Privacy & Security

Our Commitment to Your Privacy

Stack Precision implements comprehensive HIPAA-standard safeguards to protect your Protected Health Information (PHI). We've invested in real security infrastructure because we believe your health data deserves the same protection as medical records.

• Your data deserves real protection. Not just promises—verified, auditable security practices backed by technical controls.
• We will never sell your data. Not to advertisers, not to data brokers, not to anyone. This is non-negotiable.
• Health data is sensitive. Your supplements, wellness metrics, and genetic variants are protected to healthcare standards.
• Trust is earned through action. We invested in HIPAA compliance because your privacy is foundational to our service.

Business Associate Agreements

We maintain Business Associate Agreements (BAAs) with our infrastructure and AI service providers as required by HIPAA. These agreements contractually obligate our partners—including Google Cloud and Google Vertex AI—to protect your health information to the same standards we maintain. BAAs ensure that every party in the chain of custody for your data is held to HIPAA-level safeguards.

Security Safeguards

We implement the administrative, physical, and technical safeguards required by HIPAA:

• Encryption in transit — TLS 1.2+ protects all data transmission between your device and our servers
• Encryption at rest — AES-256 encryption for all stored data in Google Cloud
• Access controls — Role-based access controls restrict who can access data. All user data is filtered by ownership—your health data is accessible only to you. Firestore security rules enforce this at the database level.
• Audit logging — Append-only logs of all data access and modifications, retained for 7 years per HIPAA requirements. Audit logs record access timestamps and actions but never contain health data content.
• Secure authentication — Industry-standard authentication with optional biometric protection
• Session security — Automatic timeout after 15 minutes of inactivity
• Data minimization — Consistent with HIPAA's minimum necessary standard, we collect and process only what's necessary to provide the service you requested. Health information shared with AI providers is limited to only what is relevant to your conversation.
• Right to deletion — You can delete your account and data at any time

AI Privacy: Complete Transparency

When you use our AI health assistant, we're transparent about exactly what happens with your data. Our AI is powered by Google Vertex AI (Gemini), accessed through Google's enterprise API with enhanced privacy protections.

"Your AI conversations are anonymous. Even if data were intercepted, it could not be linked to your identity."

How Google Handles AI Data

We use Google Vertex AI's enterprise API—not consumer products. This distinction matters because enterprise API data has stronger privacy protections:

• Not used for training — Your data is never used to train or improve AI models
• Limited retention — Data retained 30 days for abuse monitoring, then automatically deleted
• Enterprise security — Processing occurs in Google Cloud data centers with SOC 2 and ISO 27001 compliance
• No human review — Your conversations are not reviewed by humans unless flagged for safety concerns
• BAA coverage — Our Business Associate Agreement with Google covers Vertex AI data processing

Read Google Vertex AI Data Governance →

You're in Control

Every AI conversation gives you granular control over your data:

Data Type	Your Control
Supplements	Toggle on/off per session
Journal metrics	Toggle on/off per session
Genetic data	Toggle on/off per session
AI consent	Withdraw anytime in Settings

Don't want your genetic data in an AI conversation? Just turn it off. It's that simple.

Genetic Data Security

We take additional precautions with genetic information:

• Local parsing — Raw genetic files from consumer genetic testing and sequencing services are parsed entirely on your device. Your raw file is never uploaded to or stored on our servers.
• Per-marker consent — Before storing any genetic data, you review and individually select which markers to keep via a checkbox consent screen. We store only what you approve.
• Limited scope — We track 194 specific variants relevant to supplement response—your full genome is never stored.

Transparency for Every Variant

We believe you should have complete visibility into how your genetic data is used. For each stored variant, you can view within the app:

• Why we track it: A plain-language explanation of why this variant is included in our database and its relevance to supplement response
• What it may mean: A description of what the variant may affect, based on published research
• What we share with the AI: The exact text that is sent to our AI provider when you include genetic data in a conversation—no more, no less
• Research sources: Links to the peer-reviewed studies supporting our interpretation

You are responsible for evaluating whether you agree with our interpretation of your genetic data and whether you want it included in AI conversations. We provide this level of detail so you can make an informed decision. If you disagree with an interpretation, you can edit your genotype, remove individual markers, or exclude genetic data from AI conversations entirely.

Data Retention

We retain your data only as long as necessary:

Data Type	Retention
Your health data (active subscriber)	Until you delete your account
Deleted items	30 days (recovery window), then permanently purged (daily at 3 AM ET)
Deleted accounts	7-day grace period, then cascade delete, then 30-day hard purge
Lapsed subscription accounts	30-day lapsed period, then 7-day grace, then cascade delete, then 30-day hard purge (see below)
Community Contributor data	Indefinite while contributor status active; standard deletion on withdrawal
Trend contributions after consent withdrawal	Immediately and permanently deleted; contribution mapping destroyed
Security audit logs	7 years (HIPAA requirement)—records access times and actions only, never health data content
AI data at Google	Up to 30 days, then deleted

Lapsed Subscription Pipeline

If your subscription expires and you do not resubscribe or become a Community Contributor:

• Day 0–30 (Lapsed): Your data remains intact but premium features are unavailable. You may resubscribe at any time to restore full access.
• Day 30 (Pending Deletion): Your account transitions to pending deletion with a 7-day grace period. You will be notified within the app.
• Day 37 (Cascade Delete): If no action is taken, your personal data is deleted following the same process as account deletion.
• Day 67 (Hard Purge): All soft-deleted records are permanently purged from our systems.

You can prevent automatic deletion at any point by resubscribing or opting into the Community Contributor program.

Community Trends and Contributor Data

Stack Precision offers an optional Community Trends feature that aggregates anonymized data to show population-level supplement and wellness patterns. Participation is entirely opt-in.

• Random contribution ID — Your trends data is identified by a random UUID that is not derived from your user ID or any personal information and cannot be traced back to your account
• Minimum thresholds — At least 20 people per cohort and at least 3 users per supplement are required before any data is displayed, preventing re-identification of small groups
• Separate storage — Trends data is stored in Google BigQuery, separate from your personal account data
• Hard delete on withdrawal — When you withdraw trends consent, your de-identified contributions are permanently deleted from BigQuery and the mapping between your account and your contribution identifier is destroyed. This is irreversible.

Community Contributors

When your subscription ends, you may choose to become a Community Contributor. This is entirely optional and requires separate, explicit consent.

• Your supplement and genetic grouping data, as it existed at the time of your last active subscription, remains in the anonymized trends pool
• No new data is synced—your contribution is frozen at the point of donation
• You retain free, read-only access to Community Trends and full access to core features
• You do not have access to AI features or premium features
• You may withdraw at any time, triggering permanent deletion of your contributions

Breach Notification

In the event of a breach of unsecured Protected Health Information, we will:

• Notify affected individuals without unreasonable delay, and no later than 60 days after discovery of the breach
• Notify the U.S. Department of Health and Human Services as required by HIPAA
• Provide detailed notification that includes: a description of the breach, the types of information involved, steps you should take to protect yourself, what we are doing to investigate and mitigate, and contact information for further questions

If a breach affects 500 or more individuals, we will also notify prominent media outlets in the affected jurisdiction as required by HIPAA.

Infrastructure Security

Your data is stored on Google Cloud Platform, a SOC 2 Type II and ISO 27001 certified infrastructure:

• Database: Cloud Firestore with automatic encryption (AES-256)
• File storage: Cloud Storage with encryption at rest
• Authentication: Firebase Authentication with secure token management
• Server-side logic: Cloud Functions for sensitive operations (subscription management, audit logging, data retention enforcement)
• Messaging: Firebase Cloud Messaging for reminders and notifications
• Location: United States data centers
• Backup: Automatic point-in-time recovery capabilities

Questions?

We believe in transparency. If you have questions about how we protect your data, reach out through our contact form and select "Privacy Inquiry" as the topic. We'll respond within 24-48 hours.

For complete details, see our Privacy Policy and Terms of Service.