PHOENIX LIFE SCIENCESPHOENIX LIFE SCIENCES
HomeTeamMeet the Team

Privacy policy

Last Updated: 2 Dec, 2025

This Privacy Policy (“Policy”) describes how Phoenix Life Sciences Inc. (“Company,” “we,” “us,” or “our”) collects, uses, stores, and protects personal information and medical data when individuals (“users,” “you,” or “your”) access or use our mobile application, website, and related services (collectively, the “Services”). This Policy is designed to comply with applicable U.S. privacy laws and the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), to the extent that we qualify as a Business Associate or Covered Entity under applicable integrations or contractual arrangements.

1. Purpose & Scope

1.1 Purpose of Data Collection

The Services allow users to log, track, and manage health-related information such as symptoms, conditions, vital measurements, treatment logs, and other self-reported medical data. We process this information solely to support the functionality of the Services, to improve performance and user experience, and to maintain security and system integrity.

1.2 Scope

This Policy applies to data collected from users located within the United States. The Services are intended for general information and personal health-management purposes only, and are not intended to replace professional medical evaluation or treatment.

2. Types of Data Collected

2.1 Medical and Health Data

We may collect self-reported symptoms, measurements, health observations, treatment or medication logs, uploaded files or documents, and personal notes related to health.

2.2 Personal Identifying Information

We may collect your name, email address, account credentials, and information confirming that you are at least 18 years of age.

2.3 Device and Usage Data

We may collect device identifiers, IP addresses, browser and operating system information, interaction data, usage analytics, and information gathered through cookies or similar technologies where permitted.

We do not collect information from wearable devices, external medical devices, or third-party health platforms.

3. Legal Basis for Processing

3.1 Consent

By creating an account and using the Services, you provide explicit consent for the collection and use of your personal and medical information in accordance with this Policy.

3.2 Contractual Necessity

Some information is required to maintain your account and enable core features of the Services.

3.3 HIPAA Compliance

When our Services integrate with HIPAA Covered Entities or their vendors, we act as a Business Associate and execute Business Associate Agreements (“BAAs”). In such cases, we handle Protected Health Information (“PHI”) in compliance with applicable HIPAA requirements.

3.4 Consent Withdrawal

You may withdraw consent at any time by deleting your account or contacting us at info@phoenixlifesciences.com. Withdrawal does not affect processing performed prior to the withdrawal.

4. Data Storage & Security

4.1 Security Measures

We maintain administrative, technical, and physical safeguards appropriate for medical information. These include encryption of data both in transit and at rest, secure United States–based cloud hosting, access controls, authentication measures, and regular security reviews.

4.2 Data Retention

We retain information as long as necessary to provide the Services or as required by applicable law or BAA provisions. When your account is deleted, we will securely delete or de-identify your data wherever feasible.

5. Data Sharing

5.1 Service Providers

We may share data with United States-based third-party providers who assist with cloud hosting, data storage, analytics, technical support, or customer service. When such services involve medical or health information, they are subject to BAAs.

5.2 No Sale of Data

We do not sell personal information, medical information, or any Protected Health Information.

5.3 Legal or Safety Requirements

We may disclose information when required by law, court order, or valid governmental request, or when necessary to protect the rights, safety, or property of users or the public, including in emergency situations where serious harm may be prevented.

6. User Rights

Users may request access to their data, correction of inaccurate information, deletion of their data (subject to legal requirements), and copies of their own data. Users may also request restrictions on certain forms of processing to the extent permitted under HIPAA. All such requests may be submitted to info@phoenixlifesciences.com.

7. Compliance Statements

7.1 HIPAA Status

Depending on specific integrations with healthcare providers, we may act as a Business Associate handling PHI under a BAA or as a general service provider processing only non-PHI personal information. All PHI is handled in accordance with HIPAA Privacy and Security Rule requirements when applicable.

8. Children’s Data

The Services are intended only for users who are 18 years of age or older. We do not knowingly collect or maintain information from individuals under the age of 18 and we do not permit parental or guardian consent as a substitute. If we discover that a minor’s information has been collected, we will delete it promptly.

9. Data Location

All data is stored and processed within the United States. We do not transfer personal or medical data outside the United States

10. Contact & Complaints

For questions, requests, or complaints regarding this Policy or our data practices, please contact:

Phoenix Life Sciences Inc.
San Diego, California
Email: info@phoenixlifesciences.com

Users may also file complaints with the U.S. Department of Health and Human Services Office for Civil Rights for matters relating to HIPAA compliance.

11. Disclaimer

This Policy is for informational purposes only and does not constitute legal advice. The Services are not designed to diagnose, treat, or replace professional medical care. Users should always consult a qualified healthcare provider for medical concerns.