Consumer Health Data Privacy Policy
Effective date: [EFFECTIVE_DATE] Last updated: [LAST_UPDATED_DATE]
This Consumer Health Data Privacy Policy applies in addition to our main Privacy Policy. It governs how we handle "Consumer Health Data" as defined by the Washington My Health My Data Act (MHMDA, RCW Chapter 19.373) and Nevada's Consumer Health Data Privacy Law (Nevada CHDPL, NRS §§ 603A.400–603A.550). It is published as a separate, distinct document as required by RCW 19.373.020(1).
If you are not a resident of Washington State or Nevada, this Policy is provided for transparency. Residents of other US states and non-US jurisdictions should refer to the main Privacy Policy for the rights applicable to you.
1. Who We Are
CBT Quest is operated by [PUBLISHER_LEGAL_NAME], a natural person residing at [PUBLISHER_POSTAL_ADDRESS], Poland.
- Email: privacy@cbt.quest
- Washington rights requests subject line:
MHMDA Request - Nevada rights requests subject line:
Nevada Consumer Health Data Request
We are a "regulated entity" under RCW 19.373.010(24) and a "covered entity" under NRS 603A.420.
2. Categories of Consumer Health Data We Collect
We collect the following categories of Consumer Health Data only when you voluntarily record a voice entry and tap "Analyse":
- Voice recordings that may indicate your mental or emotional state (ephemeral only — see Section 4).
- Transcripts of those recordings (in transit only, never stored server-side).
- AI-generated CBT reflection output (in transit only, never stored server-side).
No Consumer Health Data is stored on our servers. All journal content is stored exclusively on your device in an AES-256 SQLCipher-encrypted database, with the encryption key protected by your device's Secure Enclave.
3. Sources of Consumer Health Data
Directly from you (your device), when you record a voice entry and request AI analysis.
4. Purposes of Collection and Processing
Consumer Health Data is collected and processed solely to provide the service you have requested:
- Speech-to-text transcription of your voice entry via Deepgram.
- AI-generated CBT-structured reflection on the transcript via Anthropic's Claude API.
- Return of the reflection to your device.
We do not use Consumer Health Data for:
- Marketing or advertising;
- Targeted or cross-context behavioural advertising;
- Training artificial-intelligence models;
- Sale to any third party or affiliate;
- Profiling for decisions that produce legal or similarly significant effects;
- Inferences about you beyond the immediate analysis you requested;
- Geofencing of healthcare facilities (see Section 9).
5. Categories of Consumer Health Data Shared and With Whom
To perform the service you request, data is transmitted to the following processors, who act on our behalf under contractual data-processing agreements that prohibit retention beyond the immediate request and prohibit use for any purpose other than providing the service:
| Processor | Role | Data received | Retention |
|---|---|---|---|
| Deepgram, Inc. | Speech-to-text transcription | Audio (during active request only) | Zero Data Retention — deleted at end of request |
| Anthropic, PBC | AI analysis via Claude | Transcript text (during active request only) | Zero Data Retention — deleted at end of request |
We do not share Consumer Health Data with any other party, including affiliates. We do not permit either processor to use the data to train AI models.
6. Sale of Consumer Health Data
We do not sell Consumer Health Data, and we have not sold Consumer Health Data in the preceding 12 months or ever.
If that ever changes, we will obtain your separate, affirmative, written authorisation meeting the statutory requirements of RCW 19.373.040 (Washington) or NRS 603A.500 (Nevada) before any such sale. Authorisation will be sought only for a specific proposed sale; it will not be obtained by default.
7. Your Rights
Under MHMDA (RCW 19.373.050) and Nevada CHDPL (NRS 603A.440–460) you have the right to:
- Confirm whether we are collecting, sharing, or selling your Consumer Health Data, and access a copy.
- Receive a list of all third parties and affiliates to whom we have shared or sold your Consumer Health Data.
- Withdraw consent to further collection or sharing at any time.
- Request deletion of your Consumer Health Data. Upon a deletion request, we will erase the data from our active systems, unrecoverable backups where reasonably feasible, and will instruct all processors to do the same.
- Appeal a denial of any of the above rights (see Section 11).
- Complain to your state Attorney General (see Section 12).
We will respond to your request within 30 days, extendable once by 45 days with notice, as required by RCW 19.373.050(2) and NRS 603A.450.
8. How to Exercise Your Rights
Send an email to privacy@cbt.quest from any address. Include your Device Verification Code (8-character code shown in the app under Settings → Privacy → Data Controls). Subject line:
MHMDA Request— Washington residentsNevada Consumer Health Data Request— Nevada residents
We use the Device Verification Code to verify a request without requiring you to hold an account. You may designate an authorised agent by providing them with your Device Verification Code and written authorisation; we may confirm the request directly with you.
9. Consent
By tapping "Enable voice analysis" in the app, you provide affirmative, specific, opt-in consent to the collection and processing described above, as required by RCW 19.373.030 and NRS 603A.420(2). Consent is logged against your pseudonymous device identifier with a timestamp.
You may withdraw consent at any time in Settings → Privacy → "Disable voice analysis". Withdrawal stops all future processing; it does not affect processing already performed.
If we propose to collect, use, or share additional categories of Consumer Health Data not disclosed in this Policy, or to use or share data for additional purposes, we will disclose the additional categories or purposes and obtain your affirmative consent before doing so (RCW 19.373.030(2); NRS 603A.420(4)).
10. No Geofencing
We do not implement any geofence around any healthcare facility, provider of health services, or other health-adjacent location. This prohibition is affirmed under RCW 19.373.060 and NRS 603A.470.
11. Appeal
If we deny a rights request, you may appeal by replying to our denial within 60 days. We will respond to the appeal within 60 days with written reasons. If we still deny, you may proceed to Section 12.
12. Complaints and Private Rights of Action
12.1 Washington residents
You may file a complaint with the Washington State Attorney General at atg.wa.gov/file-complaint. A violation of MHMDA is a per se violation of the Washington Consumer Protection Act (Ch. 19.86 RCW) and grants you a private right of action for injunctive relief, actual damages, attorneys' fees, and treble damages capped at $25,000 per violation.
12.2 Nevada residents
You may file a complaint with the Nevada Attorney General at ag.nv.gov. Nevada CHDPL is enforced by the Attorney General under the Nevada Deceptive Trade Practices Act; there is no private right of action under Nevada CHDPL itself.
13. Security
Consumer Health Data transmitted to our servers is protected by TLS 1.3 encryption in transit. It is not stored server-side beyond the ephemeral processing window in Section 4. All on-device content is stored in an AES-256 SQLCipher database with keys held in the iOS Secure Enclave, optionally gated behind Face ID or a PIN.
14. Retention
We do not retain Consumer Health Data server-side beyond the ephemeral processing window. Specifically:
- Audio in transit: deleted immediately on device acknowledgment; maximum 24 hours (safety cap).
- Transcripts in transit: never stored server-side; discarded at the end of each request.
- AI analyses in transit: never stored server-side; discarded at the end of each request.
- Pseudonymous device identifier: retained only to link your consent decisions to your installation; purged within 30 days after your last request. This is not itself Consumer Health Data.
15. Changes to This Policy
We will notify you in-app and via a banner on this page at least 30 days before any material change takes effect. Previous versions are archived at staging.cbt.quest/legal/consumer-health-data-privacy/archive.
16. Contact
CBT Quest is operated by [PUBLISHER_LEGAL_NAME], residing at [PUBLISHER_POSTAL_ADDRESS], Poland.
- Email: privacy@cbt.quest
- Main Privacy Policy: staging.cbt.quest/legal/privacy-policy
- Terms of Use: staging.cbt.quest/legal/terms-of-use
This Policy is published at staging.cbt.quest/legal/consumer-health-data-privacy and is linked prominently from the app's home page as required by RCW 19.373.020(1).
© [YEAR] CBT Quest. All rights reserved.