Privacy Policy

Information you provide

When you use BioStacked, you may provide us with: account information (email address, name), supplement data (names, dosages, timing, notes), health metrics (energy, mood, focus, sleep ratings), and any other information you choose to enter.

Information from integrations

If you connect wearable devices or health platforms (Oura, Whoop, Apple Health, Fitbit, Google Fit), we receive data you authorize, such as sleep scores, heart rate variability, recovery metrics, and activity data. You control which integrations are connected and can disconnect them at any time.

Automatically collected information

We collect usage data such as app interactions, feature usage patterns, crash reports, and device information (device type, operating system version). This helps us improve the app and fix issues.

To provide the service

We use your data to deliver the core functionality of BioStacked: tracking supplements, generating insights, showing correlations, and providing AI-powered recommendations.

To improve the app

We analyze aggregated, anonymized usage patterns to understand how people use BioStacked and identify areas for improvement. Individual health data is never used for this purpose without explicit consent.

To communicate with you

We may send you service-related emails (account verification, security alerts, important updates). You can opt out of marketing communications at any time.

Encryption

Your data is encrypted at rest and in transit using industry-standard encryption protocols (AES-256 for storage, TLS 1.3 for transmission).

Access controls

Access to user data is strictly limited to essential personnel and systems. We maintain audit logs of data access and regularly review access permissions.

Infrastructure

We use secure cloud infrastructure with SOC 2 compliance. Data is stored in geographically distributed data centers with redundancy and disaster recovery capabilities.

We do not sell your data

We will never sell your personal information or health data to third parties. This is a core principle of how we operate.

Limited sharing

We may share data with: service providers who help us operate (hosting, analytics, customer support) under strict confidentiality agreements; law enforcement when legally required; or other parties with your explicit consent.

Aggregated data

We may share anonymized, aggregated statistics (e.g., "users who take magnesium report 15% better sleep scores on average") that cannot identify individual users.

Access your data

You can view all data we have about you directly in the app. You can also request a complete export of your data in a portable format.

Delete your data

You can delete your account and all associated data at any time from the app settings. Deletion is permanent and cannot be undone.

Manage integrations

You can connect or disconnect wearable integrations at any time. When you disconnect an integration, we stop receiving new data from that source.

Data portability

You can export your supplement logs, health ratings, and insights in standard formats (CSV, JSON) to use elsewhere or for your own records.

Active accounts

We retain your data for as long as your account is active and you continue to use the service.

Account deletion

When you delete your account, we delete your personal data within 30 days. Some anonymized, aggregated data may be retained for analytics purposes.

Legal requirements

We may retain certain information as required by law or for legitimate business purposes (e.g., fraud prevention, legal disputes).

BioStacked is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

If you are located outside the United States, your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

We may update this privacy policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of BioStacked after changes constitutes acceptance of the updated policy.

If you have questions about this privacy policy or our data practices, please contact us at [email protected].