Privacy Policy

At pepguide.ai (operated by Brennan Decker), we take your privacy seriously. This policy explains what data we collect, how we use it, and your rights.

What Data We Collect

We collect the following information to provide our service:

• Email address (for account creation and communication)
• Intake quiz responses (goals, activity level, current compounds, health constraints)
• Body composition data (weight, measurements, photos you upload)
• Dose logs and protocol tracking data
• Usage data (how you interact with our platform)

Future Data Collection

We plan to add these features (with your permission):

• Apple Health data (read and write access)
• Bloodwork uploads and lab results
• Progress photos with automatic analysis

How We Use Your Data

Your data helps us:

• Track your progress and protocol effectiveness
• Provide AI-powered recommendations based on research
• Send you relevant updates and educational content
• Improve our platform for all users

Analytics and Tracking

We use Mixpanel for user behavior analytics. Your email is hashed (SHA-256) before being sent to Mixpanel, so no personal information is shared. This helps us understand how people use the platform and make improvements.

We also use Mixpanel tracking cookies and store Supabase authentication tokens in your browser's local storage to keep you logged in.

Data Storage and Security

Your data is stored securely:

• Database: Supabase (PostgreSQL, encrypted at rest)
• Forms: Netlify Forms for waitlist signups and intake reports
• All health data is encrypted and protected according to industry standards

What We Don't Do

We want to be crystal clear about this:

• We do NOT sell your data. Ever.
• We do NOT share individual health data with third parties
• We don't send marketing emails without permission
• We don't track you across other websites

Your Rights

Data Deletion

You can request deletion of your account and data at any time. Contact us and we'll remove your information within 30 days.

California Residents (CCPA)

If you're a California resident, you have the right to:

• Know what personal information we collect
• Delete your personal information
• Opt out of data sales (which we don't do anyway)

EU Visitors (GDPR)

If you're visiting from the EU, you have additional rights:

• Right to erasure (be forgotten)
• Data portability (take your data with you)
• Right to access what data we have about you

HIPAA and Medical Data

While pepguide.ai is not HIPAA certified, we follow HIPAA best practices in how we handle your health information. We treat your health data with the same care and security standards used by medical organizations.

Age Requirements

This service is not intended for anyone under 18 years old. If you're under 18, please don't create an account or use our platform.

Changes to This Policy

If we make changes to this privacy policy, we'll email you at least 30 days before they take effect. You can always find the latest version on this page.