data once our Services become available. This Notice supplements our Privacy Policy and applies to the extent required by applicable US state laws, including Washington's My Health My Data Act and similar consumer health data privacy laws. In the event of a conflict between our Privacy Policy and this Notice, this Notice controls.

Categories of Consumer Health Data We Will Collect

Once our Services launch, we anticipate collecting consumer health data that identifies or infers your past, present, or future physical or mental health status, including:

Physiological measurements and vital signs, including heart rate, heart rate variability, respiratory rate, temperature, movement data, sleep patterns, and other biometric data collected through integrated devices or third-party services.

Health conditions and contexts, including information you provide about your health history, wellness goals, environmental factors, stress levels, and other contextual information relevant to understanding your health trajectory.

Activities and lifestyle factors, including exercise routines, dietary habits, recovery practices, travel patterns, and other behavioral information you choose to share.

Derived and inferred health information, including patterns, trends, and interpretive guidance we generate from your data—such as aging trajectories, physiological response patterns, directional shifts, and context-aware recommendations.

Third-party health data, including information from integrated apps, devices, or services (such as Apple Health, wearable devices, or laboratory results) when you grant permission.

Sources of Consumer Health Data

We will collect consumer health data from:

You: When you create an account, use our Services, provide information through our app, or upload health documentation.

Integrated devices and services: When you grant permission to connect third-party apps, wearables, or health platforms.

Third-party providers: When you direct laboratories, clinical partners, or other health service providers to share results with us.

Our Purposes for Collecting and Using Consumer Health Data

We will collect and use your consumer health data solely to:

  • Provide longevity intelligence and help you understand how you age over time

  • Interpret physiological responses in relation to actions and context

  • Surface patterns, directional shifts, and trade-offs

  • Offer context-aware recommendations and guidance

  • Improve and develop our Services through de-identified or aggregated analysis

  • Provide customer support

  • Comply with legal obligations

We will never sell your consumer health data. We will not use your health data for advertising or marketing purposes.

Data Sharing

We will only share your consumer health data with:

Service providers: Trusted third parties who help us provide the Services (such as secure cloud infrastructure providers, data processors). All service providers are contractually required to protect your data and use it only for authorized purposes.

Third parties you authorize: When you explicitly direct us to share data with laboratories, clinicians, researchers, or other services you choose to integrate.

Legal requirements: When required by law or necessary to protect rights, safety, or comply with legal process.

Business transfers: In the event of a merger, acquisition, or sale of assets. We will notify you before your data becomes subject to different privacy practices.

We will not share your consumer health data for any other purpose without your explicit consent.

Data Security

We are building our platform with security at its foundation:

  • Encryption: Data encrypted in transit (TLS 1.3+) and at rest (AES-256)

  • Secure infrastructure: Industry-standard cloud security with continuous monitoring

  • Access controls: Strict authentication and authorization requirements; data access limited to personnel with legitimate need

  • Regular testing: Vulnerability assessments, penetration testing, and security audits

  • Incident response: Protocols to detect, respond to, and notify you of any security incidents

While no system is completely secure, we are committed to implementing and maintaining industry-leading protections for your health data.

Retention

We will retain your consumer health data only as long as necessary to provide our Services or as required by law. When you delete your account, we will delete your consumer health data unless we have a legal obligation to retain specific information.

Your Rights

Depending on your state of residence, you may have rights regarding your consumer health data, including:

Withdraw consent: Withdraw consent for future collection, use, or sharing of your consumer health data.

Access and confirm: Request confirmation of whether we have collected, shared, or sold your consumer health data, and access the data we hold about you.

Correction: Request correction of inaccuracies in your consumer health data.

Deletion: Request deletion of your consumer health data.

Appeal: Appeal our denial of any rights request, with the ability to escalate to regulatory authorities.

To exercise these rights, contact us at privacy@yuth.life.

We will not discriminate against you for exercising your privacy rights.

HIPAA Disclaimer

Yuth is not a "covered entity" or "business associate" under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). This means:

  • Yuth is not subject to HIPAA's privacy or security rules

  • Yuth protects your consumer health data under applicable state and federal privacy laws, our Privacy Policy, and this Notice

Security Practices We Are Building

Audits and certifications (planned once Services launch):

  • SOC 2, Type II compliance

  • Regular third-party security audits

  • Ongoing penetration testing and vulnerability assessments

Infrastructure security:

  • Secure cloud architecture with defense in depth

  • Continuous monitoring and threat detection

  • Regular security updates and patches

  • Incident response procedures

Data protection:

  • Encryption in transit and at rest

  • Strict access controls and authentication

  • Data minimization principles

  • Privacy-enhancing technologies where feasible

Responsible Disclosure

We welcome security researchers to report vulnerabilities responsibly. If you discover a security issue, please contact us at security@yuth.life.

Questions?

For questions about this Notice, our security practices, or consumer health data privacy:

Yuth Inc.
Email: privacy@yuth.life
Website: yuth.life

For full details on our data-handling practices, please see our Privacy Policy.

© 2025 Yuth Inc. All rights reserved.

Yuth

At Yuth, our mission is to redefine how aging is approached.

© Yuth. All rights reserved.

Yuth

At Yuth, our mission is to redefine how aging is approached.

© Yuth. All rights reserved.