Lighthouse (“we,” “us,” or “our”) is committed to protecting user privacy, ensuring compliance with applicable health data privacy laws and regulations, and maintaining the highest security standards. While Lighthouse does not collect, process, or analyze health-related data as part of its platform, we acknowledge that users may voluntarily share such information through their interactions, including messages, posts, and profile
details.

This Health Data Compliance Policy outlines our approach to handling user-generated content that may contain health-related information, our commitment to data security, and our adherence to global privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). It also details the measures we take to prevent the unintentional collection of sensitive data and how users can
control their privacy settings.

By using Lighthouse, users acknowledge and agree to the terms outlined in this policy.

Lighthouse does not require or intentionally collect any personal health data from users.

Specifically:

• We do not request or process data related to mental health, emotional well-being, medical conditions, physical disabilities, treatments, genetic information, or biometric data as part of the user profile, account setup, or platform services.
• Lighthouse’s AI-driven matchmaking and recommendation system does not analyze user interactions for health-related insights, behavioral profiling, or medical status assessment.
• Users may, however, voluntarily share personal health-related experiences, such as discussions on mental wellness, fitness routines, dietary habits, or medical history, in private messages, posts, or profile prompts.
• Lighthouse does not classify or use such information for targeted advertising, profiling, commercial exploitation, or data monetization.
• If users suspect that any health-related data is being stored unintentionally, they have the right to request its removal.

Lighthouse provides multiple privacy safeguards, but users must exercise caution when sharing sensitive personal information.

• Users are strongly discouraged from sharing personal health data in public posts, profile descriptions, or within prompts visible to others.
• If a user voluntarily discloses health-related information in personal communications, it is their responsibility to ensure they are comfortable with the level of exposure.
• Lighthouse provides privacy settings that allow users to control data visibility, restrict access to sensitive content, and limit exposure.
• Lighthouse’s AI moderation system may identify and flag content containing sensitive health-related data for user review, providing options to adjust content privacy settings or remove such data.
• Lighthouse does not verify, authenticate, or validate any user-generated health-related claims or statements. Users should be aware that no health-related advice, recommendations, or claims made on the platform are endorsed by Lighthouse.

Lighthouse follows global data protection regulations to ensure compliance with health-related privacy standards, proactively safeguarding user information.

4.1 GDPR Compliance

• Under Article 9 of the GDPR, health data is classified as special category data, which requires explicit user consent for processing.
• Since Lighthouse does not request or process health data, explicit consent is not required for platform usage.
• Users in the EU have the right to access, rectify, restrict, or erase any personal information they voluntarily shared, ensuring they maintain full control over their data.
• If regulatory changes impact how health-related data is handled, Lighthouse will update this policy and notify users accordingly, providing clear instructions on any new rights or obligations.

4.2 CCPA Compliance (For California Users)

• Under CCPA, “consumer health data” is subject to enhanced protections.
• Lighthouse does not sell, share, or disclose any user-generated health-related data to third-party entities, advertisers, affiliates, or research organizations.
• California users have the right to:
  • Request access to any personal data they have provided, including health-related data.
  • Request deletion of voluntarily shared health-related information and restrict its processing.
  • Opt-out of data collection practices beyond essential platform functionalities.
  • Request information on how their data is processed, stored, and secured.

To protect user-generated content that may include health-related information, Lighthouse implements industry-leading security measures, including:

• End-to-end encryption to prevent unauthorized interception or access to user data.
• Secure cloud storage utilizing secure encryption and multi-layer security protocols.
• Access control measures, including two-factor authentication (2FA) and session monitoring to prevent unauthorized access.
• Automated and manual content moderation systems to detect, review, and mitigate risks associated with sensitive data sharing.
• User-controlled privacy options, allowing individuals to edit, delete, or restrict any content they have shared on Lighthouse.
• Right to Erasure: Users can request complete account deletion if they believe personal data has been inadvertently shared, ensuring full removal of any stored information.
• Regular security audits and compliance checks to ensure continuous data protection.

Lighthouse does not currently process health-related data; however, we recognize that future platform developments may require additional compliance safeguards.

If Lighthouse:

• Introduces health and wellness-related features, such as community discussion forums, wellness tracking, or mental health support groups, additional compliance measures will be implemented.
• Develops AI-driven sentiment analysis, behavioral wellness insights, or personalized well-being recommendations, an explicit opt-in consent mechanism will be introduced, giving users complete control over data sharing.
• Expands into regions with stricter health data regulations, Lighthouse will ensure full compliance with all applicable laws before launching relevant features.

All future changes to health data policies will be clearly communicated to users, with explicit opt-in choices where required.

Users who have concerns about health-related data privacy, regulatory compliance, or security measures can contact the Lighthouse team at:

Address:

My Lighthouse LLC

10 N Peoria, 302

Chicago, IL 60607

Email: support@hellolighthouse.com

Lighthouse remains committed to user transparency, data privacy, and regulatory compliance while fostering a safe and secure environment for all users.