Privacy policy

Last updated: June 4, 2026

Privacy Statement of Vital Health International, LLC

During the processing of personal data, Vital Health International, LLC ("Vital Health") operates in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR). This means we:

  • Define our purposes before processing your personal data using this privacy statement.
  • Collect only the personal data needed for legitimate purposes.
  • Ask for explicit permission before processing your personal data when required.
  • Take appropriate security measures to protect your data and require the same from any third parties we work with.
  • Respect your right to access, correct, or delete personal data held by us.

Vital Health International, LLC is responsible for all data processing. This statement explains what personal data we collect, why we collect it, and how it is used on our website. Please read it carefully.

If you have any questions about how we handle personal data, you can contact Vital Health International, LLC or our Mexico representative using the details at the end of this statement.

1. Registration

Certain parts of our service require registration. To create an account, you may provide:

  • Identification data: name, co-applicant's name (if applicable), birth date, username, display name/nickname
  • Contact data: address (billing and/or delivery), phone number, email address
  • Financial data: billing address, payment information
  • Media data: profile picture
  • Technical data: IP address
  • Company data: company name, VAT/Tax ID number

We collect this to manage your account, complete purchases, and fulfil orders. Under GDPR article 49.1.b, your data may be transferred to our U.S.-based servers for agreement performance. We retain this data for 7 years in compliance with U.S. tax laws.

1.1 Shared with Third Parties

We share necessary registration data with trusted partners for marketing and personalized ads:

  • Zendesk (customer support)
  • ShipStation (order logistics)
  • Payoneer, CoinPayments (payment providers)
  • Google (analytics & ads)

2. Handling Your Order

To process orders, we use:

  • Identification, contact, financial, and company data (as above)
  • Additional company details: SSN/TIN if required for invoicing

Data is used to process payments, generate invoices, and arrange shipping. Under GDPR article 49.1.b, data may be transferred to U.S. servers. We'll retain these records for 7 years for tax compliance.

2.1 Shared with Third Parties

Third parties receiving order data:

  • Local delivery couriers (USPS, UPS, DHL)
  • Payment processors (First Data, Payoneer)
  • Logistics partners (ShipStation, ShipMonk)

3. Sending Marketing Messages

We provide email, SMS, and WhatsApp updates only with your consent. We collect:

  • Name (first/last)
  • Email address
  • Phone number (if opted-in for SMS/WhatsApp assistance)

Under GDPR article 49.1.a, data may be transferred to U.S. servers. We store marketing opt-ins for 6 months after unsubscribing.

3.1 Shared with Third Parties

We share marketing data with:

  • Our email/SMS provider (e.g., Klaviyo or Mailchimp)
  • Advertising platforms (Google Ads, Facebook/Meta) for retargeting

4. Access to the Customer Portal

When you log into your account portal, we collect and retain:

  • Identification, contact, financial, media, technical, and company data (as above)

Data use is governed by our agreement with you and retained for 7 years post-closure. Under GDPR article 49.1.b, transfers to U.S. servers are necessary.

4.1 Shared with Third Parties

Third parties with access: Zendesk, ShipStation, and other tools supporting account management.

5. Subscriptions

If you purchase a subscription, we collect:

  • Identification, contact, financial, technical, and company data (as above)

Data supports ongoing billing and subscription management. We retain your data for 7 years post-cancellation, with longer retention as needed for tax/legal purposes.

6. In-App Purchases

If you buy services or digital goods via our app, we use:

  • Identification, contact, financial, technical, and company data (as above)

Data is used to process your purchase and maintain access. We retain this purchase data for 2 years, or longer if required for legal purposes.

7. Statistics and Profiling

We collect usage, behaviour, and technical data (including IP addresses) to personalize your experience. This is processed with your consent (GDPR article 49.1.a). Data is kept for six months after deactivation.

8. Promotions

We may inform you of new products via:

  • Email
  • SMS/WhatsApp

You may opt out anytime via provided links or through your account settings.

9. Location Data

If you allow GPS access, we collect location data to ensure accurate delivery addresses and relevant offers. Those data may be processed by third-party services like Google Maps or Apple—but not used for other purposes. Consent is requested up front.

10. Health Connect and Apple Health Data

When you grant Vital Health access to Health Connect (Android) or Apple Health (iOS), we read the following health and fitness data types solely for the purposes described below. We do not read any Health Connect or Apple Health data type not listed here.

10.1 Data Types Accessed and Their Purpose

  • Heart rate — used during a face scan to calibrate the on-device heart-rate estimate against your device's most recent measurement.
  • Heart rate variability — used during a face scan to calibrate the on-device HRV (RMSSD) estimate.
  • Oxygen saturation (SpO2) — used during a face scan to calibrate the on-device SpO2 estimate.
  • Respiratory rate — used during a face scan to calibrate the on-device breath-rate estimate.
  • Resting heart rate — used to personalize the plausible BPM range for your scan and to provide context to derived biomarkers.
  • Sleep — used to provide a recovery context tile on your Health Stats dashboard.
  • Steps, Active calories burned, Distance, Exercise (workout summary) — used to populate the daily activity tiles on your Health Stats dashboard.
  • VO2 max — used as a cardio fitness reference value on your Health Stats dashboard.

10.2 How Your Data Is Processed

  • All raw Health Connect / Apple Health samples remain on your device. We never transmit raw samples from these systems to our servers or to any third party.
  • The computed scan output (final biomarker values such as a heart-rate number, HRV score, SpO2 estimate) is transmitted to our backend tagged only with an anonymous installation identifier. This is used for population-level calibration of our algorithms. No personal identifiers, dealer IDs, or account information are attached to this transmission.
  • We do not sell or share Health Connect or Apple Health data with any third party.
  • We do not use Health Connect or Apple Health data for advertising or marketing purposes.

10.3 Retention and Deletion

  • Health Connect / Apple Health samples are never persisted by Vital Health. They are read only during the relevant scan or screen view and are not cached after the scan completes.
  • Anonymous scan-result telemetry is retained for up to 24 months for algorithm improvement and is then deleted.
  • You can revoke our access at any time from the Health Connect app (Android Settings → Apps → Health Connect → App permissions) or from Apple Health (Health app → Sharing → Apps).
  • To request deletion of any anonymous scan telemetry associated with your installation, contact support@vitalhealthglobal.com.

10.4 Children

  • Vital Health is not intended for users under 13. We do not knowingly collect Health Connect or Apple Health data from children.

11. Sharing Data with Third Parties

We share personal data only as necessary for the above services or when legally obligated (e.g., to law enforcement).
Third-party buttons on our site (e.g., social media) may collect data. Please review their privacy notices.

12. Cookies

We use cookies to save your preferences and analyse site usage. You'll see a cookie notice when you first visit. You may disable cookies, but this may affect site functionality. For third-party cookies, refer to their provider's privacy policies.

13. Security Measures

We secure your data by:

  • Requiring passwords and, if applicable, 2FA
  • Storing data on secure proprietary servers
  • Encrypted SSL connections
  • Logging data access
  • Physically securing our systems

14. Data Protection Officer

Ricardo Tovar is the appointed Data Protection Officer (DPO).
You may contact him at:
📧 rtovar@vitalhealthglobal.com
📞 +1 928‑788‑0204

15. Changes to This Policy

We may update this policy. Please review it periodically for changes.

16. Your Rights

You have the rights to:

  • Access, rectify, or erase your personal data
  • Restrict processing or request data portability
  • Object to marketing or profiling
  • Withdraw consent at any time
  • Lodge a complaint with your data protection authority

To exercise these rights, please contact us. We may ask for ID verification (with sensitive data redacted). We'll respond within one month, or longer if legally permitted, with notification.

17. Complaints

To file a complaint, contact the DPO at rtovar@vitalhealthglobal.com. If unsatisfied with our response, you may lodge a complaint with your national data protection authority.

18. Contact Information

Vital Health International, LLC
3325 Capitol Avenue, Suite 413A
Cheyenne, WY 82001, USA

Privacy Officer: Ricardo Tovar
📧 rtovar@vitalhealthglobal.com
📞 +1 928‑788‑0204