Privacy Policy

Effective Date: Apr 3, 2026

This privacy policy applies to the Live150 app (the "Application") and the Live150 WhatsApp-based service (together, the "Services"), created by HEALTHHUSTLER.AI CORPORATION ("Service Provider"), offered as a freemium personalized health and wellness service. The Services are intended for use "AS IS" and are not intended to replace professional medical advice, diagnosis, or treatment.

If we provide services on behalf of a healthcare provider or health plan (a "Covered Entity"), we may be acting as a Business Associate under the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and its implementing regulations.

Information Collection and Use

We collect information to support your health and wellness journey, including:

• Clinical Data Ingestion: We use advanced multimodal AI to extract data from lab report images captured via camera (in JPEG/PNG/HEIC/HEIF etc. formats) or uploaded as PDF documents. This process involves the temporary transmission of these files to secure cloud environments for real-time analysis.
• Continuous Glucose Monitor (CGM) Data: With your explicit consent, we sync blood glucose data from Apple HealthKit or Google Health Connect.
• Medication Records: We collect information regarding medication names, dosages, and schedules that you provide manually or sync from integrated health apps.
• Device and Usage Data: IP address, OS version, Pages viewed, features used, timestamps of visits, session durations, and performance metrics.

This information helps us enhance your personalized experience across nutrition, activity, mindfulness, and sleep.

Protected Health Information (PHI)

When Live150 receives, maintains, or transmits information on behalf of a Covered Entity in connection with healthcare services, that information may qualify as Protected Health Information (PHI) under HIPAA. PHI includes any identifiable health data such as symptoms, diagnoses, treatment records, and demographic data linked to an individual.

When acting as a Business Associate, we comply with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.

HIPAA Compliance

When operating as a Business Associate, Live150 will:

• Only use or disclose PHI as permitted by its Business Associate Agreement (BAA) with the Covered Entity
• Implement administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of PHI
• Promptly report any breach of unsecured PHI to the Covered Entity as required by law
• Ensure that any subcontractors with access to PHI also agree to comply with HIPAA
• Provide access, amendment, and accounting of disclosures to PHI as required under the Privacy Rule

Sensitive User Data Access

To provide personalized services, we may access sensitive data, including:

• Personal health information and Lab Reports (no EMR/EHR data)
• Dietary preferences and logs
• Physical activity and movement data
• Sleep patterns and routines
• Mindfulness practices and stress indicators

You authorize Live150 to collect, analyze, and generate health and wellness insights from manual entries (e.g., voice, text, images), wearable data, integrated health apps, and any medical information you provide or connect.

Use and Sharing of PHI and Sensitive Data

We use health data solely to deliver personalized recommendations, track progress, and enhance the Services. PHI and sensitive data are only shared:

• With third parties that support service delivery (e.g., analytics) under HIPAA-compliant agreements
• As required by law or valid legal process

AI-Powered Extraction: We utilize advanced multimodal AI models to process and extract clinical data from lab report images captured via camera (JPEG/PNG/HEIC/HEIF etc. formats) or uploaded as PDF documents. This process involves transmitting these files to secure cloud environments for real-time analysis. These images are used solely for data extraction and are not stored and are deleted unless explicit user consent is provided.

Data Verification: Because AI extraction can occasionally result in errors, the Services include a "User Verification" step. You must confirm the accuracy of all AI-extracted values before they are added to your wellness and longevity profile.

We do not use PHI or sensitive data for advertising or unrelated purposes without your explicit consent.

Medication Reminders and Critical Alerts

Functionality: To provide reliable medication reminders, the Application may request relevant permissions on (Android) or (iOS).

Privacy: Medication schedules are encrypted at rest and are used solely for the purpose of triggering notifications and tracking adherence. This data is never shared with third-party advertisers.

Regulated Medical Device Status

As of March 2026, Live150 declares its status as a non-regulated wellness tool. The Application provides information for tracking, trending, and reference purposes only. It is not intended for the diagnosis, prevention, or treatment of any disease. Users must not adjust medications or clinical protocols based on the Services without consulting a licensed physician.

Google Play Data Safety

Our disclosures in the Play Store accurately reflect the practices outlined in this policy, including our treatment of sensitive data and user controls.

Purpose of Data Usage

Your data is used exclusively to deliver or enhance Live150's personalized health and wellness features. It is never used for unrelated purposes without your clear and informed consent.

User Consent and Control

We require your explicit and informed consent before collecting or using your personal or sensitive data. You may revoke or manage your consent at any time through the Application's privacy settings.

Your Rights (GDPR/CCPA/State Laws)

You have the right to access, delete, or port your data. Specifically, you may revoke access to CGM or HealthKit/Health Connect data at any time via your device settings.

Legal Basis for Data Processing (GDPR Compliance)

For users in the European Economic Area (EEA), we process your personal data under the following legal bases:

• Consent
• Contractual necessity
• Legal obligations
• Legitimate interests, where appropriate

Sensitive health data is processed only with your explicit consent, in accordance with Article 9 of the GDPR.

Your Data Protection Rights under GDPR

If you are located in the EEA, you have the right to:

• Access, correct, or delete your data
• Withdraw consent at any time
• Request data portability
• Object to processing or request restriction
• File a complaint with a supervisory authority

To exercise these rights, please contact ContactUS@live150.ai.

Data Transfers Outside the EU

If you are in the EEA, your data may be transferred to and processed in countries outside the EEA, including the United States. We ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place.

Data Protection and Security

We implement administrative, technical, and physical safeguards to protect your personal data and PHI, including encryption, access controls, and secure storage. This includes protections for Health Connect user data and compliance with HIPAA Security Rule requirements.

Breach Notification

If we discover a breach of unsecured PHI, we will promptly notify affected Covered Entities in accordance with HIPAA's Breach Notification Rule. If required, we will also notify impacted individuals and regulators.

Third-Party Access

Only aggregated, anonymized data is shared with service providers or research partners for analytics and product improvement. When PHI is involved, all third party vendors are bound by HIPAA-compliant agreements.

Opt-In/Opt-Out Rights

By downloading the Application or accepting these Terms, you expressly consent to receive occasional communications from the Service Provider via push notifications, in-app messages, email, or SMS. These may include wellness tips, motivational nudges, behavior reminders, updates about features, and personalized content aligned with your health goals.

You can stop all data collection and messaging (including wellness notifications) by uninstalling the Application and unsubscribing from the WhatsApp service. This opts you out of further tracking and data processing.

Data Retention

We retain your data as long as your account is active and for a reasonable period thereafter. If required by a Covered Entity or by law, we may retain PHI in accordance with record retention obligations.

To request deletion of your personal data, contact ContactUS@live150.ai.

Children’s Privacy

Live150 is not intended for children under 13. We do not knowingly collect data from minors. If you believe a child has submitted personal information, contact us at ContactUS@live150.ai so we can promptly delete the information.

Account Deletion and Data Removal

You may permanently delete your account and associated data via the Application or by contacting ContactUS@live150.ai.

Updates to this Policy

We may update this policy periodically. All updates will be reflected here, and continued use of the Services indicates your acceptance.

Your Consent

By using Live150, you consent to the collection and use of your information as described in this Privacy Policy, including applicable HIPAA and GDPR protections.

Contact Us

For privacy-related questions or HIPAA compliance matters, contact us at: ContactUS@live150.ai