Privacy Policy

Last updated. This Privacy Policy explains how CardioMetaboliQ Labs LLC DBA CMiQHealth (“we,” “us”) collects, uses, discloses, and safeguards information.

1. Scope

This Policy applies to information collected from Practitioners, site visitors, and, where applicable, Patients whose data is processed for report generation.

2. Information We Collect

• Practitioner Information: identity, credentials, billing, shipping. • Technical Data: IP address, device identifiers, browser type, cookies, analytics. • Transaction Data: order history, support communications. • Patient Data: sample metadata and report outputs as necessary to perform Services.

3. Sources of Information

We collect information directly from you, automatically via cookies/SDKs, and from service providers (e.g., payment processors, verification services).

4. Use of Information

We use information to provide and improve Services, verify eligibility, fulfill orders, process payments, generate reports, communicate with you, conduct analytics, detect fraud, and comply with law.

5. Legal Bases (GDPR-style for international visitors)

Where applicable, we rely on performance of a contract, legitimate interests (e.g., service improvement), consent (e.g., certain cookies), and legal obligations.

6. Sharing and Disclosure

We share data with service providers under confidentiality obligations (IT hosting, carriers, payment processors), with professional advisors, and as required by law. We do not sell personal information.

7. Cookies and Analytics

We use cookies, pixels, and similar technologies for functionality, performance, and analytics. You may adjust browser settings to refuse cookies; doing so may impact functionality.

8. Your Choices

You may update account details, opt out of non-essential emails, and manage cookie preferences via your browser or our banner (where implemented).

9. Data Retention

We retain personal information as long as needed for the purposes described, including legal, accounting, or reporting requirements. Patient data is retained per legal/regulatory timelines.

10. Security

We employ administrative, technical, and physical safeguards designed to protect information; however, no system is 100% secure.

11. Children’s Privacy

Our Services are not directed to children under 13. We do not knowingly collect personal information from children under 13.

12. U.S. State Privacy Rights (including California)

If you are a California resident and our activities meet CPRA thresholds, you may have rights to access, delete, correct, or opt out of certain processing. If we operate exclusively online and interact directly with consumers, we may provide a designated email address for requests. Requests may be submitted at support@cmiqhealth.com.

13. HIPAA

When we receive or process PHI on behalf of Practitioners, HIPAA may govern such data. See our HIPAA Notice for permitted uses/disclosures and patient rights.

14. International Transfers

If you access our Services from outside the U.S., you understand that data will be transferred to and processed in the U.S., which may have different data protection laws.

15. Third‑Party Links

Our Site may contain links to third‑party sites. We are not responsible for their content or privacy practices.

16. Changes to this Policy

We may update this Policy. Material changes will be posted on the Site with an updated date.

17. Contact Us

Questions or requests: support@cmiqhealth.com or mail 187 Calle Magdalena, Suite 210, Encinitas CA 92024.