Privacy Policy

Last updated: January 2025

1. Introduction

VitalStack ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web services.

2. Information We Collect

Personal Information

  • Name and email address
  • Date of birth and gender
  • Physical measurements (height, weight, body composition)
  • Health and fitness data (vitals, lab results)
  • Workout and nutrition logs
  • Supplement and medication information

Usage Data

  • App usage patterns and preferences
  • Device information and identifiers
  • IP address and browser type

3. How We Use Your Information

  • Provide personalized AI coaching and recommendations
  • Track and analyze your fitness progress
  • Send notifications and reminders
  • Improve our services and user experience
  • Process payments and manage subscriptions
  • Communicate with you about updates and features

4. Data Security

We implement industry-standard security measures to protect your data, including:

  • End-to-end encryption for data transmission (TLS 1.3)
  • Encrypted data storage (AES-256)
  • Regular security audits and updates
  • Secure authentication mechanisms

5. Your Rights (GDPR)

If you are in the European Economic Area (EEA), you have the following rights under GDPR:

  • Access: Request a copy of your personal data
  • Correction: Request corrections to inaccurate data
  • Deletion: Request deletion of your personal data
  • Portability: Request your data in a portable format
  • Opt-out: Unsubscribe from marketing communications

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data at any time through the app settings or by contacting us.

7. Third-Party Services

We use the following third-party services:

  • Stripe: Payment processing
  • OpenRouter: AI services
  • Analytics: Usage analytics (anonymized)

Each third-party service has its own privacy policy governing the use of your information.

8. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

[email protected]

GDPR Compliance (EU Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR. We process your data based on legitimate interest and consent. You may withdraw consent at any time and lodge complaints with your local data protection authority.