Data Privacy

your biology belongs to you

our commitment

Privacy is a constraint we design around, not a marketing line. Where data must live on a server to deliver the product (cloud sync, multi-device, AI Coach history, persistent DNA findings), it lives in row-level-security-scoped tables that only you can read. Where it doesn't need to leave your device, it doesn't.

Local-First, Cloud-Synced When Signed In

Your intake answers and analysis results are kept in your browser's local storage. If you create an account and enable cloud sync, an RLS-scoped copy is stored in our Supabase database so the same profile loads across your devices.

Account-Optional Analysis

You can run a Free analysis without creating an account; only browser-local storage is used. Pro and Clinical features (cloud sync, AI Coach history, multi-profile, DNA persistence) require an authenticated Supabase account tied to your email.

Never Sold. Ever.

Your biology is not a product. We do not sell, share, license, or monetize your health data to third parties. No advertisers, no data brokers, no exceptions.

Data You Can Delete

You can delete your account and wipe all server-stored profile, analysis, chat, and genomic rows from inside the app at any time. Local-storage data is cleared from your browser when you sign out or clear site data.

Raw DNA Files Never Leave Your Device

Your raw DNA file (23andMe / Ancestry / etc.) is parsed entirely in your browser. We extract only the targeted SNP rows we interpret (currently 718 markers — rsid + genotype) and discard the raw file from memory. Those extracted rows are then sent to our AI for interpretation and stored server-side in our RLS-scoped genomic_data table so findings can re-render across devices.

What We Collect

Intake profile: first name, age, biological sex, weight, blood type, dietary protocol, primary goal — kept in browser local storage; mirrored to RLS-scoped Supabase profile_data rows when you sign in and cloud sync is enabled
Health context: current medications, known conditions, allergies, pregnancy status, lifestyle flags (caffeine, alcohol, smoking, stress) — same storage path as the intake profile
Current supplement stack and analysis results — local storage by default, mirrored to profile_data on cloud sync
AI Coach conversations — stored in our RLS-scoped chat_messages table for authenticated users so history persists across sessions
Supplement label photos — sent to our AI for ingredient extraction and not retained on our servers after the response
Extracted genetic markers (rsid + genotype + interpretation) for 718 targeted SNPs — stored in our RLS-scoped genomic_data table for authenticated users so DNA-informed findings can re-render
Authentication metadata (email, Supabase user id, plan tier) — required for accounts; managed by Supabase Auth
Anonymous product analytics (Vercel Analytics + Speed Insights) — page views, route timings, web-vital metrics; no health data, no profile content, no PII payloads

What We Never Collect

Your raw DNA file — it is parsed in your browser and never uploaded
Your raw lab file — processed locally; only the values you enter or confirm are stored
Phone number or postal address
Location or IP-based geolocation data
Cross-site advertising cookies or device fingerprinting identifiers
Payment card details — when billing is enabled, payments are processed by Stripe and we never see card numbers
Data from third-party health apps or wearables (no integrations)

Third-Party Services

Supabase (US-hosted) — managed Postgres + Auth. All user-scoped tables (profile_data, chat_messages, genomic_data) enforce row-level security. Encryption at rest is provided by the platform.
Google Generative AI (Gemini) — receives your sanitized intake profile, extracted genetic markers, supplement stack, and analysis prompts to produce recommendations and Coach responses. No raw DNA files, no payment data. Google processes this data subject to its AI terms of service.
Vercel — application hosting (HTTPS), plus Vercel Analytics and Speed Insights for anonymous traffic and performance metrics. We do not pass health data, profile content, or genomic findings into analytics events.
Upstash Redis — rate-limit counters keyed by user id; no profile content stored.
Stripe — payment processing for paid plans (when enabled). Stripe receives card data directly; we receive only a customer id and subscription status.
Resend — transactional email (account confirmations, password resets) when you have an account.

AI Data Processing Disclosure

When you run an analysis or use the AI Coach, the following is transmitted to Google Gemini: your medications, conditions, allergies, pregnancy status, biometric inputs, supplement stack, and extracted genetic markers (where applicable). Free-text symptom descriptions you type into the Coach are also transmitted. We do not transmit raw DNA files, billing data, or your name.
AI outputs pass through our post-generation safety filter before being returned to you. Recommendations are educational; they are not medical advice and are not reviewed by a clinician.

Server Logs and Telemetry

We log request-level metadata (route, status, latency, anonymized user id, model name, token counts) to operate and debug the service. We do NOT log prompt content, AI response content, medication names, condition names, gene names, rsids, genotypes, or lab values into observability sinks.
Error reports use sanitized error codes and scope identifiers — never the raw row content that triggered the error.

Genetic Information (GINA Compliance)

If you upload DNA data, we process the extracted SNP markers strictly to personalize supplement recommendations. Your genetic information is protected under the Genetic Information Nondiscrimination Act (GINA). We do not share genetic data with employers, insurers, or any third party for discriminatory purposes. You can delete all genetic data at any time from your DNA Intelligence settings; deletion also wipes DNA-derived blobs (diet plan, lifestyle protocol, genomic supplements) from your profile.

Your Rights

Access — request a copy of all data we store about you
Correct — edit your profile data directly in the app at any time
Delete — wipe your account and all server-stored rows from your account settings
Export — download your analysis history as PDF or JSON
California (CCPA) and Washington (My Health My Data Act) residents may have additional rights, including the right to opt out of any data processing not strictly necessary to deliver the service. Contact privacy@titrate.app to exercise these rights.

Last updated: May 2026

Run my analysis

titrate

What We Collect

Intake profile: first name, age, biological sex, weight, blood type, dietary protocol, primary goal — kept in browser local storage; mirrored to RLS-scoped Supabase profile_data rows when you sign in and cloud sync is enabled

Health context: current medications, known conditions, allergies, pregnancy status, lifestyle flags (caffeine, alcohol, smoking, stress) — same storage path as the intake profile

Current supplement stack and analysis results — local storage by default, mirrored to profile_data on cloud sync

AI Coach conversations — stored in our RLS-scoped chat_messages table for authenticated users so history persists across sessions

Supplement label photos — sent to our AI for ingredient extraction and not retained on our servers after the response

Extracted genetic markers (rsid + genotype + interpretation) for 718 targeted SNPs — stored in our RLS-scoped genomic_data table for authenticated users so DNA-informed findings can re-render

Authentication metadata (email, Supabase user id, plan tier) — required for accounts; managed by Supabase Auth

Anonymous product analytics (Vercel Analytics + Speed Insights) — page views, route timings, web-vital metrics; no health data, no profile content, no PII payloads

What We Never Collect

Your raw DNA file — it is parsed in your browser and never uploaded

Your raw lab file — processed locally; only the values you enter or confirm are stored

Phone number or postal address

Location or IP-based geolocation data

Cross-site advertising cookies or device fingerprinting identifiers

Payment card details — when billing is enabled, payments are processed by Stripe and we never see card numbers

Data from third-party health apps or wearables (no integrations)

Third-Party Services

Supabase (US-hosted) — managed Postgres + Auth. All user-scoped tables (profile_data, chat_messages, genomic_data) enforce row-level security. Encryption at rest is provided by the platform.

Google Generative AI (Gemini) — receives your sanitized intake profile, extracted genetic markers, supplement stack, and analysis prompts to produce recommendations and Coach responses. No raw DNA files, no payment data. Google processes this data subject to its AI terms of service.

Vercel — application hosting (HTTPS), plus Vercel Analytics and Speed Insights for anonymous traffic and performance metrics. We do not pass health data, profile content, or genomic findings into analytics events.

Upstash Redis — rate-limit counters keyed by user id; no profile content stored.

Stripe — payment processing for paid plans (when enabled). Stripe receives card data directly; we receive only a customer id and subscription status.

Resend — transactional email (account confirmations, password resets) when you have an account.

AI Data Processing Disclosure

When you run an analysis or use the AI Coach, the following is transmitted to Google Gemini: your medications, conditions, allergies, pregnancy status, biometric inputs, supplement stack, and extracted genetic markers (where applicable). Free-text symptom descriptions you type into the Coach are also transmitted. We do not transmit raw DNA files, billing data, or your name.

AI outputs pass through our post-generation safety filter before being returned to you. Recommendations are educational; they are not medical advice and are not reviewed by a clinician.

Server Logs and Telemetry

We log request-level metadata (route, status, latency, anonymized user id, model name, token counts) to operate and debug the service. We do NOT log prompt content, AI response content, medication names, condition names, gene names, rsids, genotypes, or lab values into observability sinks.

Error reports use sanitized error codes and scope identifiers — never the raw row content that triggered the error.

Genetic Information (GINA Compliance)

If you upload DNA data, we process the extracted SNP markers strictly to personalize supplement recommendations. Your genetic information is protected under the Genetic Information Nondiscrimination Act (GINA). We do not share genetic data with employers, insurers, or any third party for discriminatory purposes. You can delete all genetic data at any time from your DNA Intelligence settings; deletion also wipes DNA-derived blobs (diet plan, lifestyle protocol, genomic supplements) from your profile.

Your Rights

Access — request a copy of all data we store about you

Correct — edit your profile data directly in the app at any time

Delete — wipe your account and all server-stored rows from your account settings

Export — download your analysis history as PDF or JSON

California (CCPA) and Washington (My Health My Data Act) residents may have additional rights, including the right to opt out of any data processing not strictly necessary to deliver the service. Contact privacy@titrate.app to exercise these rights.