HashiMotto Privacy Policy
Last updated / Effective date: July 6, 2026
Last updated / Effective date: July 6, 2026
This Privacy Policy explains how Immunomy, Inc. ("Immunomy," "we," "us," or "our") collects, uses, discloses, and protects information in connection with the HashiMotto mobile application, the website at hashimotto.app, and related services (together, the "Service").
HashiMotto is a wellness companion for people living with Hashimoto's thyroiditis and related thyroid conditions. Because you may choose to share health-related information with us, we treat that information with particular care and describe our practices in plain language below.
Please read this Policy together with our Terms of Service. By creating an account or using the Service, you acknowledge this Policy. Where we rely on your consent — including for the collection and use of your health information — we obtain it as described here.
HashiMotto is not a doctor and is not a substitute for professional medical care. This Policy is about your data. For what HashiMotto is and isn't as a health tool, see our Terms of Service.
1. A one-screen summary
This summary is for convenience; the full Policy controls.
- Who we are: Immunomy, Inc., a Delaware company. The Service is offered to users in the United States only.
- What we collect: account details, and the health and wellness information you choose to provide (symptoms, lab values, medications, meals, mood, movement), data from wearables you connect, your community activity, and technical/usage data.
- How we use it: to provide and personalize the Service — including HashiDoc, our AI companion — to keep the Service safe, and, with your consent, to support optional research and to send you communications.
- AI: HashiDoc is powered by Amazon Bedrock running inside our own AWS environment. Your inputs are used to generate responses for you; they are not used to train third-party AI models and are not shared with the model providers.
- Advertising & health data: We do not sell your personal information, and we do not share your health information with advertising partners. We do use standard analytics and advertising tools on our marketing website; you can opt out (see Section 10).
- Telehealth: If you use telehealth features, those services are provided by OpenLoop and its independent licensed providers under a separate, HIPAA-compliant relationship and privacy notice.
- Your choices: You can access, correct, export, and delete your information, and withdraw consent, from within the app or by contacting us (see Sections 9–12).
- Contact: privacy@immunomy.com (or privacy@hashimotto.app).
2. Scope, eligibility, and our HIPAA status
Who this Policy covers. This Policy applies to the HashiMotto app and website and to information we process as the data controller.
Age. The Service is intended only for individuals 18 years of age or older. We do not knowingly collect information from anyone under 18. If we learn that we have collected information from a person under 18, we will delete it. If you believe a minor has provided us information, contact privacy@immunomy.com.
Our HIPAA status — please read. For the core HashiMotto app, Immunomy is generally not a "covered entity" or a "business associate" under the U.S. Health Insurance Portability and Accountability Act (HIPAA). This means the information you enter into the app is generally not "protected health information" (PHI) governed by HIPAA — but we nonetheless treat your health information as sensitive and protect it as described in this Policy, and other laws (including state health-privacy and consumer-protection laws) still apply.
Telehealth is different. If you choose to use HashiMotto's telehealth features, the clinical services are provided by OpenLoop Health, Inc. ("OpenLoop") and independent, licensed practitioners (which may include dietitians, nutritionists, endocrinologists, functional-medicine practitioners, and immunologists). In that telehealth context, OpenLoop and its providers act as covered entities under HIPAA, and information you share in that relationship is governed by OpenLoop's own Notice of Privacy Practices and privacy policy, not this Policy. See Section 6.
3. Information we collect
We collect information in three ways: information you provide, information collected automatically, and information from third parties and connected services.
3.1 Information you provide
- Account information: your name (or display name), email address, password, and any profile details you add (such as your thyroid condition type, general goals, or preferences set during onboarding).
- Health and wellness information you choose to enter, which may include:
- Symptoms (e.g., fatigue, brain fog, cold sensitivity, mood, and others you log);
- Laboratory values you enter or upload (e.g., TSH, Free T4, Free T3, thyroid antibodies such as TPO, and related panels);
- Medications and supplements, dosages, and reminders;
- Meals, nutrition, and dietary protocol (e.g., gluten-free, dairy-free, AIP);
- Movement, breathing sessions, and mood check-ins;
- Notes and voice inputs (including audio you provide for voice logging, and its transcription).
- Community content: posts, replies, reactions, and profile elements you share in HashiHub, including content you post anonymously within the app.
- Communications: messages you send us (support requests, feedback, survey responses).
- Payment information: when you subscribe to a paid plan, your payment is processed by Stripe. We do not collect or store your full card number; Stripe handles card data under its own terms. We receive limited billing details (such as plan, status, and partial card metadata) needed to manage your subscription.
3.2 Information collected automatically
- Device and app data: device type and model, operating system, app version, language, time zone, and general settings.
- Usage data: features you use, screens you view, actions you take, and diagnostic/crash and performance data (e.g., via Firebase and error-logging tools).
- Approximate location: we may infer coarse location (such as region) from your IP address; we do not collect precise GPS location unless you separately enable a feature that requires it and consent.
- Cookies and similar technologies on our website: see Section 10 and our Cookie information.
3.3 Information from connected services and third parties
- Wearables and health platforms you connect: with your authorization, we receive read-only data from services you link, which may include Apple Health, Oura, Garmin, Fitbit, Google Fit, Whoop, and continuous glucose monitors (CGM). This can include metrics such as heart-rate variability (HRV), sleep stages, resting heart rate, body temperature, SpO₂, activity, and recovery. We access only the categories you permit, and you can disconnect at any time.
- Telehealth provider (OpenLoop): limited information may be exchanged with OpenLoop when you choose to use telehealth, as described in Section 6 and subject to your consent.
- Service providers: we receive information from vendors that help us operate (for example, analytics, infrastructure, and payment providers).
We do not purchase personal information about you from data brokers.
4. Sensitive information and your consent
Some of the information above — including your symptoms, lab values, medications, mood, and health metrics from wearables — is sensitive health information. Under various U.S. state laws, sensitive information generally requires your consent to collect and use.
You provide this information voluntarily, and by choosing to enter health information, connect a wearable, or use health features of the Service, you consent to our collection and use of that information for the purposes described in this Policy — principally, to provide the Service to you. Where a specific feature (such as optional research contribution) requires separate, affirmative consent, we ask for it separately, and you can decline or withdraw it at any time (see Sections 8 and 12).
We use your sensitive health information only to provide, personalize, secure, and support the Service (and, separately and only with your opt-in, for de-identified research). We do not use your health information to serve you targeted advertising, and we do not sell it.
5. How we use information
We use information for the following purposes:
- To provide the Service: create and manage your account; power the dashboard, symptom and meal logging, Flow Space, HashiHub, progress features, and the Doctor Visit Summary.
- To power HashiDoc (our AI companion): generate personalized, educational responses grounded in your data and our clinician-reviewed research library. See Section 7 for how the AI processes your information.
- To personalize your experience: tailor meal suggestions, content, and insights to the information you provide and your preferences.
- To connect wearables and reflect that data in your dashboard.
- To enable telehealth through OpenLoop when you choose to use it (Section 6).
- To communicate with you: service and transactional messages (account, security, billing, waitlist), and — with your consent where required — marketing messages about features and offers (Section 10.3). You can opt out of marketing at any time.
- To process payments and manage subscriptions through Stripe.
- To keep the Service safe and reliable: prevent fraud and abuse, moderate community content, debug, secure our systems, and enforce our Terms.
- To improve the Service: understand usage and performance (using aggregated or de-identified data wherever practicable).
- For optional research (Section 8), using de-identified data, only if you opt in.
- To comply with law and protect the rights, safety, and property of users, Immunomy, and others.
We describe the specific bases and your related rights for state-law purposes in Section 11.
6. Telehealth provided by OpenLoop
HashiMotto may offer access to telehealth services — one-to-one engagement with licensed practitioners such as dietitians, nutritionists, endocrinologists, functional-medicine practitioners, and immunologists.
These services are provided by OpenLoop and its independent providers, not by Immunomy. Immunomy does not provide medical care, does not employ the providers, and is not responsible for the clinical services delivered. We understand OpenLoop engages licensed providers across all 50 U.S. states.
How your data is handled in telehealth:
- When you choose to use telehealth, you authorize us to share the information reasonably necessary to facilitate the service (which may include relevant profile and health information) with OpenLoop and your provider.
- Once you enter the telehealth relationship, information you share with OpenLoop and its providers is handled under OpenLoop's HIPAA-compliant privacy practices and Notice of Privacy Practices, and by the providers as covered entities — not under this Policy.
- Records created in the course of your care are maintained by OpenLoop / the providers in accordance with their obligations.
Please review OpenLoop's privacy notice before using telehealth features. If you do not use telehealth, no information is shared with OpenLoop for that purpose.
7. How HashiDoc (AI) uses your information
HashiDoc is HashiMotto's AI companion. It is designed to give you educational, personalized information — it does not diagnose, prescribe, or dose, and it is not a medical professional. (See our Terms for these limits.)
How it works with your data:
- When you interact with HashiDoc, the information needed to answer you — which may include your relevant labs, symptoms, medications, and profile — is processed to generate a response for you.
- This processing is performed using Amazon Bedrock, an AWS service, operating within Immunomy's own AWS environment in the United States.
- Your inputs and the AI's outputs are not used to train the underlying ("foundation") AI models, and are not shared with the third-party providers of those models. This processing is governed by our agreements with AWS, including our Business Associate Addendum.
- We may retain your HashiDoc conversations as part of your account history so you can refer back to them, and to provide, secure, and improve the Service. You can delete conversations and your account (Section 9).
A note on AI limitations: AI can be wrong or incomplete. Do not rely on HashiDoc for emergencies or in place of professional judgment. See the Terms for the full disclaimer.
8. Optional research contribution
We may invite you to contribute to research aimed at improving understanding of Hashimoto's and thyroid health.
- Opt-in only, off by default. We do not include your data in research unless you affirmatively choose to participate, and you can withdraw at any time.
- De-identified. Data used for research is de-identified in accordance with recognized standards so that it is not reasonably capable of being associated with you. Withdrawing consent stops future use; data already de-identified and included in completed research may not be retrievable.
- Who receives it. Research use is limited to Immunomy internally and academic research partners. We do not sell your data, and we do not license or share identifiable health data for commercial purposes.
9. How we share information
We share information only as described here. We do not sell your personal information. We do not share your health information with advertising partners or data brokers.
- Service providers (processors) who perform functions on our behalf under contract and only on our instructions — including cloud hosting and AI infrastructure (AWS, including Amazon Bedrock), payments (Stripe), product analytics and diagnostics (Firebase / Google Analytics, and product-analytics and session-quality tools such as Microsoft Clarity), communications and messaging providers, and error logging. These providers are bound to protect your information and to use it only to provide services to us.
- OpenLoop, for telehealth you choose to use (Section 6).
- Connected services you authorize (wearables/health platforms), to enable the integration you request.
- Advertising and measurement partners — non-health data only, on our marketing website. See Section 10.
- Community content you post is visible to other users of the Service according to your posting choices (including anonymous posting, where available).
- Legal and safety: to comply with applicable law, legal process, or governmental request; to enforce our Terms; to detect, prevent, or address fraud, security, or technical issues; and to protect the rights, property, or safety of users, Immunomy, or others.
- Business transfers: in connection with a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred, subject to the acquirer honoring commitments materially consistent with this Policy. We will notify you of any change in ownership or use of your personal information.
- With your direction or consent, in other cases you specifically approve.
We maintain a current list of key sub-processors; contact privacy@immunomy.com to request details.
10. Cookies, analytics, and advertising
10.1 On our marketing website
Our website (hashimotto.app) uses cookies and similar technologies for site functionality, analytics, and advertising/measurement. These may include tools from Google (Google Analytics / GA4, Firebase), Meta, TikTok, Microsoft Clarity, Taboola, Outbrain, and Reddit. These tools may set identifiers and collect information such as pages viewed, interactions, device and browser data, and IP-derived approximate location, and may share certain identifiers and online-activity data with those partners so we can measure and run advertising campaigns.
Health data is not part of this. We design the Service so that these advertising and measurement tools operate on our marketing pages and do not receive the health information you enter into the app.
10.2 Your controls
- Opt-out of "sale"/"sharing" and targeted advertising: You can opt out of the advertising-related sharing described above (see Section 11 for the "Do Not Sell or Share My Personal Information" mechanism and Global Privacy Control support).
- Cookie controls: where offered, use our cookie preferences tool; you can also manage cookies through your browser settings.
- Do Not Track: because there is no common standard, we do not currently respond to browser "Do Not Track" signals, but we honor recognized opt-out preference signals (such as Global Privacy Control) where required.
- Platform ad settings: you can adjust advertising preferences through Google, Meta, and other platforms directly, and through mobile device settings ("Limit Ad Tracking" / "Opt out of Ads Personalization").
10.3 Marketing communications (email, push, SMS, WhatsApp)
With your consent where required, we may send marketing messages by email, push notification, SMS/text, and WhatsApp.
- SMS and WhatsApp: By providing your mobile number and opting in, you consent to receive messages at that number, which may be sent using an automated system. Consent is not a condition of purchase. Message and data rates may apply; message frequency varies. Reply STOP to opt out and HELP for help.
- Email/push: use the unsubscribe link, or your device or in-app settings, to opt out.
- You cannot opt out of transactional/service messages (e.g., security, billing, and account notices) while you maintain an account.
11. Your U.S. privacy rights
Depending on your state of residence, you may have some or all of the rights below. We honor these rights for our users as described, and we do not discriminate against you for exercising them.
11.1 Rights that may apply
- Right to know / access the personal information we have collected about you and how we use and share it.
- Right to correct inaccurate personal information.
- Right to delete your personal information (subject to legal exceptions).
- Right to portability — obtain a copy in a usable format.
- Right to opt out of "sale" or "sharing" of personal information and of targeted/cross-context behavioral advertising. (We do not sell your information; we do "share" limited non-health identifiers for advertising on our website — you can opt out.)
- Right to limit the use and disclosure of sensitive personal information. We already use your sensitive health information only to provide the Service and for opt-in research — not to infer characteristics about you and not for advertising.
- Right to opt out of profiling that produces legal or similarly significant effects (we do not conduct such profiling).
- Right to appeal a denied request, where your state provides it.
Because your health information is treated as sensitive, we generally rely on your consent (given when you choose to provide it) and use it only for the purposes in this Policy. You may withdraw that consent as described in Section 12.
11.2 How to exercise your rights
Submit a request by:
- Using the privacy controls in the app (Settings → Privacy / Data), where you can export and delete your data; or
- Emailing privacy@immunomy.com with the subject "Privacy Request."
We will verify your request (typically by confirming control of your account email) and respond within the timeframe required by applicable law. You may use an authorized agent to submit a request on your behalf with proper authorization and verification.
11.3 California residents (CCPA/CPRA)
If you are a California resident, you have the rights above, including the rights to know, delete, correct, opt out of sale/sharing, and limit the use of sensitive personal information.
- Categories collected, at a high level: identifiers (name, email); commercial information (subscription/transaction records); internet/network activity (usage, device, approximate location); audio (voice inputs, where you provide them); sensitive personal information (health information you provide and health-related data from wearables); and inferences drawn to personalize the Service.
- Purposes: as described in Section 5.
- Sold: we do not sell personal information.
- Shared for cross-context behavioral advertising: limited non-health identifiers and online activity, via the website tools in Section 10. You can opt out.
- Sensitive personal information: used only to provide the Service and for opt-in research; not used to infer characteristics or for advertising.
- "Do Not Sell or Share My Personal Information" and "Limit the Use of My Sensitive Personal Information": the “Do Not Sell or Share My Personal Information” link in the footer of hashimotto.app, or email privacy@immunomy.com with the subject “Do Not Sell or Share”. We also honor the Global Privacy Control signal.
- Retention: see Section 13.
- Shine the Light: we do not disclose personal information to third parties for their own direct marketing.
11.4 Other states
Residents of states with comprehensive privacy laws (including, as applicable, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others) have the rights described in Section 11.1. For these states, we treat health information as sensitive data requiring consent, which you provide by choosing to use the health features of the Service, and you may withdraw consent as described in Section 12. To exercise your rights or appeal a decision, contact privacy@immunomy.com.
12. Consumer Health Data — Washington & Nevada
This Section is intended to serve as a consumer health data privacy notice under the Washington My Health My Data Act ("MHMDA") and Nevada's health-data law (SB 370). It should also be surfaced as a separately linked page.
If you are a Washington or Nevada resident (or your health data is collected there), this Section applies to your consumer health data — information that is linked or reasonably linkable to you and that identifies your past, present, or future physical or mental health status (for example, your thyroid condition, symptoms, lab values, medications, and health metrics you provide).
- What we collect and why: the consumer health data described in Section 3, collected to provide, personalize, secure, and support the Service, and — with separate opt-in — for de-identified research (Section 8). We collect it based on your consent (given when you choose to provide it) or as necessary to provide a product you requested.
- Who we share it with: we share consumer health data only with service providers/processors that help us operate the Service under contract (Section 9), and with OpenLoop when you choose telehealth (Section 6). We do not sell consumer health data, and we do not share it with advertisers.
- Sources: you; and, with your authorization, connected wearables/health platforms (Section 3.3).
- Your rights: to confirm whether we collect, share, or sell your consumer health data and to access it; to withdraw consent to our collection and sharing; and to delete your consumer health data. To exercise these rights, use the in-app controls or email privacy@immunomy.com. We will not discriminate against you for exercising these rights, and you may appeal a denial.
- No sale without authorization: we do not sell consumer health data. We will not do so without the valid authorization the law requires.
- No health-location geofencing: we do not use geofencing to track you around, or send you advertising based on your proximity to, any health-care facility.
13. Data retention
We keep personal information for as long as needed for the purposes in this Policy, then delete or de-identify it. General defaults (which we may adjust and which are subject to legal exceptions):
- Active accounts: we retain your information while your account is active so the Service works and your history is available to you.
- After deletion: when you delete your account or specific data, we delete or de-identify it from our active systems within a reasonable period (target: 30 days), and remove it from routine backups on our normal backup rotation (typically within 90 days).
- Exceptions: we may retain certain information longer where required to comply with law, resolve disputes, enforce our agreements, prevent fraud/abuse, or maintain financial and tax records (typically up to 7 years for such records). De-identified data may be retained without the limits above.
- Telehealth records created through OpenLoop are retained by OpenLoop/providers under their own obligations.
14. How we protect information
We use reasonable administrative, technical, and physical safeguards designed to protect personal information, including:
- Encryption in transit (TLS) and encryption at rest (AES-256);
- Access controls on a least-privilege basis, with multi-factor authentication for administrative access;
- Network isolation and secured cloud infrastructure (AWS), with a Business Associate Addendum in place with AWS;
- Logging and monitoring, vulnerability management, and routine patching;
- Vendor due diligence and contractual data-protection terms with service providers;
- Staff confidentiality obligations and access limited to those who need it; and
- An incident-response process for suspected security events.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If we become aware of a breach affecting your information, we will notify you and authorities as required by applicable law (including the FTC Health Breach Notification Rule and applicable state breach-notification laws).
15. Where your information is processed
The Service is offered to users in the United States, and we store and process information on infrastructure located in the United States (AWS us-east-1). If we later serve users outside the U.S., we will update this Policy and adopt any additional protections required.
16. Third-party services and links
The Service integrates with, or links to, third-party services — including wearables and health platforms you connect, OpenLoop (telehealth), Stripe (payments), and affiliate offers and other links. When you follow an affiliate link, we do not share your personal information with the merchant; we may pass a non-identifying tracking parameter so the merchant can attribute a referral, and any information you then provide to that merchant is governed by their privacy policy. We are not responsible for the privacy practices of third parties; please review their policies.
17. Children
The Service is for adults 18 and older. We do not knowingly collect information from children. See Section 2.
18. Changes to this Policy
We may update this Policy from time to time. If we make material changes, we will notify you by reasonable means (such as in-app notice or email) and update the "Last updated" date above. Your continued use of the Service after an update means you acknowledge the revised Policy. Where required, we will obtain your consent to material changes affecting your health information.
19. Contact us
Immunomy, Inc. 2810 N Church St STE 89648, Wilmington, DE 19802, USA Privacy: privacy@immunomy.com (or privacy@hashimotto.app) Legal: legal@immunomy.com (or legal@hashimotto.app)
If you have a concern we haven't resolved, you may also have the right to contact your state attorney general.