This Privacy Policy describes how PRISM Health

and Wellness, LLC ("we", "our", or "PRISM") collects, uses, stores, and protects your personal

information when you use the PRISM mobile app ("the App").

Section 1. Wellness-Only Statement

PRISM is strictly a wellness support tool and does not provide medical, diagnostic,

therapeutic, or rehabilitative services. Information you share with PRISM is not treated as

medical records and PRISM is not HIPAA-compliant. Do not provide protected health

information through the PRISM app.

2. Information We Collect

We may collect the following information: - Name, email, age, gender, and zip code -

Self-reported knee condition type, pain and exertion scores, and exercise volume - User

feedback on exercise difficulty and session participation - App usage logs, timestamps, device

identifiers, and crash analytics

3. How We Use Your Information

We use your information to: - Provide personalized, adaptive wellness and wellness programs

- Track trends and improve our services - Issue automated red flag alerts for non-urgent risks

- Ensure app security, integrity, and troubleshooting

4. Data Storage and HIPAA Disclaimer

PRISM is not a covered entity under HIPAA and does not store or transmit Protected Health

Information (PHI). You agree not to input sensitive medical or identifying data that qualifies as

PHI. All data is stored securely with encrypted services.

5. Third-Party Tools

We may use Firebase (authentication and analytics), Stripe (payment processing), and Yelp

(provider directory). These tools may access anonymized or aggregate data but may not store

personally identifying information. PRISM does not control third-party privacy practices.

6. Red Flag Alerts and External Listings

PRISM may notify users of concerning symptoms based on in-app responses. These alerts

are algorithmic and do not constitute clinical recommendations or diagnosis. Providers listed

via Yelp or other tools are not affiliated with or endorsed by PRISM.

7. Data Retention

We retain user data indefinitely while your account is active and for a reasonable period

thereafter. Self-reported data and app usage logs are considered essential to the functionality

of the App and are not subject to deletion requests.

8. Data Deletion and Modification

If you reside in California, Colorado, Virginia, Connecticut, or Utah, you may request: - Access

to the data we store - Correction of inaccurate personal data PRISM does not permit the

deletion of subjective input data or core app activity logs due to operational necessity. To

request access or corrections, contact jesse@prismhealth.app.

9. Data Security

We use end-to-end encryption, tokenized access, and industry-standard security protocols.

While no system is entirely immune to breaches, PRISM will notify users of any material

breach in accordance with applicable laws.

10. Children's Privacy

The PRISM App is not intended for use by children under the age of 18. We do not knowingly

collect or retain data from minors.

11. International Use and Export Restrictions

PRISM is intended for use within the United States only. Users agree not to download,

access, or use the app in violation of U.S. export control laws or sanctioned region

restrictions.

12. No Sale of Personal Data

PRISM does not sell user data to any third party for commercial purposes. We do not engage

in profiling or behavior-based advertising targeting based on your health data.

13. Intellectual Property Protections

All app logic, content, and programming are proprietary. Attempting to extract, duplicate, or

reverse engineer PRISM's personalization engine, video library, or program structure is strictly

prohibited and may result in termination and legal action.

14. User Responsibility and Indemnity

By using PRISM, you acknowledge that your data will be stored and used as described. You

agree to indemnify and hold harmless PRISM Health and Wellness, LLC from any claims

arising from misuse of your account or breach of this Privacy Policy.

15. Changes to This Policy

We may modify this Privacy Policy at any time. Users will be notified via email or app

notification for material changes. Continued use of the App implies agreement with the

updated policy.

16. Contact

For questions, contact: jesse@prismhealth.app

17. PRISM AI Data and Interactions

When you use PRISM AI, your inputs and outputs may be processed and stored. These

interactions may be logged for compliance, quality control, and safety. PRISM AI responses

are automatically generated and may be inaccurate, offensive, vulgar, or inappropriate.

PRISM Health and Wellness, LLC disclaims responsibility for any harm, offense, or reliance

on PRISM AI responses. PRISM AI is not HIPAA-compliant, and users should not input

confidential or protected health information.