Stack Precision ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our mobile application and related services.
HIPAA-Compliant Health Data Protection: Stack Precision implements comprehensive administrative, physical, and technical safeguards to protect your health information to HIPAA standards. We will never sell your data. See our Privacy & Security page for details on our security practices.
1. Information We Collect
1.1 Information You Provide Directly
When you use Stack Precision, you may choose to provide:
- Account Information: Email address, display name, and profile preferences
- Supplement Data: Supplement stacks, dosages, schedules, and tracking information
- Journal Entries: Daily wellness metrics (energy, mood, focus, stress, sleep quality, pain levels on 1-5 scales), notes, and health observations
- Genetic Information: Gene variants and interpretations you choose to upload from consumer genetic testing services
- Blood Work: Lab results and biomarker values you choose to enter
- AI Conversations: Messages exchanged with our AI health assistant
- Research Notes: Articles, notes, and information you save within the app
1.2 Information Collected Automatically
We collect limited technical information to operate and improve the app:
- Device Information: Device type, operating system version, and app version
- Usage Analytics: Feature access patterns, session timing, and interaction counts (see Section 8 for details)
- Crash Reports: Technical error logs to improve app stability
What We Never Collect in Analytics: Supplement names, health metric values, journal content, genetic data, blood work results, or any Protected Health Information (PHI). Our analytics capture only anonymized counts and timestamps.
2. How We Use Your Information
We use your information solely to provide and improve Stack Precision:
- Deliver core app functionality (supplement tracking, scheduling, reminders)
- Power AI-assisted health insights when you initiate conversations
- Generate personalized scheduling and notification reminders
- Maintain security and detect unauthorized access
- Analyze anonymized usage patterns to improve the app experience
- Respond to your support requests
- Comply with legal obligations
We do not use your health data for advertising, marketing profiling, or any purpose unrelated to providing the service you requested.
3. AI Features and Data Processing
AI Consent Required: Before using AI features, you must provide explicit consent. This consent is renewed monthly to ensure you remain in control of your data. You can modify or withdraw consent at any time in Settings.
3.1 Our AI Provider
Stack Precision uses Google Vertex AI (Gemini) to power our AI health assistant. We access Google's AI services through their enterprise API, which provides stronger privacy protections than consumer products.
3.2 What Data May Be Shared with AI
When you start an AI conversation, you control exactly what context is included. Based on your choices, the following may be sent to Google Vertex AI:
- Your chat messages and conversation history for that session
- Supplement information (names, dosages, schedules) - if you enable this option
- Journal metrics (numerical scores only) - if you enable this option
- Genetic variant information - if you enable this option
- Blood work values - if you enable this option
3.3 What We Never Send to AI Providers
The following information is never transmitted to any AI provider:
- Your name or display name
- Your email address
- Your user ID or account identifiers
- Your device information or IP address
- Any data that could directly identify you
Your AI conversations are effectively anonymous. Even if data were intercepted, it could not be linked to your identity.
3.4 Google Vertex AI Data Handling
- Enterprise API data is not used for model training
- Data is retained up to 30 days for abuse monitoring, then deleted
- Processing occurs in Google Cloud data centers with enterprise security
For more information, see Google Vertex AI Data Governance.
4. Data Storage and Security
4.1 Infrastructure
Your data is stored on Google Cloud Platform through Firebase services:
- Database: Cloud Firestore with encryption at rest (AES-256)
- File Storage: Cloud Storage with encryption at rest
- Authentication: Firebase Authentication with secure token management
- Location: United States data centers
4.2 Security Measures
We implement HIPAA-standard security controls:
- Encryption in Transit: TLS 1.2+ for all data transmission
- Encryption at Rest: AES-256 encryption for stored data
- Access Controls: Role-based access; your health data is accessible only to you
- Authentication: Secure login with optional biometric protection
- Session Security: Automatic timeout after 15 minutes of inactivity
- Audit Logging: Comprehensive logs of data access and modifications
For detailed information about our security practices, see our Privacy & Security page.
5. Data Sharing and Disclosure
We do not sell your personal information. We share data only in these limited circumstances:
| Recipient |
Purpose |
Data Shared |
| Google Vertex AI |
AI chat features |
Conversation content and health context you select (no identifiers) |
| Google Cloud / Firebase |
Infrastructure |
All app data (encrypted, access-controlled) |
| RevenueCat |
Subscription management |
Pseudonymous ID only (no health data) |
| Legal authorities |
If required by law |
As legally compelled |
In the event of a merger, acquisition, or sale of assets, your data would transfer to the successor entity with equivalent privacy protections. We would notify you before any such transfer.
6. Your Rights and Choices
6.1 Access Your Data
All your data is accessible within the app. You may request a complete export of your data by contacting us through our support page.
6.2 Correct Your Data
You can update or correct your information directly within the app at any time.
6.3 Delete Your Data
You can request deletion of your account and associated data through Settings > Account > Delete Account, or by contacting us. Our deletion process:
- 7-day grace period: After requesting deletion, you have 7 days to cancel by logging back in
- Permanent deletion: After the grace period, your personal data, health data, supplements, journals, genetic data, blood work, and chat history are permanently and irreversibly deleted
- Audit log retention: Security audit logs (which record access timestamps and actions, but not health data content) are retained for 7 years as required by HIPAA compliance standards
6.4 Individual Record Deletion
When you delete individual items (supplements, journal entries, etc.) within the app:
- Items are immediately hidden from your view (soft delete)
- After 30 days, items are permanently removed from our systems
- This allows recovery if you accidentally delete something
6.5 AI Data Controls
For each AI chat session, you control:
- Whether to include supplement data
- Whether to include journal metrics
- Whether to include genetic data
- Whether to include blood work data
AI consent expires monthly and must be renewed, ensuring you regularly confirm your preferences.
6.6 Withdraw Consent
You may withdraw consent for AI data processing at any time in Settings. This does not affect data already processed but prevents future AI interactions until you re-consent.
7. Children's Privacy
Stack Precision is intended for users 18 years of age and older. We do not knowingly collect information from anyone under 18. If you believe we have inadvertently collected data from a minor, please contact us immediately through our support page and we will promptly delete it.
8. Analytics and Tracking
We use Firebase Analytics to understand how users interact with the app. Our analytics are designed to be privacy-preserving:
What We Track
- Onboarding completion rates and timing
- Feature adoption (e.g., "user created first stack" - not what supplements)
- Subscription events (plan selected, not health data)
- App stability metrics
What We Never Track
- Supplement names or dosages
- Health metric values (mood, energy, etc.)
- Journal content or entries
- Genetic variants or interpretations
- Blood work results
- AI conversation content
Analytics use a pseudonymous identifier that cannot be linked to your email or personal identity.
9. Data Retention
| Data Type |
Retention Period |
| Account and health data |
Until you delete your account |
| Deleted items (soft delete) |
30 days, then permanently removed |
| Deleted accounts |
7-day grace period, then permanently removed |
| Security audit logs |
7 years (HIPAA requirement) |
| AI conversation data at Google |
Up to 30 days (Google's policy) |
10. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. When we make material changes:
- We will notify you through the app or via email
- We will update the "Effective Date" at the top of this page
- For significant changes affecting your rights, we may require you to re-acknowledge the updated policy
Your continued use of Stack Precision after changes take effect constitutes acceptance of the updated policy.
11. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to Know: You can request details about the personal information we collect, use, and disclose
- Right to Delete: You can request deletion of your personal information (subject to legal exceptions)
- Right to Opt-Out: We do not sell personal information, so this right does not apply
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
To exercise these rights, contact us through our support page. We will verify your identity before processing your request.
12. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us: