Privacy Policy

1. Information We Collect

We collect the following categories of information:

• Account information: Email address and full name when you create an account. Optionally, your age and sex if you choose to provide them for personalized reports.
• Usage data: Which supplements you search, health goals you select, report types you generate, and monthly generation counts.
• Technical data: IP address (used for rate limiting), browser-stored authentication tokens, and a single signed cookie for anonymous usage tracking.
• Product analytics events: A signed, http-only "anon_id" cookie identifies anonymous visitors so we can measure how the product is used. Recorded events include page views, search submissions, goal selections, signup attempts, report generations, PDF downloads, glossary term clicks, and tier-gate denials. Each event captures the event name, the page path, an optional event payload (e.g., the supplement queried), the anonymous identifier, and your user identifier once you sign in. Events do not capture form values, free text, or any other content you type. All event data is stored in our own PostgreSQL database; we do not transmit it to any third-party analytics service.
• Diagnostic error reports: If the Service encounters a runtime error, we record the error message, a stack trace, the page path, your user identifier (if signed in), and the anonymous identifier so we can fix the bug. These reports are stored in our own database alongside other operational logs.

If your browser sends a "Do Not Track" signal, we suppress product analytics events on the client. Diagnostic error reports continue to be sent because they describe operational failures rather than user behaviour.

2. How We Use Your Information

Your information is used to:

• Provide the Service and personalize reports based on your demographic profile
• Enforce usage quotas and rate limits
• Process payments via Stripe
• Generate aggregate search trends (e.g., popular supplements) for product improvement
• Improve the Service and diagnose technical issues

We do not sell, rent, or share your personal information with third parties for their marketing purposes.

3. Third-Party Services

Veraflux relies on the following third-party services to operate. Each processes only the minimum data necessary for its function:

• Supabase - Authentication and user management. Stores your email, hashed password, and auth tokens.
• Stripe - Payment processing. We do not store your credit card details; Stripe handles all payment data directly.
• PubMed / NCBI - Literature retrieval. Only supplement names and search terms are sent; no personal data.
• Google Gemini & Anthropic Claude - AI processing of retrieved literature. Supplement names and, for personalized reports, your age and sex values are included in prompts. No names, email addresses, or other identifying information is sent to these services.
• Railway - Cloud hosting provider. All application data transits through and is served from Railway's infrastructure.

4. Data Storage & Security

Your data is stored in a PostgreSQL database hosted on a secure cloud provider. All data in transit is encrypted via HTTPS/TLS. Passwords are managed by Supabase Auth using industry-standard hashing and are never stored in plaintext.

5. Data Retention & Caching

Cached reports: Generated reports are cached for up to 30 days to improve performance. Safety reports are not user-specific - the same cached report may be served to any user searching for the same supplement. Supplement reports are cached by supplement, age, sex, and goal combination.

Saved reports: Reports saved to your library are retained until you delete them or close your account.

Synonym cache: Supplement name synonyms are cached indefinitely for search optimization.

Account data: Retained for the duration of your account. Upon account deletion, your profile, saved reports, usage history, collections, recorded analytics events, diagnostic error reports, and per-report cost records that reference your user identifier are removed or anonymized.

Operational logs: Per-request HTTP logs are retained for 30 days. Product analytics events are retained for 365 days. Per-report cost records and diagnostic error reports are retained indefinitely so we can investigate issues and reconcile billing.

6. Cookies & Local Storage

Authentication state is managed by Supabase and stored in your browser's local storage. We use two functional cookies, neither of which is used for advertising or third-party tracking:

• "anon_id" - signed, http-only. Threads anonymous visitor activity into our own product analytics. Set on first visit, persists until you clear browser data.
• "vf_session_marker" - unsigned, not http-only. A one-bit hint set after a successful login so the server can serve the dashboard shell directly on your next visit instead of a flash of the marketing page. Carries no auth value (the real session token still lives in local storage) and is cleared on sign-out. Expires after 30 days of inactivity.

We do not use advertising or third-party tracking cookies, and our analytics data never leaves our database.

7. Your Rights

You may request deletion of your account and all associated data by contacting us at support@veraflux.org. Deletion removes your profile, saved reports, collections, monthly usage history, and any analytics events or diagnostic error reports linked to your user identifier. You can delete individual saved reports from your library at any time. You may update or remove your demographic information (age and sex) from your Account page at any time. You can also disable product analytics in your browser by enabling the "Do Not Track" setting; the Service will continue to function normally.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or email. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.

9. Contact

Privacy inquiries may be directed to support@veraflux.org.