top of page

Privacy Policy

Monster Health Effective Date: March 10, 2026 Last Updated: March 10, 2026

​

Overview

Monster Health ("we," "our," "us") is a health tracking application that helps users log symptoms, track health issues, manage appointments, and coordinate care with family members. Your privacy matters to us, and this policy explains how we collect, use, store, and protect your information.

This policy applies to all users of the Monster Health mobile application, regardless of location.

​

Information We Collect

Account Information: When you create an account, we collect your email address, name, date of birth, and profile details (such as a display name and avatar selection). If you sign in with Apple, we receive your Apple ID credentials and, if you choose to share them, your name and email address.

Health Data: We collect health-related information that you voluntarily provide, including health issue descriptions, symptom logs, health ratings, doctor questions, medication information, medical history, body metrics (height, weight, blood type), lifestyle information (exercise, diet, sleep, stress), and photos you upload related to your health.

Care Circle Data: If you use our Care Circle feature, we collect information about family members or other individuals you add to your care network, including names, dates of birth, relationships, and associated health data. Care Circle profiles for children are created and managed by their parent or guardian.

Appointment Data: We collect information about healthcare appointments you log, including provider names, specialties, locations, dates, and notes.

Insurance Information: If you choose to add insurance details, we collect your insurance provider name, plan information, and member ID.

Usage Data: We collect basic usage data such as app interactions and feature usage to improve the app experience. This may include device type, operating system version, and app version.

Information We Do Not Collect: We do not collect your precise location data, do not use cookies or similar tracking technologies, and do not collect data from other apps on your device.

​

How We Use Your Information

We use your information to:

  • Provide and maintain the app's health tracking features

  • Display your health logs, insights, and trends

  • Enable Care Circle sharing between authorized family members

  • Authenticate your identity and secure your account

  • Improve and develop new app features based on aggregated, anonymized usage patterns

  • Send notifications related to your health tracking (if enabled)

  • Communicate important updates about the app or this policy

​

We do not use your health data for advertising, profiling, or any purpose other than providing the health tracking services you've requested.

​

Data Storage and Security

Your data is stored securely using Supabase, a cloud-based database platform hosted on Amazon Web Services (AWS). We use industry-standard security measures to protect your information, including:

  • Encrypted connections (TLS/SSL) for all data in transit

  • Encrypted storage for data at rest

  • Secure authentication with password hashing

  • Row-level security policies that restrict data access to authorized users only

​

While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

​

Third-Party Services

We use the following third-party services to operate the app:

  • Supabase (database hosting and authentication) — stores your account and health data

  • DigitalOcean (server hosting) — hosts our backend application server that processes requests such as health log submissions and AI-powered features. DigitalOcean provides the compute infrastructure and does not independently access or store your data. See DigitalOcean's privacy policy for details.

  • Apple Sign-In (optional authentication) — processes sign-in credentials if you choose this method

  • OpenAI (AI-powered features) — powers our health insights and chat features. When you use AI-powered features, relevant health data you've provided (such as symptoms, health logs, or questions) may be sent to OpenAI's API for processing. OpenAI processes this data to generate responses and does not use it to train their models when accessed via their API. See OpenAI's API data usage policy for details.

  • Expo / React Native (app framework) — the technology platform the app is built on

  • Apple App Store / Google Play Store (distribution) — for app delivery and updates

​

These providers have their own privacy policies governing their handling of data. We do not share your health data with any third party except as described in the Data Sharing section below.

​

A note on AI-powered features: Our AI chat and insights features are designed to help you understand and organize your health information. They are not a substitute for professional medical advice, diagnosis, or treatment. Health data sent to OpenAI is transmitted securely and is not used to train AI models. You can use Monster Health's core tracking features without using any AI-powered features.

​

Data Sharing

We do not sell, rent, or trade your personal data or health information to third parties.

We may share data only in the following limited circumstances:

  • Care Circle members you have explicitly authorized, who can only see data for the specific profiles you've granted them access to

  • Service providers necessary to operate the app (listed in Third-Party Services above), who process data on our behalf and are contractually obligated to protect it. This includes OpenAI, which processes health data you submit through AI-powered features.

  • Legal requirements, if required by law, legal process, or governmental request

  • Safety, if we believe in good faith that disclosure is necessary to protect the safety of our users or the public

​

Children's Privacy

Monster Health allows parents and guardians to create Care Circle profiles to track health information for their children. These profiles are created and fully managed by the parent or guardian — children do not create their own accounts.

We do not knowingly collect personal information directly from children under 13. If you believe a child has independently provided us with personal information without parental consent, please contact us and we will promptly delete it.

​

Your Rights

Regardless of where you are located, you can:

  • Access and view all data you've provided through the app

  • Edit or update your personal and health information at any time

  • Delete your account and associated data (see Data Retention below)

  • Remove Care Circle members and revoke their access at any time

  • Export your data by contacting us at the email below

​

For California residents (CCPA): You have the right to know what personal information we collect and how it is used, the right to request deletion of your personal information, and the right to not be discriminated against for exercising your privacy rights. We do not sell personal information.

​

For European residents (GDPR): You have the right to access, rectify, erase, restrict processing of, and port your personal data. You also have the right to withdraw consent and to lodge a complaint with your local data protection authority. Our legal basis for processing your data is your consent (provided when you create an account and agree to this policy) and the performance of our service to you.

​

To exercise any of these rights, contact us at helpdesk@mymonsterhealth.com.

​

Data Retention and Deletion

When you delete your account, your data is retained for 60 days, during which you can cancel the deletion request at any time from within the app. After 60 days, your data is permanently removed from our systems.

​

When you archive a Care Circle member's profile, their data is retained but hidden. You can restore an archived profile at any time, or delete it permanently.

​

Health logs, appointment records, and other data you create are retained for as long as your account is active.

​

Data Breach Notification

In the event of a data breach that affects your personal or health information, we will notify affected users within 72 hours of becoming aware of the breach, provide details about what information was affected, and describe the steps we are taking in response. Notification will be sent via the email address associated with your account.

​

Changes to This Policy

We may update this privacy policy from time to time. When we make changes:

  • Material changes (such as new data sharing or changes to how health data is used) will require your explicit agreement before you can continue using the app

  • Minor changes (such as clarifications or formatting updates) will be noted with an updated "Last Updated" date

We encourage you to review this policy periodically.

​

Contact Us

If you have questions, concerns, or requests related to this privacy policy or your data, please contact us at:

Email: HelpDesk@mymonsterhealth.com

bottom of page