top of page

Privacy Policy

MinaRosa ("we," "our," or "us") operates a healthcare and wellness web platform, research program, and e-commerce store (collectively, the "Service" or "Platform") accessible at [www.minarosa.com] and [store.minarosa.com]. We are committed to protecting your privacy and handling your personal information, including sensitive health and research data, with the utmost care and in compliance with applicable privacy laws.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Platform, participate in our research programs, complete forms and assessments, subscribe to our newsletter, make purchases, or otherwise interact with our services. Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

For questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@minarosa.com or by mail at: MinaRosa, 2050 15th Street,  Detroit Michigan 48216

1. Definitions

"Platform" or "Service" refers to the MinaRosa website, research program portal, e-commerce store, and all associated web-based services, tools, and features.

"User," "you," or "your" refers to individuals who access or use the Platform, including website visitors, newsletter subscribers, research participants, pilot program participants, and customers.

"Personal Information" means any information that identifies or can be used to identify you as an individual.

"Protected Health Information" or "PHI" means individually identifiable health information protected under applicable healthcare privacy laws, including HIPAA where applicable.

"Research Data" means information collected from participants in our research studies, pilot programs, and wellness assessments, which may include health information, survey responses, and other study-related data.

2. Information We Collect

We collect several types of information from and about Users of our Platform, depending on how you interact with our services:

2.1 Personal Information You Provide Directly

When you register for an account, subscribe to our newsletter, complete forms or quizzes, contact us, participate in our programs, or make purchases, we may collect:

  • Name and contact information (email address, phone number, mailing address)

  • Account credentials (username and password)

  • Demographic information (age, date of birth, gender, location)

  • Billing and shipping addresses

  • Payment information (credit card numbers, billing information) or payment processor details

  • Purchase history and preferences

  • Communications you send to us (contact form messages, support requests, feedback)

2.2 Health and Wellness Information

IMPORTANT: We collect sensitive health and wellness data that you voluntarily provide through various features of our Platform, which may include:

  • Medical history, health conditions, and diagnoses

  • Symptoms and health-related concerns

  • Treatment information and outcomes

  • Medications, supplements, and therapies

  • Physical measurements, vital signs, and biometric data

  • Mental health and wellness information

  • Lifestyle information (diet, exercise, sleep patterns, stress levels)

  • Quiz and assessment responses

  • Any other health-related information you choose to share through our Platform, forms, or communications.

2.3 Research and Study Data

If you participate in our research studies, pilot programs, or wellness initiatives, we collect:

  • Study enrollment information and eligibility criteria responses

  • Research questionnaire and survey responses

  • Health outcomes and progress data throughout the study period

  • Participant feedback and qualitative data

  • Consent forms and study agreements

  • Any other data specified in the study protocol or informed consent document

Note: Research participants will receive separate informed consent documents that provide detailed information about data collection, use, and protection specific to each study. The informed consent document will supplement this Privacy Policy for research activities.

2.4 E-commerce and Transaction Information

When you make purchases through our e-commerce store, we collect:

  • Order details (products purchased, quantities, prices)

  • Shipping and delivery information

  • Payment information (either directly or through third-party payment processors like Stripe, PayPal, or similar services)

  • Purchase history and order status

  • Product reviews and ratings (if you choose to provide them)

Payment Processing: If we use third-party payment processors, your payment information is collected and processed by these providers according to their privacy policies and security standards (such as PCI DSS compliance). We may receive limited payment information such as the last four digits of your card and transaction confirmation details.

2.5 Newsletter and Communication Preferences

When you subscribe to our newsletter or opt into communications, we collect:

  • Email address and name

  • Communication preferences and interests

  • Engagement data (email opens, clicks, unsubscribes)

2.6 Automatically Collected Information

When you access our Platform, we automatically collect certain technical information:

  • IP address and general location information

  • Browser type and version

  • Device information and operating system

  • Pages visited, features used, and navigation patterns

  • Time and date of access

  • Referring website or source

  • Cookies and similar tracking technologies (see Section 9)

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Provision and Account Management

  • To provide, maintain, and improve our healthcare and wellness services

  • To create and manage your account

  • To personalize your experience and deliver relevant content

  • To respond to your inquiries, requests, and provide customer support

3.2 Research and Study Activities

  • To conduct research studies and analyze health and wellness outcomes

  • To evaluate pilot program effectiveness

  • To generate insights and advance understanding of health conditions and interventions

  • To publish research findings (using de-identified or aggregated data only)

  • To comply with research ethics requirements and regulatory obligations

3.3 E-commerce and Transactions

  • To process orders and transactions

  • To fulfill and deliver your purchases

  • To send order confirmations, shipping updates, and transaction-related communications

  • To manage returns, refunds, and customer service issues

  • To prevent fraud and ensure payment security

3.4 Communications

  • To send newsletters, educational content, and wellness tips (with your consent)

  • To communicate about our services, updates, and new features

  • To send promotional offers and marketing messages (you may opt out at any time)

  • To send administrative notices, service announcements, and policy updates

3.5 Analytics and Improvement

  • To analyze usage patterns and improve Platform functionality

  • To conduct internal research and analytics

  • To understand user needs and preferences

  • To develop new products, services, and features

3.6 Legal and Security

  • To detect, prevent, and address technical issues or security threats

  • To comply with legal obligations and protect our rights

  • To enforce our Terms of Service and other agreements

  • To protect the safety and security of our users and the public

4. Legal Basis for Processing (GDPR Compliance)

For users in the European Economic Area (EEA), United Kingdom, or other jurisdictions with similar privacy laws, we process your personal information based on the following legal grounds:

  • Consent: You have given explicit consent for processing your health information, research data, and other personal data for specified purposes. You may withdraw consent at any time.

  • Contract Performance: Processing is necessary to provide services you have requested, fulfill purchases, or participate in research programs.

  • Legal Obligation: Processing is required to comply with applicable laws, regulations, and research ethics requirements.

  • Legitimate Interests: Processing is necessary for our legitimate business interests (such as improving our services, fraud prevention, and internal analytics), provided these interests do not override your fundamental rights and freedoms.

5. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

 

5.1 Service Providers and Business Partners

We may share information with trusted third-party service providers who assist us in operating our Platform, conducting our business, or providing services to you. These providers are contractually obligated to maintain the confidentiality and security of your information and may only use it for the purposes we specify. Examples include:

  • Web hosting and cloud storage providers

  • Payment processors (e.g., Stripe, PayPal, or other payment gateways)

  • E-commerce platform providers and shipping carriers

  • Email service providers and marketing platforms

  • Analytics and data analysis services

  • Customer support platforms

  • Research and data management platforms

5.2 Research Collaborators and Institutions

For research purposes, we may share de-identified or aggregated research data with:

  • Academic institutions and research organizations

  • Healthcare providers and medical professionals (with your explicit consent for identifiable data)

  • Research collaborators and co-investigators

  • Institutional Review Boards (IRBs) or ethics committees for study oversight

Important: Any sharing of identifiable research data requires your explicit informed consent as outlined in the study protocol. De-identified data may be shared for legitimate research purposes without identifying you personally.

5.3 Healthcare Providers (With Your Consent)

With your explicit consent, we may share your health information with healthcare providers, specialists, or other professionals involved in your care coordination or treatment.

5.4 Legal Requirements and Protection of Rights

We may disclose your information if required by law or in response to valid legal requests, including to:

  • Comply with legal obligations, court orders, subpoenas, or government requests

  • Protect our rights, property, or safety, or that of our users or the public

  • Detect, prevent, or address fraud, security breaches, or technical issues

  • Investigate violations of our Terms of Service or applicable laws

  • Respond to claims that content violates the rights of third parties

5.5 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the successor entity, subject to the same privacy protections outlined in this policy. We will notify you of any such transfer and any choices you may have regarding your information.

5.6 Aggregated or De-Identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, analytics, public health purposes, or business purposes. This includes anonymized research findings, statistical reports, and trend analyses.

6. Data Security

We implement industry-standard security measures to protect your personal information, particularly sensitive health and research data. Our security practices include:

  • Encryption of data in transit (TLS/SSL) and at rest

  • Secure server infrastructure with regular security updates and patches

  • Access controls and authentication mechanisms limiting data access to authorized personnel only

  • Regular security audits and vulnerability assessments

  • Secure payment processing (PCI DSS compliance when applicable)

  • Employee training on data privacy and security best practices

  • Incident response procedures and data breach protocols

While we strive to protect your information using commercially reasonable security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we will notify you of any data breaches as required by applicable law and take appropriate remedial action.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Retention periods vary based on the type of information:

  • Account Information: Retained for as long as your account is active, plus any required retention period after account closure.

  • Research Data: Retained for the duration of the study plus any required retention period under research ethics requirements, regulatory obligations, or institutional policies (typically 5-7 years or longer).

  • Health Information: Retained as required by applicable healthcare regulations (e.g., HIPAA retention requirements).

  • Transaction Records: Retained for accounting, tax, and legal compliance purposes (typically 7 years).

  • Marketing Communications: Retained until you unsubscribe or request deletion.

When you close your account or request deletion, we will delete or anonymize your information unless we are legally required to retain it. Some information may be retained in de-identified form for research or analytical purposes.

8. Your Rights and Choices

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.

  • Correction: Request correction of inaccurate or incomplete information.

  • Deletion: Request deletion of your personal information, subject to legal retention requirements and ongoing research obligations.

  • Data Portability: Request your information in a structured, commonly used, machine-readable format.

  • Objection/Restriction: Object to or request restriction of certain processing activities.

  • Withdraw Consent: Withdraw consent for processing based on consent (without affecting prior processing). Note that withdrawing consent from research may affect your continued participation.

  • Opt-Out of Communications: Unsubscribe from marketing emails using the link in our messages or by contacting us.

Research Participants: If you are enrolled in a research study, you have the right to withdraw from the study at any time. However, data collected prior to withdrawal may still be used as specified in the informed consent document and study protocol.

To exercise these rights, please contact us at privacy@minarosa.com. We will respond to your request within the timeframe required by applicable law (typically 30 days). We may need to verify your identity before processing certain requests.

9. Cookies and Tracking Technologies

Our Platform uses cookies and similar tracking technologies to enhance your experience, analyze usage, personalize content, and facilitate e-commerce transactions. Cookies are small data files stored on your device.

9.1 Types of Cookies We Use

  • Essential Cookies: Required for Platform functionality, account authentication, and shopping cart operations. These cannot be disabled.

  • Performance Cookies: Collect anonymous data about Platform usage, page load times, and errors to improve performance.

  • Functionality Cookies: Remember your preferences, settings, and previous interactions.

  • Analytics Cookies: Help us understand how visitors interact with our Platform (e.g., Google Analytics, similar services).

  • Marketing Cookies: Track your activity to deliver personalized advertisements and measure campaign effectiveness.

You can control cookies through your browser settings. Note that disabling certain cookies may affect Platform functionality, including the ability to complete purchases or access certain features. We do not currently respond to Do Not Track (DNT) signals, but you may use browser settings to manage tracking preferences.

10. Third-Party Links and Services

Our Platform may contain links to third-party websites, services, or payment processors (such as Stripe, PayPal, shipping carriers, or social media platforms). We are not responsible for the privacy practices or content of these external sites and services.

Third-party service providers have their own privacy policies governing how they collect, use, and protect your information. We encourage you to review the privacy policies of any third-party sites or services you interact with. For payment processing, your financial information is handled according to the payment processor's security standards and privacy policy.

11. Children's Privacy

Our Platform is not intended for individuals under the age of 18, and we do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected information from a child under 18, please contact us immediately at support@minarosa.com, and we will take steps to delete such information.

For research studies involving minors, we obtain appropriate parental or guardian consent as required by law and research ethics regulations before collecting any information.

12. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws than your jurisdiction.

When we transfer data internationally, we implement appropriate safeguards to ensure your information remains protected in accordance with this Privacy Policy. These safeguards may include Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other legally recognized transfer mechanisms.

13. HIPAA Compliance (U.S. Users)

To the extent that MinaRosa operates as a covered entity or business associate under the Health Insurance Portability and Accountability Act (HIPAA), we comply with HIPAA's Privacy and Security Rules for the protection of Protected Health Information (PHI).

Users have specific rights under HIPAA, including the right to access, amend, and receive an accounting of disclosures of their PHI. If HIPAA applies to your information, you may request a copy of our Notice of Privacy Practices, which provides additional details about how we use and disclose PHI in accordance with HIPAA requirements.

14. Research Ethics and Informed Consent

All research studies conducted through MinaRosa adhere to established research ethics principles and may be subject to oversight by an Institutional Review Board (IRB) or independent ethics committee.

Informed Consent: Before participating in any research study, you will receive a detailed informed consent document that explains the purpose of the research, data collection procedures, how your data will be used, potential risks and benefits, confidentiality protections, and your rights as a research participant.

Voluntary Participation: Participation in research is always voluntary. You may decline to participate or withdraw from a study at any time without penalty. However, data collected before withdrawal may still be used as specified in the informed consent.

Data Use in Research: Research data may be used for the specific study you enrolled in, related future research (with additional consent if required), and may be shared in de-identified form with research collaborators or published in scientific journals. The informed consent document will specify all planned uses of your data.

15. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know what personal information we collect, use, disclose, and sell

  • Right to delete personal information (subject to certain exceptions)

  • Right to opt-out of the sale or sharing of personal information (note: we do not sell personal information)

  • Right to correct inaccurate personal information

  • Right to limit use and disclosure of sensitive personal information

  • Right to non-discrimination for exercising your privacy rights

Categories of Personal Information: We collect identifiers, commercial information, health/medical information, internet activity, geolocation data, and other information as described in Section 2 of this policy.

To exercise these rights, contact us at privacy@minarosa.com or call [toll-free number]. We will verify your identity before processing your request. You may designate an authorized agent to make requests on your behalf.

16. Other State Privacy Rights

Residents of certain U.S. states (including Virginia, Colorado, Connecticut, Utah, and others) may have additional privacy rights under state privacy laws. If you are a resident of one of these states, please contact us at privacy@minarosa.com to learn more about your rights and how to exercise them.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, new services (such as the addition of e-commerce features), or other factors. We will post the updated policy on this page and update the "Last Updated" date at the top.

For material changes that significantly affect your rights or how we handle your information, we will provide additional notice through email notification, a prominent notice on our Platform, or other appropriate means. Your continued use of the Platform after changes become effective constitutes acceptance of the revised policy. If you do not agree to the changes, you should discontinue use of the Platform and may request deletion of your account.

18. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@minarosatech.com

Mailing Address: MinaRosa, 2050 15th Street. Detroit, Michigan 48216

19. Regulatory Complaints and Dispute Resolution

If you are located in the EEA, UK, or another jurisdiction with data protection authorities, you have the right to lodge a complaint with your local supervisory authority if you believe we have not complied with applicable data protection laws.

For U.S. users, you may file a complaint with the Federal Trade Commission (FTC) regarding our privacy practices. If HIPAA applies to your information, you may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights (OCR).

For research-related concerns, you may contact the Institutional Review Board (IRB) overseeing the study, if applicable. Contact information for the relevant IRB will be provided in the informed consent document.

By using the MinaRosa Platform, subscribing to our newsletter, participating in our research programs, or making purchases through our e-commerce store, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

Last Updated: February 7, 2026

MinaRosaShortLogo_Sept2025 (4).png

Have questions or interested in partnering with us?
We'd love to hear from you.

support@minarosatech.com

Email: 

  • Instagram

@minarosatech

  • LinkedIn

MinaRosa Technologies

FDA Disclaimer

This device has not been evaluated by the Food and Drug Administration. It is not intended to diagnose, treat, cure, or prevent any disease.

Clinical Study Disclaimer

The MinaRosa pilot study is not a clinical trial. It is a voluntary user experience and product feedback study intended to support product development. No medical claims are being made.

Privacy Policy

© 2025 MinaRosa Technologies. All rights reserved.

Send us a message

bottom of page