Privacy Policy

1. Information We Collect

Health Information

When you use Glp1Assist, we collect and process health-related information that you voluntarily provide, including:

GLP-1 medication information (type, dosage, injection sites, timing)
Symptoms and side effects (severity, frequency, triggers)
Body metrics (weight, measurements, vital signs, lab results)
Progress photos (stored with your explicit consent)
Daily routine information (sleep, digestion, activity levels)
Goals and preferences for your health journey

Account Information

To create and maintain your account, we collect:

Name and email address
Account passwords (stored encrypted)
Profile preferences and settings
Communication preferences

Usage Information

We automatically collect certain information about how you use our services:

Log data (IP address, browser type, pages visited)
Device information (device type, operating system)
Usage patterns and feature interactions
Performance and error data

2. How We Use Your Information

Primary Purposes

We use your information to provide and improve Glp1Assist services:

Track your health metrics and medication adherence
Generate personalized insights and recommendations
Create shareable PDF summaries
Send medication reminders and notifications
Provide customer support and technical assistance
Improve our AI algorithms and platform features

Research and Development

With your explicit consent, we may use anonymized, aggregated data for research purposes to advance GLP-1 therapy understanding and improve health outcomes. Individual users are never identifiable in research data.

Communications

We may contact you for service-related communications, important updates, and educational content related to your health journey. You can opt out of non-essential communications at any time.

3. Information Sharing and Disclosure

We never sell your personal health information. Your data is shared only in limited circumstances as described below.

With Your Consent

We share your information only when you explicitly authorize us to do so, such as when you choose to share reports with your healthcare provider or participate in research studies.

Service Providers

We work with trusted third-party service providers who help us operate Glp1Assist:

Cloud hosting and data storage (AWS, Google Cloud)
Payment processing (Stripe)
Email and communication services
Analytics and performance monitoring

All service providers sign strict data processing agreements and are required to protect your information according to industry security standards.

Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect the safety of our users or the public.

4. Data Security

Encryption and Protection

We implement industry-leading security measures to protect your health information:

AES-256 encryption for data at rest
TLS 1.3 encryption for data in transit
Multi-factor authentication options
Regular security audits and penetration testing
SOC 2 Type II compliance
Industry-standard security infrastructure and processes

Access Controls

Access to your health information is strictly limited to authorized personnel who need it to provide services. All access is logged and monitored.

Incident Response

In the unlikely event of a security incident, we have comprehensive response procedures and will notify affected users within 72 hours as required by law.

5. Data Retention

We retain your information for as long as necessary to provide services and as required by law:

Active accounts: Data retained while your account is active
Deleted accounts: Most data deleted within 30 days of account deletion
Legal requirements: Some data may be retained longer for legal compliance
Anonymized data: May be retained indefinitely for research purposes

6. Your Rights and Choices

Data Access and Control

You have the right to:

Access all your personal health information
Correct inaccurate or incomplete information
Delete your account and associated data
Export your data in a portable format
Restrict certain uses of your information
Withdraw consent for optional data uses

Communication Preferences

You can control what communications you receive from us through your account settings or by contacting our support team.

Exercising Your Rights

To exercise any of these rights, please contact us at privacy@glp1assist.com or through your account settings. We will respond to your request within 30 days.

7. Cookies and Analytics

Analytics

We use Plausible Analytics, a privacy-focused, cookieless analytics service that doesn't track individual users or store personal data. This helps us understand how our website is used without compromising your privacy.

Cookies and Local Storage

We primarily use local storage technology (not cookies) to securely keep you logged in and remember your preferences.

We use a single cookie (`glp1_ref`) for marketing attribution if you visit via a referral link. This helps us understand how users find our website and credits our partners. This cookie is stored for 30 days. We do not use third-party advertising cookies or tracking pixels.

8. International Users

Glp1Assist is based in the United States, and your information is processed and stored on servers located in the United States. By using our services, you consent to the transfer of your information to the United States.

For users in the European Union, we comply with GDPR requirements and provide additional rights as required by EU law.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by email and by posting a notice on our website. Your continued use of Glp1Assist after changes become effective indicates your acceptance of the updated policy.

10. Contact Information

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: privacy@glp1assist.com

Table of Contents