Privacy

Consumer Health Data Privacy Notice

Last updated: May 25, 2026

This notice supplements our Privacy Policy. It describes how Mycro handles "consumer health data" under U.S. state laws — most notably the California Consumer Privacy Act (CCPA/CPRA) and the Washington My Health My Data Act (MHMDA). It applies to trymycro.com (the "Site") and the Mycro mobile application (the "App").

Short version: the data you log in Mycro — your weight, your food, your food photos, your conversations with the coach — is consumer health data under these laws. We don't sell it, we don't share it for cross-context advertising, and we will never sell your geolocation or biometric data because we don't collect those. You can access, correct, delete, or port your data; opt out of certain processing; and revoke consent at any time.

1. What we treat as consumer health data

For purposes of MHMDA and similar state laws, the following information you provide or generate in the App is consumer health data:

Weight logs (weigh-ins and trend)
Food logs (descriptions, optional photos, notes)
Calorie estimates produced by the AI coach
Apple Health data you choose to share with us (body weight, resting energy)
Coach conversations you have with the AI
Profile fields used for calorie math (age, biological sex, height, goal weight, activity level)

On the Site, the only personal information we collect is your email address (if you submit the "Notify me" form) and standard server logs. We do not collect health data on the Site.

2. Why we collect it

We use this data only to operate Mycro — to show your weight trend, estimate calories from photos and descriptions, generate contextual coaching messages, send notifications you've opted into, and provide customer support. The full list is in Privacy Policy, Section 4.

We do not use your health data for advertising, profiling for advertising, or training AI models. See Section 4 below for what we explicitly do not do.

3. Who we share it with

Sharing is limited to the service providers listed in our Privacy Policy, Section 7 — primarily Amazon Web Services (which provides hosting and AI inference via Anthropic's Claude model) and the small set of operational vendors listed there. Each vendor is contractually limited to processing your data for the purposes we direct.

We do not sell, rent, or share your consumer health data with third parties for their own marketing or advertising purposes.

4. What we do NOT do

We do not "sell" personal information as defined by the CCPA/CPRA.
We do not "share" personal information for cross-context behavioral advertising as defined by the CCPA/CPRA.
We do not sell or share consumer health data under the Washington My Health My Data Act.
We do not use a "geofence" to identify, track, or advertise to anyone based on visits to in-person healthcare locations.
We do not collect biometric identifiers (fingerprints, voiceprints, retinal scans).
We do not collect precise geolocation.
We do not use your health data to train AI models.

5. Your rights

Depending on where you live, you have some or all of the following rights with respect to your consumer health data:

Access — receive a copy of the consumer health data we hold about you, including categories and sources.
Correct — fix inaccurate data (most fields are user-editable inside the App).
Delete — delete your account and all associated data via Profile → Delete account in the App, or by emailing us. Deletion cascades across our databases and storage; backup snapshots roll off within 35 days.
Withdraw consent for any processing that is based on your consent, without affecting the lawfulness of prior processing.
Limit use of sensitive personal information (CCPA/CPRA).
Opt out of any future "sale" or "sharing" — to the extent we ever begin doing so, which we don't today.
Appeal a decision we make about your request, where state law gives you the right to do so.
Non-discrimination — exercising your rights does not change your service or pricing.

6. How to exercise your rights

Email hello@trymycro.com with the subject line "Health data request" and tell us what you'd like to do. We will:

Verify your identity (typically by confirming you control the account email).
Respond within 45 days, with a possible 45-day extension if your request is complex. Where state law requires a faster response, we'll meet that timeline.
Tell you why if we decline part of a request and how to appeal where applicable.

If you'd prefer to authorize an agent to make a request on your behalf, include written, signed permission and we'll verify directly with you before acting.

7. Changes to this notice

We'll update the "Last updated" date at the top of this page when we change it materially. For significant changes, we'll also notify you in-App or by email at least 7 days before the change takes effect.

8. Contact

Email: hello@trymycro.com
Mail: Momentum Loop LLC, c/o the address listed in the App Store privacy contact.

Mycro is operated by Momentum Loop LLC, a Texas limited liability company. Mycro is not a HIPAA-covered entity; the data you give us is governed by general consumer-privacy law as described above and in our Privacy Policy.