Privacy Policy

1. Information We Collect

When you create an account or use SuppVis, we may collect the following categories of information:

• Account information: name and email address provided during signup or waitlist registration
• Health profile data: date of birth, height, weight, and health goals you enter into the platform
• Supplement and medication data: your current supplement stack and any medications you disclose
• Daily check-in responses: symptom logs, energy ratings, sleep quality, and other self-reported health tracking data you submit over time
• Usage data: pages visited, features used, and interaction patterns within the SuppVis platform, collected automatically via standard web analytics

We do not collect payment information directly. Any purchases made through Amazon product links are processed entirely by Amazon under their own privacy policy.

2. How We Use Your Data

We use the information you provide for the following purposes:

• To generate personalized AI supplement recommendations based on your health profile, goals, and check-in history
• To calculate and display personalized goal progress scores and health insights
• To send you platform updates, product recommendations, and relevant health content (you may opt out at any time)
• To improve the accuracy and quality of our AI models and recommendation engine
• To comply with legal obligations and protect against misuse of the platform

We do not use your health data for advertising purposes and we do not build advertising profiles from your personal information.

3. Third Parties We Work With

SuppVis works with a limited set of trusted third-party service providers to operate the platform. We share only the data necessary for each service to function:

• Amazon Web Services (AWS): Provides the cloud infrastructure where SuppVis stores and processes user data. Data is stored in encrypted form in AWS-managed data centers.
• Anthropic: Powers our core AI analysis engine. Portions of your health profile and supplement data may be sent to Anthropic's Claude API to generate personalized recommendations. Anthropic does not retain API inputs for model training by default.
• OpenAI: Used for supplemental AI search and research synthesis features. Input data sent to OpenAI is subject to their data usage policies for API customers.
• Amazon Associates Program: SuppVis participates in Amazon's affiliate program. We do not share your personal data with Amazon in connection with this program; however, if you click an affiliate link and make a purchase, Amazon's own privacy policy governs that interaction.

We do not sell, rent, or trade your personal information to any third party for their own marketing or commercial purposes.

4. Data Retention

We retain your account and health data for as long as your account remains active or as needed to provide you with our services. If you request deletion of your account, we will permanently delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention.

Anonymized or aggregated data that cannot be linked back to you may be retained indefinitely for research and product improvement purposes.

5. Your Rights and Choices

Depending on your location, you may have the following rights with respect to your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request that we delete your account and associated personal data
• Portability: Request an export of your data in a machine-readable format
• Opt-out of communications: Unsubscribe from marketing emails at any time using the link in any email we send

To exercise any of these rights, contact us at hello@suppvis.health. We will respond to verified requests within 30 days.

6. Data Security

We implement industry-standard technical and organizational security measures to protect your data against unauthorized access, loss, or misuse. This includes encryption of data in transit (TLS) and at rest, access controls limiting which personnel can view sensitive health data, and regular security reviews of our infrastructure.

No system is completely immune to security risks. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.

7. Children's Privacy

SuppVis is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected data from a minor, please contact us at hello@suppvis.health and we will promptly delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will notify registered users by email or by displaying a notice within the platform. The effective date at the top of this page reflects the date of the most recent revision. Continued use of SuppVis after changes are posted constitutes your acceptance of the updated policy.