Upgrade Your Oral Health - Transform Your Overall Health

Consumer Health Data Privacy Policy

Effective Date: June 1, 2026

Last Updated: June 1, 2026

Issued pursuant to: Washington My Health My Data Act (MHMDA), RCW 70.372


About This Policy

This Consumer Health Data Privacy Policy (“Policy”) is a standalone disclosure required by the Washington My Health My Data Act (MHMDA), RCW 70.372. It applies to Washington residents and to any individual whose consumer health data is collected or processed in the state of Washington, regardless of residency.

This Policy supplements but does not replace our general Privacy Policy. In the event of a conflict between this Policy and our general Privacy Policy regarding consumer health data, this Policy controls.

“Consumer health data” as used in this Policy means any personal information linked or reasonably linkable to you that identifies your past, present, or future physical or mental health status, as broadly defined under the MHMDA.

1.  Categories of Consumer Health Data We Collect

In connection with your use of Feno products and services — including the Feno Smartbrush and the Feno mobile app — we may collect the following categories of consumer health data:

  • Oral health status and salivary biomarker measurements (e.g., inflammation risk and plaque risk assessments)

  • Oral health performance data captured by the Smartbrush (e.g., brushing time, motion patterns, and session data used to assess oral health status)

  • Biometric data, including oral imagery and related identifiers generated or processed through the Feno platform

  • Health-related behavioral data (e.g., brushing frequency, duration, and compliance trends)

  • Health status information you voluntarily provide during onboarding or through the Feno platform (e.g., reported symptoms, existing conditions)

  • Data inferred or derived from the above that identifies or reasonably could be used to infer your health status

2.  Sources of Consumer Health Data

We collect consumer health data from the following sources:

  • Directly from you, through app onboarding, health questionnaires, and voluntary profile inputs through the Feno platform

  • Automatically, from your Feno Smartbrush hardware during use

  • Derived or inferred from your usage patterns within the Feno platform

3.  Purposes for Which We Collect and Use Consumer Health Data

We collect and use consumer health data for the following purposes:

  • To deliver the Feno oral health monitoring service and operate the Feno Smartbrush and app

  • To generate personalized oral health assessments, insights, and recommendations through the Feno platform

  • To improve and develop Feno products, features, and algorithms

  • To provide customer support and respond to your inquiries

  • To comply with applicable legal and regulatory obligations

  • For other purposes described at the time of collection, or for which you have provided consent

4.  Categories of Consumer Health Data We Share, and With Whom

We may share consumer health data in the following circumstances:

  • Service providers and processors: We share data with vendors and contractors who process consumer health data on our behalf and under our instructions, including cloud infrastructure providers, analytics platforms, and customer support tools. These parties are contractually prohibited from using your data for any other purpose.

  • Legal and safety purposes: We may disclose data as required by law, in response to lawful legal process, or to protect the safety and security of our platform, users, or the public.

  • Corporate transactions: In connection with a merger, acquisition, or sale of assets, consumer health data may be transferred as part of that transaction, subject to confidentiality obligations.

We do not share consumer health data for targeted advertising or cross-context behavioral advertising purposes without your valid authorization.

5.  Consent and Authorization

We operate a three-tier consent framework in compliance with MHMDA:

1.  Consent to collect: We obtain your opt-in consent before collecting consumer health data, except where collection is strictly necessary to provide the product or service you have requested from us.

2.  Consent to share: We obtain a separate and distinct consent before sharing your consumer health data with any third party that is not acting as a processor on our behalf — except where sharing is necessary to provide the service you requested or occurs in the context of a permitted corporate transaction.

3.  Authorization to sell: We do not sell consumer health data unless we have obtained a valid, signed written authorization from you meeting all requirements of MHMDA. We do not currently sell consumer health data.

6.  Your Rights

If you are a Washington resident or your consumer health data was collected in Washington, you have the following rights:

  • Right to access: Request a copy of the consumer health data we hold about you and a list of all third parties with whom we have shared or sold it.

  • Right to delete: Request deletion of your consumer health data, including directing our processors and partners to delete your data.

  • Right to withdraw consent: Withdraw your consent to our collection and/or sharing of your consumer health data at any time, and revoke any written authorization for data sales.

  • Right to appeal: If we decline to act on your request, you may appeal our decision. We will respond to appeals within 30 days.

To exercise any of these rights, please contact us using the information in Section 9. We will respond to verifiable requests within 45 days. We may extend this period by an additional 45 days where reasonably necessary, with notice to you.

7.  Geofencing

Feno does not engage in geofencing around healthcare facilities for the purpose of identifying or tracking consumers seeking health care services, collecting consumer health data, or sending targeted health-related notifications, messages, or advertisements.

8.  Data Retention and Security

We retain consumer health data for as long as necessary to fulfill the purposes described in this Policy, or as required by law. When your data is no longer needed, we securely delete or de-identify it.

We implement technical and organizational security measures appropriate to the sensitivity of consumer health data, including encryption in transit and at rest, access controls, and regular security assessments.

In the event of a data security incident affecting your consumer health data, we will notify you in accordance with applicable law.

9.  How to Contact Us

To submit a privacy request or exercise your rights under this Policy, please contact:

Feno Labs, Inc.

Email: support@feno.co

Please include your full name, the email address associated with your Feno account, and a description of your request.

10.  Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will notify you by email or through a prominent notice in the Feno app prior to the changes taking effect. The date at the top of this Policy reflects when it was last updated.

This Policy applies solely to consumer health data as defined under the Washington My Health My Data Act. For our general data practices, please see our Privacy Policy.