HOME THE PROTOCOL THE CODE
PARTNERSHIP INQUIRY

PRIVACY & DATA GOVERNANCE

Last Updated: February 21, 2026

1. Our Commitment to Data Stewardship

At Brooktree Consulting, we believe your biological data is your most valuable private asset. Unlike traditional "wellness" platforms that monetize user data for advertising, Brooktree operates under a Fiduciary Privacy Standard. We collect and manage your information solely to architect your healthspan and coordinate your care. We do not sell, rent, or trade your personal or clinical information to third parties.

2. Clinical & Protected Health Information (PHI)

In the course of your Strategic Partnership, we collect high-resolution clinical data, including but not limited to:

  • Biomarker Data: Results from blood panels, urinalysis, and genetic screenings.

  • Diagnostic Imaging: DEXA scans, 3D body scans (ZozoFit), and cardiovascular screenings.

  • Clinical History: Historical medical records, family legacy data, and medication/supplementation history.

Governance Standard: While Brooktree Consulting is a private advisory firm and not a "Covered Entity" under the Health Insurance Portability and Accountability Act (HIPAA), we voluntarily adhere to HIPAA-compliant data handling, encryption, and storage protocols to ensure your PHI remains secure.

3. The Tech Stack & Monitoring Data

To facilitate real-time operational oversight, we integrate with your personal health hardware. This includes:

  • Wearables: Apple Watch, Garmin, Whoop, and Oura.

  • Systemic Monitors: Withings (Blood Pressure, Scales), Continuous Glucose Monitors (CGM).

  • BrooktreeFit App: Habit logs, nutrition engineering data, and performance metrics.

Data from these devices is encrypted and used exclusively for your internal Strategic Reviews. We do not share this data with insurance companies, employers, or third-party marketing firms.

4. Controlled Disclosure

We only disclose your information to "Designated Partners" essential to your protocol, which may include:

  • Clinical Laboratories: (e.g., Quest Diagnostics, LabCorp) for blood analysis.

  • Imaging Centers: For DEXA and structural diagnostics.

  • Medical Specialists: If requested by you to coordinate strategy with your Primary Care Physician.

5. Data Retention & The "Right to be Forgotten"

  • Clinical Record Standard: In alignment with clinical best practices, Brooktree retains your core health records for a period of seven (7) years from the date of your last engagement to ensure continuity of care and historical context.

  • Right to Deletion: You may request the deletion of your non-clinical personal data (marketing email, contact info) at any time. However, to maintain clinical integrity, certain diagnostic records must be retained for the 7-year period as required by professional standards.

6. Global Privacy Rights (CCPA & GDPR)

Regardless of your geographic location, Brooktree extends "Gold Standard" rights to all partners:

  • Right to Access: You may request a full export of all data we have collected regarding your biology.

  • Right to Correction: You may update any biographical or historical information in your file.

  • Data Portability: We will provide your records in a format that allows you to easily share them with other medical professionals.

7. Security Infrastructure

We utilize bank-grade AES-256 encryption for data at rest and TLS for data in transit. Access to your personal folder is restricted to Kurt [Last Name] and authorized staff directly involved in your strategic management.

8. ContactĀ Us

For questions regarding your data governance or to request a record export, please contact:

Brooktree Consulting

Attn: Privacy/Compliance

Email: info@brooktree.life

Ā