Privacy Policy

Last updated: April 15, 2026

1. Introduction

Smart Peptide Tracker ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

Smart Peptide Tracker is operated as a sole proprietorship based in Texas, United States. For data protection purposes, we are the data controller of your personal information.

2. Information We Collect

Account Information

  • Email address
  • Display name (if provided)
  • Authentication provider information (Google, Apple, or email/password)

User-Generated Content

  • Peptide inventory and supply information
  • Research protocols and schedules
  • Dose log entries and tracking data
  • Progress measurements (weight, body measurements, mood, energy, notes)
  • Progress photos (compressed and stored within your encrypted account data)
  • Custom peptide information, overrides, and custom half-life values
  • Appointments (doctor visits, lab work, specialty appointments with dates, locations, and notes)
  • Supplier information (names, websites, ratings, and notes)
  • Lab/biomarker results (marker values, reference ranges, lab names)
  • Community content: reviews, protocol templates, research programs, peptide requests, mentorship messages, and display names you choose to share publicly

Health Data (with your permission)

  • When you connect Apple HealthKit (iOS) or Google Health Connect (Android), we may read the following data types: weight, sleep duration and stages, resting heart rate, heart rate variability (HRV), body temperature, activity/steps/calories, and blood oxygen saturation (SpO2)
  • Health data is read-only. We do not write data back to HealthKit or Health Connect.
  • Health data is stored within your encrypted account data in Cloud Firestore
  • Health data is never sold, shared for advertising, or disclosed to third parties
  • You can disconnect health data access at any time in your device settings

Payment Information

  • We do not directly collect or store credit card numbers or billing addresses
  • Payments are processed by Stripe (web), Apple (iOS via StoreKit), or Google (Android via Play Billing)
  • We receive and store transaction identifiers, product IDs, and purchase verification status to manage your subscription

Automatically Collected Information

  • Device type and operating system
  • App usage analytics via Firebase Analytics (pages viewed, features used, session duration)
  • Crash reports and error logs (stored in Cloud Firestore)
  • Push notification tokens (Firebase Cloud Messaging) for delivery of reminders

3. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Sync your data across devices via encrypted cloud storage
  • Send schedule reminders and dose notifications (if enabled)
  • Display health trends and protocol impact analysis on your Progress page
  • Power the AI Research Assistant chatbot (see AI Services below)
  • Facilitate community features (reviews, templates, mentorship)
  • Process purchases and manage subscription status
  • Detect and prevent technical issues and abuse
  • Generate anonymized, aggregated analytics to improve the app

4. Data Storage and Security

Your data is stored securely using Google Firebase services (data centers located in the United States):

  • Firebase Authentication for secure login
  • Cloud Firestore for data storage
  • Firebase Analytics for usage insights
  • Firebase Cloud Messaging for push notifications

Your personal data (inventory, protocols, logs, progress, health data) is encrypted at rest using AES-256 encryption with a key derived from your personal PIN. Only you can decrypt your data. We cannot access the contents of your encrypted data.

We implement industry-standard security measures to protect your personal information. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We do not use your data for advertising. We may share information only in the following circumstances:

  • Service Providers: Google Firebase (hosting, authentication, data storage, analytics, push notifications), Stripe (web payment processing), Apple and Google (in-app purchase processing)
  • AI Services: When you use the Amino chatbot (Premium feature), your questions and contextual information (active protocol names, inventory names) may be sent to Anthropic's Claude API to generate responses. No personally identifiable information (email, name, health data) is shared with Anthropic. Chat questions and answer sources are logged to Firestore for quality improvement and may be reviewed to improve chatbot accuracy. Anthropic's Privacy Policy applies to data processed by their API.
  • Shared Content: When you use the Share feature to share your inventory or protocols via link, a snapshot of that data is stored in a publicly accessible document. Only the data you explicitly choose to share is included.
  • Community Content: Reviews, templates, research programs, and peptide requests you submit are visible to other users. Display names are optional.
  • Health Reports: When you generate a PDF health report, the document is created on your device and is not uploaded to our servers. The PDF contains unencrypted personal data including protocol details, biomarker values, and optionally progress photos. You are responsible for how you share or distribute the exported report.
  • Legal Requirements: When required by law or to protect our rights
  • With Your Consent: When you explicitly authorize sharing

6. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of your personal data
  • Export: Export your data in JSON format (available in Settings)
  • Deletion: Delete your account and all associated data
  • Correction: Update or correct your personal data within the app
  • Data Portability: Receive your data in a structured, machine-readable format
  • Restrict Processing: Request that we limit how we use your data
  • Object: Object to certain types of data processing
  • Withdraw Consent: Withdraw previously given consent at any time
  • Opt Out of Analytics: Disable analytics collection
  • Disable Notifications: Turn off push notifications in your device settings

To exercise these rights, use the Settings menu in the app or contact us at the email below.

For California Residents (CCPA)

We do not sell your personal information as defined by the California Consumer Privacy Act. You have the right to know what data we collect, request deletion, and not be discriminated against for exercising your privacy rights.

For European Residents (GDPR)

Our legal basis for processing your data is: (a) performance of our contract with you (providing the Service), (b) your consent (for health data access and optional features), and (c) our legitimate interests (analytics, security, service improvement). Your data is transferred to and stored in the United States. By using the Service, you consent to this transfer. You have the right to lodge a complaint with your local data protection authority.

7. Partner Add-on and Multi-Profile Data

The Partner Add-on allows you to manage inventory and protocols for additional people from your account. You are responsible for obtaining consent from any person whose data you enter into the Service. We process this data under the same security and privacy protections as your primary account data.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data (including encrypted data, health data, progress photos, community content, and chat logs) will be permanently removed within 30 days. Some anonymized, aggregated analytics data may be retained.

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy within the app and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

Email:

← Back to App