Last Updated March 2026
myStoria is committed to protecting your privacy and securing your personal information. This Privacy Policy describes how myStoria Inc. (“myStoria,” “we,” “our”) collects, uses, discloses, and protects your information when you use our Services through the myStoria Platform. This Privacy Policy is part of our Terms of Service.
This Privacy Policy applies to your use of myStoria across all platforms, including our website and our mobile applications available on the Apple App Store and Google Play Store.
Information We Collect
Your Account Information
When you create an account, we collect your identification and contact information, such as first name, last name, telephone number, mailing address, and email address, as well as payment information processed through Apple App Store, Google Play Store, or our payment partners. We use this information to provide Services to you, communicate with you, and process payments.
Your Health Information
We collect personal health information, including reproductive health information, medical diagnoses, lab testing results, symptoms, medication history, appointments, and other information you choose to upload or enter into the myStoria Platform. This includes information you share through our AI-powered chat interface, voice notes, and documents you upload. Additionally, should you authorize us, we assist you in obtaining your relevant medical records from your care providers.
Third-Party Information
The myStoria Platform may be used to capture information about individuals who form part of your health journey, such as your partner, surrogates, donors, or children. By inputting information about other individuals, you represent and warrant that you have their consent or legal authority to do so. If you add information about minors, you represent that you are their parent or legal guardian. You are solely responsible for any third-party information you add to your account.
Usage and Device Information
We collect information about how you use the myStoria Platform, including usage events, device information, and session data, to improve our Services and ensure platform performance. This data is collected through our analytics provider and is described further in the Cookies and Tracking section below.
How We Use Artificial Intelligence
Artificial intelligence is an integral part of the myStoria experience. We use AI to power our chat interface, analyze your uploaded health records, generate personalized insights and summaries, and support our Concierge Team.
AI Providers.
Our user-facing AI features are powered by Google (Gemini). When you interact with AI features, your relevant data is sent to Google via secure API connections for processing. Google is bound by a data processing agreement that prohibits them from using your data for their own purposes.
What AI Processes.
AI may process your uploaded health records, text and voice chat messages, profile data, and other information you provide through the platform. AI processing is used to generate conversational responses, health record summaries, personalized insights, and other features described in our Terms of Service.
How Your Data Is Used by AI.
Your personal health data is stored securely in your own account. It is not shared with other myStoria users. When you use AI features, we combine our curated health knowledge base with your individual information to generate personalized responses. Our service providers are bound by data processing agreements and are contractually prohibited from using your data for their own purposes. Our analytics provider may process usage data that includes your interactions with AI features, such as query patterns and response metadata, for platform performance and improvement purposes.
Automated Decision-Making.
AI-generated content is informational and organizational in nature. myStoria does not use AI to make automated decisions that produce legal effects or similarly significant effects on you. AI insights are intended to support your understanding of your health information, not to replace professional medical judgment.
Right to Human Review.
You have the right to request human review of any AI-generated analysis, insight, or recommendation. To request human review, contact our Concierge Team through the app or email concierge@mystoria.com.
How We Use Your Information
All information collected within the myStoria Platform is considered your “Client Data.” We use your Client Data for the following purposes:
• Service delivery: Delivering all features and functionality of the myStoria Platform, including, but not limited to, AI-powered chat, health record analysis, and Concierge Services.
• Service improvement: Keeping the platform technically optimized, enhancing Services, and meeting quality, reliability, privacy, security, and accessibility needs.
• Payment processing: Processing payments for Services through Apple App Store, Google Play Store, and our payment partners.
• Communication: Informing you about Services, features, and information relevant to your account.
Who We Share Your Information With
We minimize the sharing of your information and only share it where necessary for delivering our Services. We do not sell your personal information. We do not share your health data for advertising purposes.
Service Providers
We engage third-party providers to support our Services. Each provider is bound by a data processing agreement that restricts how they may use your data. Our current service providers include:
None of our service providers are permitted to use your data for their own purposes, including training AI models.
Other Disclosures
We may disclose personal information to authorized law enforcement, regulators, courts, or other public authorities in response to lawful requests or to protect our rights and individual safety. We may also disclose personal information as permitted by law for strategic business transactions or in the case of a corporate acquisition or merger.
Concierge Team & Your Privacy
Your Concierge Team member supports you on your health journey. They are bound by strict confidentiality obligations and only access your myStoria profile on a need-to-know basis, such as when you request their assistance, book a live consult, request medical records, or for internal quality assurance. Concierge Team members do not have routine access to your AI chat history or personal health data unless you specifically request their involvement.
Health-related Concierge communications take place within the myStoria Platform. We may occasionally use email for technical support and troubleshooting, but will not transmit your health information via unencrypted email. Concierge messages and recap notes are visible in your account. Summaries of live video Concierge consults are provided for your reference, though full transcripts of video sessions may not be stored in your profile.If you request assistance from our Concierge Team to obtain your medical records from healthcare providers, we will obtain your express authorization before doing so.
Data Storage & Security
Where Your Data Is Stored.
Your data is currently stored on secure servers in Canada and the United States. We will notify you of any material changes to where your data is stored. If you are located in Canada, you acknowledge that your information is transferred to and stored in the United States, which has different privacy laws than Canadian jurisdictions.
How We Protect Your Data.
myStoria uses industry-standard technical and organizational security measures to protect your information, including encryption at rest and in transit, multi-factor authentication for administrative access and role-based access controls. Data collected via the mobile app is subject to the same encryption, retention, and access controls as data submitted through our website.
International & Cross-Border Transfers
Your data is stored and may be accessed from the United States and Canada. If you are located in Canada, including Quebec, your information is subject to the laws of the United States, which may differ from Canadian privacy laws. By using myStoria, you consent to the transfer of your information to the United States for the purposes described in this Privacy Policy. We take reasonable steps to ensure your information is protected in accordance with applicable Canadian privacy legislation, regardless of where it is stored.
Data Retention & Deletion
Active Accounts. We retain your information for as long as your account is active and as necessary to provide you with our Services.
Account Deletion. You may delete your account and all associated data by contacting our Concierge Team at concierge@mystoria.com or https://www.mystoria.com/data-deletion-requests any time to request your data be deleted. Within 7 days it will no longer be visible within the app. Following this, data is removed from our production system within 30 days and backup copies are purged 7 days after that. Deleted data will not be restored or accessed except as required by law.
Deletion Records. When you request account deletion, we retain a minimal record confirming your request was received and processed. This record does not contain your health data or personally identifying information. It is retained for up to 12 months and then automatically deleted.
Service Improvement. We may use your data to evaluate and improve service quality, including reviewing the accuracy of AI-generated insights and the underlying health records, improving our health knowledge base, and enhancing the overall myStoria experience. This is part of our commitment to delivering and improving the Services you signed up for.
Children’s Data
myStoria is intended for users 18 years or older. We do not knowingly collect personal information directly from individuals under 18.
We recognize that parents and legal guardians may add health information about their minor children to their myStoria account as part of their family’s health journey. When you add information about a minor, you represent that you are their parent or legal guardian and have the legal authority to manage their health information. This information is treated with the same security protections as all other health data on the platform.
Your Privacy Rights
Subject to applicable law, you have the following rights regarding your information:
• Access: You can view all information you have entered into myStoria directly within the app, including text chats, voice notes, AI responses and summaries, and uploaded documents.
• Correction: You may update or correct your information at any time through the platform or by contacting our Concierge Team.
• Deletion: You may request deletion of your account and data as described in the Data Retention & Deletion section above.
• Portability: We are developing the ability for you to download your data. In the meantime, you can view all information directly in the app.
• Object to marketing: You may change your marketing and email preferences at any time.
• Do Not Sell: myStoria does not sell your personal information. To exercise your rights under applicable “Do Not Sell” laws, contact privacy@mystoria.com.
We will acknowledge your request within 10 business days and complete it within 30 days. You have the right to file a complaint about how we handle your information with the applicable privacy authority in your jurisdiction.
Do Not Sell or Share
myStoria does not sell your personal information. We do not share your personal information for cross-context behavioral advertising. If you have questions about your rights under applicable state laws (including the California Consumer Privacy Act), contact us at privacy@mystoria.com.
Breach Notification
We take the security of your data seriously. In the unlikely event of a data breach affecting your personal information, we will notify affected users promptly, and no later than 30 days after confirming the breach. We will also notify applicable regulators within the timeframes required by law, including Quebec’s Commission d’accès à l’information (CAI) within 72 hours where required.
Cookies and Tracking Technologies
myStoria uses cookies and similar tracking technologies on our website and mobile application. These technologies fall into the following categories:
• Essential: Required for platform functionality, authentication, and security. These cannot be disabled.
• Analytics: We use PostHog to understand how users interact with the platform, track usage patterns, and improve our Services. PostHog collects usage events, device information, user identifiers, and health-context behavioral data. PostHog is bound by a data processing agreement and is contractually prohibited from using your data for its own purposes.
• Functional: Support features such as remembering your preferences and login sessions.
We do not use tracking technologies for advertising purposes. You may manage cookie preferences through your browser or device settings.
Camera & Device Permissions
Our app may request access to your device’s camera, microphone, or photo library to enable features such as uploading medical documents, recording voice notes, or capturing images for your myStoria account. All permissions are optional and can be revoked via your device settings at any time. myStoria is not a medical device and does not offer clinical or diagnostic services.
Third-Party Sites and Links
The myStoria Platform may contain links to other websites, including the myStoria Community on Circle, that are not under our control. We assume no responsibility for those links or the privacy practices of external websites.
Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes to how we handle your information. We will notify you of material changes through the myStoria Platform or by email. Your continued use of our Services after notification constitutes acceptance of the updated Privacy Policy.
Contact Us
If you have any questions or concerns about our privacy practices or this policy, contact us at:
Privacy Officer
Holly Tiessen, Co-Founder
privacy@mystoria.com
myStoria Inc., 809 Wellington St N, Unit 2, Kitchener ON, N2H 5L6
For general support: concierge@mystoria.com
.svg){kind=logo}
