Privacy Policy

1. Information We Collect

We collect information you provide directly when creating an account (email address, password), using our services (protocol inputs such as age, gender, goals, experience level), and making payments (transaction data processed by third-party payment providers).

We automatically collect usage data including pages visited, features used, device and browser information, and IP address for analytics and security purposes.

2. How We Use Your Information

We use your information to provide and improve our services, generate personalized AI protocols based on your inputs, process payments, communicate with you about your account and updates, ensure platform security, and comply with legal obligations. We do not sell your personal information to third parties.

3. AI-Generated Protocol Data

Inputs you provide to our AI protocol generator (goals, age, gender, experience level, optional health data) are used solely to generate your requested protocol. This data is processed by our AI provider (Anthropic) and is subject to their data processing terms. We store your protocol history to provide access to past results. You may request deletion of your protocol history at any time.

4. Data Storage & Security

Your data is stored securely using Supabase infrastructure with encryption at rest and in transit. We implement industry-standard security measures including row-level security policies, encrypted connections, and secure authentication flows. However, no method of transmission over the Internet is 100% secure.

5. Third-Party Services

We use the following third-party services: Supabase (database and authentication), Anthropic (AI protocol generation), Coinbase Commerce / payment processors (payment processing), and Vercel (hosting). Each of these services has their own privacy policies governing the data they process.

6. Your Rights

You have the right to access your personal data, correct inaccurate data, request deletion of your data, export your data in a portable format, and withdraw consent for data processing. To exercise any of these rights, contact us at [email protected].

7. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies. Analytics cookies may be used to understand platform usage patterns and are anonymized.

8. Data Retention

We retain your account data for as long as your account is active. Protocol history is retained until you request deletion. Payment records are retained as required by applicable tax and financial regulations. Upon account deletion, personal data is removed within 30 days, except where retention is legally required.

9. Contact

For questions about this Privacy Policy or your personal data, contact us at [email protected].