Privacy Policy

Effective date: May 12, 2026 · Last updated: May 20, 2026

1. Who we are

WELLlife Care (“WELLlife Care“, “we“, “us“, “our“) is a consumer health-tracking mobile application operated by Wondfo USA, Inc. We can be reached at appadmin@wondfousa.com for any question relating to this policy or your data. Our mailing address is available on request.

For purposes of GDPR and similar regimes, Wondfo USA, Inc. is the data controller. The Service is offered for use in the United States; we have not designated an EU representative and do not target users in the European Economic Area.

2. What WELLlife Care is — and is not

WELLlife Care helps you log rapid-test results, symptoms, temperature, pulse oximetry (SpO₂), blood pressure, and personal notes; review CDC and other public-health information; and produce a personal record you can choose to share.

WELLlife Care is not:

a medical device, a diagnostic tool, or a substitute for the instructions for use (IFU) that accompany any rapid test you take;
an FDA-cleared or FDA-authorized companion app to any specific rapid test;
a HIPAA-covered entity or a business associate of any health-care provider (see Section 8); and
a service that determines whether you are infectious, recovered, or fit to return to work, school, or any other activity.

Our AI assistant provides general, public-health-style information only and does not provide medical advice.

3. Information we collect

3.1 Information you give us

Category	Examples	When collected
Account information	Email, password (hashed via Amazon Cognito), display name	Registration / profile update
Profile & family members	Names, initials, color tags, optional avatar photos	When you add a family member
Self-reported health data	Symptoms, severity self-rating, temperature, SpO₂, blood pressure, notes, dates	Each daily log save
Rapid-test entries	Test type, result you entered (positive / negative / invalid), line appearance, date	When you log a test
Strip photos (optional)	Photo of test strip — stored as a personal record only; we do not read, scan, analyze, or extract a result from this image	When you add a photo
AI assistant chat	Your questions and the assistant’s replies	When using the assistant
Support communications	Messages to appadmin@wondfousa.com	When you contact us

3.2 Information collected automatically

Device & technical data — approximate device model, OS version, app version, crash reports.
Logs — authentication events (sign-in success / failure), timestamps of saves.

We do not use third-party advertising trackers, cross-app tracking SDKs, session-replay tools, or behavioral profiling.

3.3 Information we do not collect

Precise geolocation
Contacts, calendar, microphone, or media library (other than a photo you explicitly upload)
Government identifiers (SSN, driver’s-license number, etc.)
Payment card information (the current version is free)

4. How we use your information

Provide and operate the app (authentication, sync, member switching, AI chat).
Generate the personal reports you request.
Show public-health context (CDC respiratory-disease guidance, regional risk maps) — these features fetch only publicly available data from CDC endpoints; they do not send your personal data to CDC.
Maintain security, prevent abuse, and meet our legal obligations.
Send essential service messages (e.g., email verification). We do not send marketing email without your separate opt-in.

We do not use your health data, photos, or chat messages for advertising, sale to third parties, training third-party AI models, or profiling.

5. Legal basis (GDPR / UK GDPR users)

Performance of a contract (Art. 6(1)(b)) — to provide the app.
Explicit consent (Art. 9(2)(a)) — for special-category health data, test results, photos. You may withdraw consent at any time.
Legitimate interests (Art. 6(1)(f)) — security, fraud prevention, service improvement.
Legal obligation (Art. 6(1)(c)) — where law requires retention or disclosure.

6. Sharing and disclosure

Recipient	Purpose	Safeguard
Amazon Web Services (Cognito, DynamoDB, AppSync, S3)	Authentication, data storage, sync	AWS Customer Agreement & Data Processing Addendum; data stored in us-west-2 (Oregon, USA)
CDC public APIs	Read-only public data	No personal data sent; outbound only
Law-enforcement / regulators	Valid legal demand only	Minimum disclosure; notify you unless prohibited
Successor entities	Merger / acquisition / restructuring	Same protections required

We do not sell your personal information. We do not share personal information for cross-context behavioral advertising. We do not disclose your health data to medical providers, employers, schools, or insurers — sharing a report with anyone is your action, taken outside the app.

7. Where data is stored and how it is protected

Account and synced data: Amazon Web Services in us-west-2 (Oregon, USA), encrypted at rest using AWS-managed keys.
Strip photos and locally cached logs: stored on your device’s encrypted application storage.
Transport: all network traffic encrypted with TLS 1.2+.
Authentication: passwords hashed and salted by Amazon Cognito using SRP (Secure Remote Password); we never see your plaintext password.
Access controls: only a small number of authorized engineers can access production data.

No system is perfectly secure. If a breach occurs, we will notify affected users and the U.S. Federal Trade Commission as required by the FTC Health Breach Notification Rule (16 CFR Part 318), and any applicable state authorities, within the timeframes those rules require (typically within 60 days of discovery).

8. HIPAA status

WELLlife Care is a consumer-facing application. You install it, you enter your own data, and you decide whether to export or share any report. Accordingly, we are not a covered entity and not a business associate as those terms are defined in the federal Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). HIPAA does not apply to the information you store in this app on your own behalf.

Because HIPAA does not apply, we instead hold ourselves to comparable security practices and to the consumer-health-data laws described below, but we cannot provide HIPAA-specific protections such as a Notice of Privacy Practices or a Business Associate Agreement.

9. Your rights

Access a copy of your information.
Correct inaccurate information.
Delete your account and the data we hold (irreversible).
Export your data in a portable format (JSON or CSV).
Withdraw consent to processing of your health data; this will close your account.
Object to certain legitimate-interest-based processing.
Lodge a complaint with your local data-protection authority or state attorney general.

To exercise any right, email appadmin@wondfousa.com from the address on your account. We respond within 30 days (45 for U.S. CCPA, extendable to 90 days where allowed).

9.1 California residents (CCPA / CPRA)

In the last 12 months we have collected the categories listed in Section 3. We do not sell or “share” (as defined by CPRA) your information. California residents also have the right to know which categories we have collected and the sources / purposes; request correction or deletion; limit the use of “sensitive personal information” (your health data qualifies); and be free from retaliation. We honor the Global Privacy Control (GPC) signal where applicable. You may designate an authorized agent; we may verify the request with you.

9.2 Washington residents (My Health My Data Act)

WELLlife Care collects “consumer health data” as defined by the Washington My Health My Data Act (RCW 19.373). Washington residents have the right to confirm whether we are processing that data; access it; withdraw consent; and delete it from our systems and require us to instruct our processors to do the same.

We will not geofence health-care facilities or use precise location data in any form, in accordance with RCW 19.373.

To submit a request, email appadmin@wondfousa.com with subject line “WA MHMDA request”. You may also appeal an adverse decision by replying to our response; if we deny, you may contact the Washington State Attorney General at www.atg.wa.gov.

9.3 Other state laws

Residents of Colorado, Connecticut, Texas, Virginia, Utah, Oregon, Montana, and similar states with comprehensive consumer-privacy statutes have rights substantially similar to those described above. The same email (appadmin@wondfousa.com) is the intake point for all such requests.

10. Children

WELLlife Care is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, contact us and we will delete it. Families using the “member” feature acknowledge that the account holder is responsible for any data they log on behalf of a minor in their household; we do not verify family relationships and store such entries as the account holder’s own data.

11. Data retention

Account data — retained until you delete your account.
Health logs and test entries — retained until you delete the relevant card or your account.
Strip photos — stored on-device only by default; if synced to AWS S3 in a future version, the same deletion rules apply.
AI chat history — retained for 12 months, then deleted.
Backups — encrypted backups may persist up to 35 days beyond deletion.
Logs — security and access logs retained up to 12 months.

12. International transfers

If you access WELLlife Care from outside the United States, your information will be transferred to and processed in the United States, where Amazon Web Services operates the infrastructure that supports the Service. We rely on Standard Contractual Clauses (Module 2) and supplementary measures for transfers from the EEA, UK, and Switzerland; AWS has executed those clauses as a sub-processor.

13. Changes to this policy

We will update the “Last updated” date if anything changes. If the change is material, we will notify you in-app and by email before it takes effect, and where required we will obtain your renewed consent.

14. Contact

Email: appadmin@wondfousa.com
Mail: Wondfo USA, Inc. — mailing address available on request.