# GLP-1 Assist Privacy Policy

*Effective Date: January 29, 2026*

## 1. Introduction
GLP‑1 Assist LLC ("we," "us," "our") provides a personal tracking and organization platform, along with a directory of independent healthcare providers and allied professionals (collectively, the "Services"). We respect your privacy and are committed to protecting your personal information.

## 2. Information We Collect

### Health Information
When you use our apps or services, you may voluntarily provide health‑related information, including:
- Your GLP‑1 medication details (type, dosage, injection sites, timing).
- Symptoms and side effects (severity, frequency, triggers).
- Body metrics (weight, body measurements, vital signs, and laboratory results).
- Progress photos (only stored when you explicitly choose to upload them).
- Lifestyle and routine data (sleep, digestion, activity levels).
- Goals, preferences, and notes about your health journey.

### Account Information
To create and maintain your account, we collect:
- Name and email address.
- Passwords (stored in encrypted form).
- Profile preferences and settings.
- Communication preferences.

### Usage Information
We automatically collect certain information about how you use our Services:
- Log data (IP address, browser type, pages visited).
- Device data (device type, operating system).
- Usage patterns and feature interactions.
- Performance and diagnostic information.

### Directory Usage Analytics
When you browse the provider directory or click links to visit a provider’s website or contact page, we do not share your personal or health information with that provider. We may log aggregated, anonymized analytics solely to improve our Services.

## 3. How We Use Your Information
We use your information to:
- Provide, operate, maintain, and improve the Services.
- Track your health metrics and medication adherence.
- Generate personalized insights and recommendations.
- Deliver reminders, notifications, and educational content.
- Create shareable PDF summaries of your data (at your request).
- Provide customer support and respond to your enquiries.
- Conduct research and development (using only anonymized and aggregated data).
- Monitor usage to ensure security and integrity.
- Comply with legal obligations and enforce our terms.

**We do not sell your personal information.**

## 4. Information Sharing and Disclosure
We share your information only in limited circumstances:
- **With Your Explicit Consent**: Sharing data (such as PDF summaries) with your healthcare provider.
- **Service Providers**: Trusted vendors (cloud hosting, payment processors, etc.) bound by confidentiality.
- **Legal Requirements**: To comply with applicable law or protect rights and safety.
- **Business Transfers**: In the event of a merger or acquisition.

## 5. Provider Directory and HIPAA Disclaimer
Our platform includes a public directory of independent healthcare providers.
- We do not share your personal or health information with Providers.
- If you engage with a Provider, you do so on their own platform governed by their privacy practices.
- **GLP‑1 Assist LLC is not a healthcare provider and does not act as a "Business Associate" under HIPAA.**

## 6. Data Security
We implement stringent safeguards to protect your information:
- Encryption of data in transit (TLS) and at rest (AES‑256).
- Role‑based access controls and multi‑factor authentication.
- Continuous monitoring and audit logging.
- Regular security assessments.

We have completed an internal SOC 2 Type II readiness assessment. In the event of a security incident, we will notify affected users without undue delay.

## 7. Data Retention
- Data associated with active accounts is retained until you delete your account.
- Upon account deletion, data is generally deleted within 30 days.
- Anonymized and aggregated data may be retained indefinitely.

## 8. Your Rights and Choices
Depending on your jurisdiction, you may have the right to:
- Access and obtain a copy of your personal information.
- Correct inaccuracies or update your information.
- Delete your account and associated data.
- Export your data in a portable format.

To exercise these rights, contact us at [privacy@glp1assist.com](mailto:privacy@glp1assist.com).

## 9. Cookies and Analytics
We prioritize privacy‑preserving analytics (e.g., Plausible Analytics). We do not use third‑party advertising cookies or tracking pixels. We use local storage for sessions and a single referral cookie (`glp1_ref`) which expires after 30 days.

## 10. International Users
We are based in the United States. By using our Services, you consent to the processing of your information in the U.S.

## 11. Changes to This Privacy Policy
We may update this policy periodically. We will notify you of material changes by email or in‑app notice.

## 12. Contact Information
If you have questions about this Privacy Policy, please contact us at:
- **Email:** [privacy@glp1assist.com](mailto:privacy@glp1assist.com)
- **Address:** GLP‑1 Assist LLC, 411 Westchester Ave, Apt 1E, Port Chester, NY 10573
