Back to Home

Privacy Policy

Last Updated: December 25, 2024

VUGA Media Group LLC ("Company," "we," "us," or "our") operates WellnessPrizm, an AI-powered wellness marketplace platform (the "Platform"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

Please read this Privacy Policy carefully. By accessing or using WellnessPrizm, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Platform.

1. Information We Collect

1.1 Personal Information You Provide

We collect information you voluntarily provide when you:

  • Register for an account (name, email address, phone number, password)
  • Complete your profile (professional credentials, certifications, biography, photos)
  • Book appointments or purchase services
  • Make payments (billing address, payment card details processed by our payment processors)
  • Communicate with practitioners or customer support
  • Complete wellness assessments or intake forms
  • Participate in surveys, promotions, or contests
  • Subscribe to our newsletter or waitlist

1.2 Health and Wellness Information

As a wellness platform, we may collect sensitive health-related information, including:

  • Health history and medical conditions (as disclosed in intake forms)
  • Wellness goals and preferences
  • Fitness, nutrition, and lifestyle data
  • Biometric data from connected wearable devices (heart rate, sleep patterns, activity levels, HRV)
  • Progress measurements and session notes (shared by practitioners with your consent)
  • Mental wellness indicators and mood tracking data

1.3 Information from Third-Party Services

With your authorization, we may receive information from:

  • Wearable Devices: Fitbit, Oura Ring, Apple Health, Google Fit, Garmin, WHOOP
  • Calendar Services: Google Calendar, Microsoft Outlook, Apple Calendar
  • Social Login: Google, Facebook, Apple (if you choose to sign in using these services)
  • Payment Processors: Stripe, PayPal, Square (transaction information)

1.4 Automatically Collected Information

When you access the Platform, we automatically collect:

  • Device information (device type, operating system, unique device identifiers)
  • Browser type and version
  • IP address and approximate location
  • Pages visited, time spent, and navigation patterns
  • Referring website or source
  • Cookies and similar tracking technologies (see our Cookie Policy)

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Platform Operations

  • Create and manage your account
  • Facilitate bookings between consumers and practitioners
  • Process payments and issue invoices
  • Provide customer support
  • Enable communication between users

2.2 AI-Powered Personalization

  • Generate personalized wellness recommendations
  • Match consumers with suitable practitioners
  • Create custom wellness plans based on your data
  • Provide predictive health insights
  • Power our AI wellness assistant/chatbot

2.3 Platform Improvement

  • Analyze usage patterns to improve our services
  • Develop new features and functionality
  • Conduct research and analytics
  • Troubleshoot technical issues

2.4 Marketing and Communications

  • Send transactional emails (booking confirmations, reminders)
  • Send marketing communications (with your consent)
  • Notify you about platform updates and new features
  • Administer promotions and contests

2.5 Legal and Safety

  • Comply with legal obligations
  • Enforce our Terms of Service
  • Protect against fraud and abuse
  • Respond to legal requests and prevent harm

3. How We Share Your Information

3.1 With Practitioners and Consumers

When you book a service, we share relevant information between practitioners and consumers to facilitate the service. Practitioners may access your profile, booking history, intake forms, and wellness data you choose to share.

3.2 With Service Providers

We share information with third-party vendors who perform services on our behalf:

  • Payment processors (Stripe, PayPal)
  • Cloud hosting providers (Amazon Web Services, Google Cloud)
  • Email service providers (SendGrid)
  • SMS providers (Twilio)
  • Analytics providers (Google Analytics, Mixpanel)
  • Customer support tools (Intercom)

3.3 With Business Partners

We may share information with certification partners, affiliate partners, and corporate wellness program administrators (for enterprise customers) as necessary to provide our services.

3.4 For Legal Reasons

We may disclose your information if required by law, legal process, or government request, or to protect our rights, privacy, safety, or property.

3.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

3.6 With Your Consent

We may share your information for other purposes with your explicit consent.

4. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access controls limit who can access your data
  • Infrastructure: SOC 2 Type II certified hosting infrastructure
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Training: Regular security training for all employees
  • Audits: Regular security assessments and penetration testing

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

5. HIPAA Compliance

For practitioners who are covered entities under HIPAA (Health Insurance Portability and Accountability Act), WellnessPrizm operates as a Business Associate. We maintain HIPAA-compliant practices including:

  • Business Associate Agreements (BAAs) with covered entity practitioners
  • Protected Health Information (PHI) safeguards
  • Access logging and audit trails
  • Employee HIPAA training
  • Incident response procedures

6. Your Privacy Rights

6.1 Access and Portability

You may request a copy of your personal data in a portable format.

6.2 Correction

You may update or correct inaccurate personal information through your account settings or by contacting us.

6.3 Deletion

You may request deletion of your personal data, subject to legal retention requirements.

6.4 Opt-Out

You may opt out of marketing communications at any time by clicking "unsubscribe" in our emails or adjusting your notification preferences.

6.5 Wearable Disconnection

You may disconnect wearable devices and revoke data sharing permissions at any time through your account settings.

6.6 Data Sharing Controls

You control what wellness data is shared with practitioners through granular privacy settings.

7. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request disclosure of personal information collected, used, and shared
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of the "sale" of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Exercise privacy rights without discriminatory treatment

To exercise these rights, contact us at [email protected].

8. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process your data based on consent, contract performance, legitimate interests, or legal obligations
  • Right to Access: Obtain confirmation and access to your personal data
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion under certain circumstances
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time

You may also lodge a complaint with your local data protection authority.

9. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. We may retain certain information as required by law or for legitimate business purposes, including:

  • Transaction records: 7 years (tax and legal requirements)
  • Health records: As required by applicable healthcare regulations
  • Account information: Until account deletion request
  • Usage analytics: 26 months (aggregated/anonymized)

10. Children's Privacy

WellnessPrizm is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses for transfers from the EEA.

12. Third-Party Links

Our Platform may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of the Platform after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

VUGA Media Group LLC

18117 Biscayne Blvd, Unit 1039

Aventura, FL 33160

Email: [email protected]

Phone: 1-786-967-6544

For data protection inquiries or to exercise your privacy rights, please email us with the subject line "Privacy Request."