Privacy Policy

Last updated: May 22, 2026

      Summary: We collect the minimum we need to run Supp'Buddy. Medications, health conditions, allergies, and pregnancy status are no longer stored on our servers. Your conversations get a 90-day retention; everything Buddy needs to remember long-term is distilled into a small set of pillar-language facts that pass a sanitization gate before being saved. We never sell your data. We never run ads. We don't share data with third parties for marketing.
    

1. Who We Are

Supp'Buddy is an AI-powered supplement tracking application that helps you manage your supplement routine, discover new products, and get personalized recommendations. The service is operated by the Supp'Buddy team. For privacy questions, reach us at contact@supp-buddy.com.

2. What We Collect

Account information. When you sign up, we collect your email address. If you use Google Sign-In, your name and profile picture as provided by Google. Authentication is processed by our authentication provider.

Basic profile. During onboarding you provide your age, gender, weight, country, and goals. This is used to personalize your experience.

Supplement data. Products you add, your routines, schedules, dietary preferences, and any supplement label images you scan. This powers your dashboard and recommendations.

Chat conversations. Messages you exchange with Buddy are stored for up to 90 days, then automatically deleted. Anything Buddy needs to remember beyond that gets distilled into a short set of pillar-language facts (e.g. "takes Magnesium Glycinate for Sleep pillar support") and a short conversation summary. The distilled record passes a sanitization gate before being saved — it cannot contain diagnoses, medication names, or clinical symptom descriptions.

Usage data. Basic analytics such as which features you use, session duration, and error logs to help us improve the app. We do not build cross-user behavioral profiles.

3. What We Don't Collect (Server-Side)

Some categories of data that are common in health-adjacent apps are deliberately not stored on our servers:

Medications. If you ask Buddy a question that needs medication context (e.g. an interaction check), Buddy can ask you inline; your answer is used only for that single conversation turn and is never written to our database.
Health conditions. Same — used only inside a single chat turn when you choose to share, never stored.
Allergies and intolerances. These live in an on-device store on your phone. The server never sees them; they ship to Buddy as part of each chat request, then are discarded.
Pregnancy or breastfeeding status. We don't ask. Buddy applies a universal caution about herbs and high-dose vitamins to everyone, instead of trying to personalize that warning to a status we'd otherwise have to collect and store.

Our database has explicit constraints that reject text containing diagnosis names, medication names, or clinical context if any future code path tried to write it. This is enforced at the database layer, not just in application code.

4. AI and Third-Party Services

Supp'Buddy uses large language models to power the chat assistant, supplement analysis, and label scanning. When you interact with Buddy, the relevant context (your message, your supplement stack, basic profile fields needed for the query) is sent to a third-party AI provider's API for processing.

Our AI Provider Standards

We may use different AI providers over time, and may change providers as the technology and pricing evolve. Rather than tie your privacy to any single vendor's name, we commit to a fixed set of standards that every AI provider we route your data to must meet. These standards are our binding commitment to you. Any provider we use — now or in the future — meets all of them:

No training on your data. The provider contractually does not use your prompts or Buddy's responses to train its models.
Bounded retention. Your prompts and responses are retained no longer than 60 days (for service delivery and abuse monitoring), then deleted. Many of our providers retain for less, or not at all.
Recognized security certification. The provider holds an independent, audited security certification such as SOC 2 Type II or ISO/IEC 27001.
Lawful international transfer. For users in the EU, UK, and EEA, the provider processes your data under a valid GDPR transfer mechanism — an adequacy decision, the EU-US Data Privacy Framework, or Standard Contractual Clauses.
No undefendable jurisdiction. If you are in the EU, UK, or EEA, your data is never processed in a jurisdiction without one of the transfer mechanisms above. In practice this means your data is never sent to AI infrastructure that cannot lawfully receive it.

Because our commitment is to these standards rather than to a particular company, we can adopt a better or cheaper model that meets them without reducing your protections. When we change providers, your rights under this policy do not change.

Current AI providers

This list is informational and is updated as our providers change. Your protections are defined by the Standards above, which do not change when a provider is swapped.

Google (Gemini) — our current default provider for all users. Google's use of this data is governed by their Privacy Policy. Google participates in the EU-US Data Privacy Framework; prompts sent to the Gemini Developer API may be retained for up to 55 days for abuse monitoring and are not used to train models.

We may additionally route requests for some users to a secondary provider that meets the Standards above (for example, an alternative model hosted by a certified provider under Standard Contractual Clauses), depending on subscription tier and region. We do not route data belonging to EU, UK, or EEA users to any provider that does not meet Standard 4 and Standard 5.

We also use Supabase for authentication, database, and backend services. Your data is stored in Supabase-managed infrastructure with row-level security policies that prevent users from accessing each other's data.

5. AI Is Not Medical Advice

Buddy is an AI assistant, not a doctor, pharmacist, or nutritionist. Buddy's recommendations are general guidance based on the supplement and profile information you provide. They are not a substitute for advice from a qualified healthcare professional.

AI-generated content may be incomplete, outdated, or factually wrong. Verify anything important before acting on it.
If you are pregnant, breastfeeding, trying to conceive, under 18, or managing a medical condition, consult a clinician before starting, stopping, or changing supplements.
If you experience an adverse reaction to a supplement, contact a medical professional. In an emergency, call your local emergency number.

You are responsible for your own health decisions. By using Supp'Buddy, you acknowledge these limitations.

6. How We Use Your Information

Provide, maintain, and improve the Supp'Buddy service
Generate AI-powered supplement guidance tailored to your stack and goals
Surface known supplement-supplement interactions
Build and manage your personalized supplement schedule
Authenticate your identity and secure your account
Send service-related communications (e.g., email verification)

7. Data Retention

Chat messages: 90 days, then automatically deleted.
Conversation summaries: Kept as long as the conversation is recent; cleaned up after 180 days of inactivity.
Distilled facts: Kept as long as your account is active; deletable through chat or by account deletion.
Intake tracking (granular): 30 days, then aggregated into weekly counts.
Intake tracking (weekly aggregates): Kept as long as your account is active.
Soft-deleted facts: Permanently deleted within 7 days.
Account: Kept until you delete it. Deletion removes all associated data within 30 days.

8. Data Storage and Security

Your data is stored using Supabase's cloud infrastructure with row-level security policies ensuring you can only access your own data. Authentication tokens are stored using platform-secure storage (Secure Store on mobile devices, encrypted local storage on web). We use HTTPS for all data transmission.

The sanitization gate that protects your chat-derived memory runs at three layers: the AI rewriter, an application-layer regex check, and a database-level constraint. Defense in depth — if any layer fails, the next catches it.

9. Data Sharing

We do not sell your personal data. We share data only in these limited circumstances:

AI processing: As described in Section 4, to provide AI features
Service providers: Infrastructure providers (Supabase, Cloudflare) that help us operate the service, bound by their own privacy commitments and EU-US Data Privacy Framework participation where applicable
Legal requirements: If required by law, regulation, or valid legal process

10. Your Rights

Depending on where you live, you may have rights under data protection law. You can:

Access your data through the app at any time
Update your profile information and supplement data directly in the app
Delete your account and all associated data through Settings → Delete Account, or by emailing us
Export your data by emailing us
Clear local data (allergies and on-device chat memory) through Settings → Privacy → Clear Local Data

If you are in the European Union, you also have the right to lodge a complaint with your national supervisory authority. In Sweden, that is IMY.

To exercise any of these rights, email contact@supp-buddy.com.

11. International Data Transfers

Supp'Buddy is operated from Sweden. Some service providers process data in the United States or other regions. For users in the EU, UK, and EEA, every such transfer is covered by a valid GDPR transfer mechanism — an adequacy decision, the EU-US Data Privacy Framework, or Standard Contractual Clauses. We do not transfer EU, UK, or EEA personal data to any jurisdiction lacking one of these mechanisms.

AI providers — process AI prompts under the AI Provider Standards in Section 4, including the lawful-transfer requirement. Our current default (Google Gemini) participates in the EU-US Data Privacy Framework.
Supabase — data hosting and authentication. Region selection is configured to place EU user data in the EU region where supported.
Cloudflare — content delivery and DNS. Cloudflare's transfer mechanisms apply.

12. Children's Privacy

Supp'Buddy is not intended for users under 18. We do not knowingly collect information from anyone under 18. If you believe a minor has provided us with personal data, please contact us and we will delete it.

13. Cookies and Local Storage

The web version of Supp'Buddy uses local storage to maintain your session and cache data for performance. The mobile app uses on-device SQLite to store allergies and other local-only data. We do not use tracking cookies, advertising cookies, or third-party retargeting.

14. Changes to This Policy

We may update this Privacy Policy from time to time. If a change materially affects how we handle your data, we will notify you through the app or by email and ask you to accept the new version before continuing. Continued use of Supp'Buddy after non-material changes constitutes acceptance of the updated policy.

Questions? Contact us at contact@supp-buddy.com.