Consumer Health Data Privacy Policy

Last updated: October 2025

Introduction

MetaFit ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal and health information. This comprehensive Consumer Health Data Privacy Policy explains in detail how we collect, use, disclose, and safeguard your information when you visit our website, use our medical weight loss services, or interact with us in any way. By using MetaFit's services or accessing our website, you agree to the collection and use of information in accordance with this policy. We take your privacy seriously and are dedicated to maintaining the highest standards of data protection.

MetaFit provides innovative medical weight loss services, including prescription GLP-1 treatments, through a network of licensed healthcare providers and medical professionals. Our approach combines evidence-based medicine with personalized care to help you achieve sustainable weight loss results. We comply with all applicable privacy laws and regulations, including the Health Insurance Portability and Accountability Act (HIPAA) for protected health information, as well as other relevant data protection laws such as GDPR for users in the European Union.

This consumer health data privacy policy applies to all users of our website, mobile applications, and services, whether you are a patient seeking treatment, a healthcare provider, or simply browsing our educational content. We encourage you to read this policy carefully to understand our practices and your rights regarding your personal information.

Information We Collect

We collect information about you in various ways to provide our medical weight loss services effectively and personalize your experience. The types of information we collect include personal details, health-related data, and technical information from your interactions with our platform. We are committed to collecting only the information necessary to deliver high-quality healthcare services and comply with legal requirements.

Personal Information

We may collect personal information that you provide directly to us when you register for our services, complete health assessments, or communicate with our healthcare providers. This information helps us create your medical profile and provide personalized treatment plans. Examples include:

  • Name, email address, phone number, and mailing address
  • Date of birth, gender, and other demographic information
  • Medical history, health conditions, and treatment preferences
  • Insurance information for billing purposes
  • Payment information (processed securely through third-party providers)

This personal information forms the foundation of your patient record and enables us to communicate important health information, appointment reminders, and treatment updates.

Health Information

As a healthcare provider, we collect protected health information (PHI) to deliver comprehensive medical weight loss services. This sensitive information is handled with the utmost care and in strict compliance with HIPAA regulations. Our licensed healthcare providers use this information to make informed treatment decisions and monitor your progress. We collect:

  • Medical records, lab results, and prescription history
  • Weight, BMI, and other health metrics tracked over time
  • Information from consultations with our healthcare providers
  • Dietary preferences, exercise habits, and lifestyle information
  • Allergies, medications, and current health conditions

Your health information is crucial for providing safe and effective GLP-1 treatments and ensuring optimal weight loss outcomes.

Automatically Collected Information

When you visit our website or use our mobile applications, we may automatically collect certain technical information to improve our services and ensure a smooth user experience. This information is collected through standard web technologies and helps us understand how our platform is being used. We collect:

  • IP address, browser type, and device information
  • Pages visited, time spent on pages, and referral sources
  • Cookies and similar tracking technologies
  • Device identifiers and mobile app usage data
  • Geographic location data (with your permission)

This technical information allows us to optimize our website performance, enhance security measures, and provide a better user experience across different devices and platforms.

How We Use Your Information

We use the information we collect for the following purposes:

  • To provide medical services and GLP-1 treatments
  • To communicate with you about your care and appointments
  • To process payments and insurance claims
  • To improve our services and website functionality
  • To comply with legal obligations and regulatory requirements
  • To send you marketing communications (with your consent)
  • To conduct research and quality improvement activities

How We Share Your Information

We may share your information in the following circumstances:

  • With Healthcare Providers: To coordinate your care and provide treatment
  • With Service Providers: Such as pharmacies, labs, and payment processors
  • For Legal Reasons: To comply with laws, regulations, or legal processes
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly agree to sharing

We do not sell your personal information to third parties for marketing purposes.

Your Rights and Choices

As a patient using MetaFit's services, you have several important rights regarding your personal and health information. We are committed to empowering you with control over your data and ensuring transparency in how we handle your information. These rights are designed to give you access to your information and the ability to make choices about how it's used.

You have the following rights regarding your personal information:

  • Access: Request a copy of your personal and health information that we maintain about you
  • Correction: Request correction of inaccurate or incomplete information in your records
  • Deletion: Request deletion of your personal information, subject to legal and regulatory requirements
  • Portability: Request transfer of your data in a portable, machine-readable format
  • Opt-out: Opt-out of marketing communications and certain data processing activities
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests or for direct marketing

To exercise these rights, contact us using the information provided below. We will respond to your requests within the timeframes required by applicable law. Please note that some rights may be limited by legal or regulatory requirements, particularly for health information covered by HIPAA.

Data Security

The security of your personal and health information is our top priority at MetaFit. We employ comprehensive technical, administrative, and physical safeguards to protect your data against unauthorized access, alteration, disclosure, or destruction. Our security measures are designed to meet or exceed industry standards and regulatory requirements for healthcare data protection.

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes:

  • Encryption: All sensitive data is encrypted in transit and at rest using industry-standard encryption protocols
  • Access Controls: Strict role-based access controls ensure only authorized personnel can access your information
  • Regular Security Assessments: We conduct regular security audits, vulnerability scans, and penetration testing
  • Employee Training: All staff receive regular training on data privacy and security best practices
  • Incident Response: We have established incident response procedures to address any potential security breaches
  • Physical Security: Our data centers and facilities are secured with multiple layers of physical protection

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information using the best available technology and practices, we cannot guarantee absolute security. In the unlikely event of a security breach, we will notify affected individuals and regulatory authorities as required by law.

International Data Transfers

MetaFit operates globally, and as part of our international operations, your personal information may be transferred to and processed in countries other than your country of residence. These transfers are necessary to provide our services, maintain our global infrastructure, and ensure seamless healthcare delivery across borders.

We are committed to protecting your data during international transfers and comply with all applicable data protection laws, including GDPR for European users and other relevant regulations. We implement appropriate safeguards to ensure that your information receives an adequate level of protection regardless of where it is processed.

  • Adequacy Decisions: We transfer data to countries recognized by relevant authorities as providing adequate protection
  • Standard Contractual Clauses: We use approved contractual clauses to ensure data protection in transfers
  • Binding Corporate Rules: For intra-group transfers, we follow our binding corporate rules
  • Certification Schemes: We participate in recognized certification schemes that validate our data protection practices
  • Encryption and Security: All transfers are encrypted and secured using industry-standard protocols

If you are located in the European Economic Area (EEA) or other regions with strict data transfer requirements, you can request more information about the specific safeguards we use for your data transfers.

Children's Privacy

MetaFit's services are designed for adults seeking medical weight loss treatment and are not intended for use by individuals under 18 years of age. We do not knowingly collect, use, or disclose personal information from children under 18 without appropriate parental consent and involvement.

Our platform includes age verification measures during the registration process to ensure compliance with this policy. If we become aware that we have collected personal information from a child under 18 without proper consent, we will take immediate steps to delete such information from our systems.

  • Age Verification: We require users to confirm they are 18 or older during account creation
  • Parental Consent: For users under 18, we require verifiable parental or guardian consent
  • Content Restrictions: Our medical content and services are restricted to adult users only
  • Reporting Mechanism: We encourage parents to contact us if they suspect unauthorized use by minors
  • Data Deletion: Upon discovery of unauthorized collection, we immediately delete the information

We are committed to protecting children's privacy and complying with all applicable laws regarding children's online privacy, including COPPA in the United States and similar regulations in other jurisdictions.

Changes to This Consumer Health Data Privacy Policy

MetaFit reserves the right to update, modify, or revise this Consumer Health Data Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors. We understand that privacy policies should be transparent and accessible, so we are committed to keeping you informed about any material changes.

When we make changes to this Consumer Health Data Privacy Policy, we will update the "Last updated" date at the top of this page and provide a summary of the key changes. For significant changes that may affect your rights or how we process your data, we will provide additional notice through email, in-app notifications, or prominent notices on our website.

  • Regular Reviews: We review our Consumer Health Data Privacy Policy periodically to ensure it remains current and compliant
  • Material Changes: Significant updates will be communicated directly to affected users
  • Version History: Previous versions of the policy are archived for reference
  • User Notification: We use multiple channels to notify users of important changes
  • Grace Period: Users are given reasonable time to review changes before they take effect

Your continued use of MetaFit's services after any changes to this Consumer Health Data Privacy Policy constitutes acceptance of the updated policy. If you do not agree with the changes, you may discontinue use of our services and request deletion of your account and personal information.

Contact Us

We value your privacy and are committed to addressing your questions, concerns, and requests regarding our consumer health data privacy practices. Our dedicated privacy team is available to assist you with any privacy-related matters, including exercising your rights under this policy.

Please don't hesitate to contact us if you have questions about how we collect, use, or protect your personal information, or if you need assistance with any of your privacy rights. We strive to respond to all inquiries within 30 days and will work diligently to resolve any concerns you may have.

  • Email: care@joinmeta.fit - For general privacy inquiries and requests
  • Data Protection Officer: For GDPR and privacy compliance matters
  • Emergency Contact: For urgent privacy or security concerns

When contacting us, please provide sufficient details to help us assist you effectively. For security reasons, we may need to verify your identity before processing certain requests. We maintain records of all communications for quality assurance and compliance purposes.

If you are not satisfied with our response to your privacy inquiry, you have the right to escalate your concern to the relevant data protection authority in your jurisdiction.