Privacy Policy
Effective Date: January 16, 2026
Last Updated: January 16, 2026
Version: 1.0.0
INTRODUCTION
Daily Peptide ("we," "our," "us," or "the App") is a personal tracking and productivity tool designed to help you log, schedule, and visualize your health data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application.
Important: Daily Peptide is a personal productivity and organizational tool for tracking and visualizing your data. It is not a medical device, does not provide medical advice, and is not FDA-approved or medically certified.
By using Daily Peptide, you agree to this Privacy Policy. If you do not agree, please do not use the App.
1. INFORMATION WE COLLECT
We collect only the information necessary to provide you with a personalized tracking experience. All data you enter belongs to YOU and is stored securely for YOUR use only.
1.1 Account Information (Required for Account Creation)
When you create an account, we collect the following information:
Email Address
Purpose: Account authentication, account recovery, security notifications
Required: Yes
User Control: Update in Settings
Username
Purpose: Display name in app and notifications (not your real name)
Required: Yes
User Control: Change anytime
Age
Purpose: Feature personalization and age-appropriate content
Required: Yes
User Control: Update in Settings
Gender
Purpose: Feature personalization (e.g., recommended metrics)
Required: Yes
User Control: Update in Settings
Height
Purpose: Calculation features and metric displays
Required: Yes
User Control: Update in Settings
Weight
Purpose: Calculation features and metric tracking
Required: Yes
User Control: Update in Settings
How We Use It:
Authenticate your account (email)
Personalize your app experience (username, age, gender, height, weight)
Display your username in notifications and app screens
Enable age-appropriate features
How We Store It:
Encrypted in Firebase Authentication (Google Cloud)
Isolated to your account only (no user can see another user's data)
Protected by Firebase security rules (row-level access control)
Important Notes:
We do NOT verify your identity or age
You may use a pseudonym as your username
Your real name is NEVER required
Only YOU can access your account information
1.2 Optional Marketing Communications
During account creation, you will see an optional checkbox:
"I'd like to receive occasional updates about new features and tips for using Daily Peptide (max 1-2 emails per month)"
Your Choices:
Opt-In (Checked): You'll receive occasional emails about app updates, new features, and helpful tips
Opt-Out (Unchecked): You'll receive NO marketing emails (only critical account-related emails like password resets)
What We Send (If You Opt-In):
Feature announcements (e.g., "New AI meal estimation available")
Product updates (e.g., "iOS version 1.0.6 released")
Tips for better tracking (e.g., "5 ways to optimize your logs")
Frequency: Maximum 1-2 emails per month (typically less)
What We DON'T Send:
Spam or promotional content unrelated to Daily Peptide
Third-party advertisements
Your data to marketing companies
Surveys or requests for personal information
Unsubscribe Anytime:
Click "Unsubscribe" link in any email (instant opt-out)
Change setting in app Settings → Notifications
Email us at contact@thedailypeptide.com
Note: Even if you unsubscribe from marketing emails, you will still receive critical account security emails (password resets, account deletion confirmations, security alerts).
1.3 Health Tracking Data (User-Generated Only)
All health data is ENTERED BY YOU voluntarily. We do NOT:
Collect data from wearables or third-party apps (unless you manually enter it)
Access your device's Health app or Google Fit
Pull data from medical records or providers
Predict or diagnose health conditions
Data You May Choose to Log:
Peptide Tracking Data
Peptide names (e.g., "Tirzepatide," "Semaglutide")
Scheduled times (e.g., "8:00 AM")
Amounts (e.g., "2.5 mg")
Log history (dates/times you recorded taking a peptide)
Custom plan names (e.g., "Summer Cut Plan")
Purpose: Personal schedule management and adherence tracking
Storage: Firebase (encrypted) + Supabase (encrypted)
Access: Only YOU via your authenticated account
Activity & Nutrition Logs
Daily steps count
Water/hydration intake
Meal descriptions and macros (protein, carbs, fat, calories)
Purpose: Personal health metric tracking
Storage: Supabase (encrypted, row-level security)
Access: Only YOU
Body Measurements
Weight logs
Body composition (if you choose to track)
Purpose: Progress tracking and visualization
Storage: Supabase (encrypted)
Access: Only YOU
Supplement Logs
Supplement names (e.g., "Vitamin D," "Creatine")
Dosages and times
Purpose: Personal supplement tracking
Storage: Supabase (encrypted)
Access: Only YOU
Custom Health Trackers
Mood ratings (e.g., 1-10 scale)
Energy levels
Sleep quality (if you manually log it)
Custom metrics you create (e.g., "Headache intensity")
Purpose: Personal progress tracking
Storage: Supabase (encrypted)
Access: Only YOU
Privacy Commitment:
User Isolation: Each user's data is isolated by design. No user can see another user's data
No Social Features: No sharing, no leaderboards, no public profiles
No Analytics on Health Data: We do NOT analyze or aggregate your health logs for commercial purposes
No Third-Party Sharing: Your health data is not shared with advertisers, insurance companies, or health providers
Important Disclaimer: While we implement industry-standard security measures including user isolation, no system is perfect. We accept ZERO liability for:
Data exposure due to software bugs, security vulnerabilities, or technical errors
Unauthorized access resulting from system failures or breaches
Data leaks across user accounts due to software defects
Any consequences of data exposure or security incidents
YOU ASSUME ALL RISK associated with storing data in the app. We recommend maintaining your own separate backups of critical information.
1.4 User Preferences & Settings
App Configuration Data (Not Sensitive):
Notification preferences (on/off, times)
Unit preferences (metric/imperial)
Theme preferences (light/dark mode)
Language settings
Time zone
Purpose: Customize how the app displays information to YOU
Storage: Firebase (encrypted)
Access: Only YOU
Sharing: NEVER shared with third parties
1.5 Device & Technical Information (Automatically Collected)
We collect minimal technical data to make the app function properly:
Device ID
Purpose: Push notifications (Firebase Cloud Messaging)
Shared with Third Parties: Firebase only (Google)
Operating System
Purpose: Bug fixes, compatibility
Shared with Third Parties: No
App Version
Purpose: Feature compatibility
Shared with Third Parties: No
Device Model
Purpose: Layout optimization (e.g., iPhone vs iPad)
Shared with Third Parties: No
Screen Resolution
Purpose: UI rendering
Shared with Third Parties: No
Crash Logs
Purpose: Debugging (anonymized)
Shared with Third Parties: Firebase Crashlytics (Google)
Error Logs
Purpose: Bug fixes (anonymized)
Shared with Third Parties: No
What We DON'T Collect:
Location data (GPS, IP-based location)
Contacts or address book
Photos or camera access (except for meal AI if you use it)
Microphone or audio
Calendar or email contents
Browsing history
Other installed apps
1.6 AI Features (Optional & Temporary Processing)
Google Gemini AI (Meal Macro Estimation - Optional Feature):
What Happens When You Use AI Meal Entry:
You take a photo of your meal OR describe it in text
Photo/description sent to Google Gemini API (temporarily)
Gemini estimates macros (protein, carbs, fat, calories)
Results returned to you in the app
Photo/description DELETED immediately (not stored permanently)
Privacy Details:
Temporary Processing: Data sent to Google Gemini for analysis only
Not Stored by Us: We do NOT save your meal photos or descriptions
Not Stored by Google: Google does NOT store data from paid API calls (per their policy)
Optional Feature: Don't use AI meal entry if you prefer manual logging
No Personal Identifiers: Only the meal image/text is sent (no name, email, or account ID)
Google's Data Policy:
Google Gemini API processes data transiently (not retained)
Subject to Google's Cloud Platform Terms: https://cloud.google.com/terms
Your Control:
Don't use AI meal entry → Zero data sent to Google
Use AI meal entry → Only meal image/description sent (temporarily)
AI Accuracy Disclaimer:
AI meal estimation uses Google Gemini AI, which has significant limitations:
Inaccuracy: AI estimates may be off by 50% or more (highly variable)
Hallucinations: AI may invent ingredients, macros, or calorie counts not present in your meal
Not Verified: Estimates are NOT verified by nutritionists or medical professionals
General Estimates: AI provides rough approximations, NOT precise nutritional analysis
Context Limitations: AI cannot account for portion sizes, cooking methods, or hidden ingredients accurately
NO WARRANTY OF ACCURACY: We provide AI meal estimation "AS IS" with NO warranty regarding accuracy, reliability, or suitability for any purpose.
USE AT YOUR OWN RISK: AI estimates are for convenience only. Do NOT rely on AI estimates for medical conditions, dietary requirements, or programs requiring precision.
2. HOW WE USE YOUR INFORMATION
We use your data ONLY to provide YOU with the app's features. We do NOT use it for advertising, selling, or profiting from your personal information.
2.1 Core App Functionality
Account Authentication
Data Used: Email, password (hashed)
How It Benefits You: Secure login, account recovery
Personalized Experience
Data Used: Username, age, gender, height
How It Benefits You: Custom app interface, age-appropriate features
Health Tracking
Data Used: Logs you enter (peptides, steps, meals, etc.)
How It Benefits You: View your progress, trends, statistics
Schedule Management
Data Used: Peptide schedules, times
How It Benefits You: Remind you when to log entries
Data Synchronization
Data Used: All user data
How It Benefits You: Access your data on multiple devices
Important: Synchronization may fail. We are NOT liable for sync failures, data conflicts, or data loss. Do NOT rely solely on app sync for critical data backup.
Progress Visualization
Data Used: Historical logs
How It Benefits You: Generate charts, graphs, statistics
Push Notifications
Data Used: Device ID, schedule data
How It Benefits You: Send reminders at your scheduled times
Important: Notifications may fail or be delayed. Do NOT rely on app notifications for critical reminders. Use backup methods.
Calculator Features
Data Used: Height, weight, dosage inputs
How It Benefits You: Perform mathematical calculations
Important: Calculations are for reference ONLY. We do NOT guarantee accuracy. You MUST verify ALL calculations with your healthcare provider.
2.2 App Improvement & Maintenance
Bug Fixes
Data Used: Crash logs (anonymized)
Details: Identify and fix app crashes
Performance Optimization
Data Used: App version, device model
Details: Improve speed and compatibility
Feature Development
Data Used: Anonymized usage patterns
Details: Prioritize new features
Security Monitoring
Data Used: Login attempts, error logs
Details: Detect and prevent unauthorized access
Important:
Usage data is ANONYMIZED (no personal identifiers)
We analyze trends, NOT individual users
We NEVER sell analytics to third parties
2.3 Communication (Only When Necessary)
Push Notifications (Reminders)
Frequency: Based on your schedule
Opt-Out: Yes (disable in Settings)
Account Security Emails
Frequency: As needed
Opt-Out: No (critical for security)
Marketing Emails
Frequency: Max 1-2/month
Opt-Out: Yes (unsubscribe link)
Support Responses
Frequency: As needed
Opt-Out: N/A (you initiated contact)
3. DATA SHARING & DISCLOSURE
We do NOT sell, rent, or share your personal data with third parties for their marketing or commercial purposes.
3.1 What We DO NOT Do
Sell Your Data: Your data is NOT a product we sell
Share with Advertisers: No advertising integrations
Share with Data Brokers: We do NOT participate in data brokerage
Share with Insurance Companies: Your health data stays private
Share with Employers: No employment or HR integrations
Share with Healthcare Providers: Unless YOU export and share it yourself
Share for Marketing Purposes: No third-party marketing
Share with Social Media: No social integrations
Aggregate and Sell: We do NOT sell aggregated data
3.2 What We DO Share (Infrastructure & Services)
We share data ONLY with trusted service providers necessary to operate the app:
Firebase (Google Cloud) - Authentication, Storage, Notifications
Email, password (hashed):
Purpose: Account authentication
Privacy Protection: Encrypted in transit and at rest
User data (plans, preferences):
Purpose: Cloud storage and sync
Privacy Protection: Row-level security (users isolated)
Device ID:
Purpose: Push notifications
Privacy Protection: No personal identifiers
Crash logs (anonymized):
Purpose: Debugging
Privacy Protection: No user-identifiable information
Firebase Privacy Policy: https://firebase.google.com/support/privacy
Google Cloud Terms: https://cloud.google.com/terms
Your Protection:
Firebase is SOC 2, ISO 27001 certified
GDPR and CCPA compliant
Data encrypted at rest (AES-256)
Data encrypted in transit (TLS 1.2+)
Supabase (PostgreSQL) - Database Storage
Health logs:
Purpose: Daily tracking data storage
Privacy Protection: Row-level security (users isolated)
Peptide logs:
Purpose: Adherence tracking
Privacy Protection: Encrypted at rest
Supplement logs:
Purpose: User tracking
Privacy Protection: User-specific access control
Supabase Privacy Policy: https://supabase.com/privacy
Supabase Security: https://supabase.com/security
Your Protection:
PostgreSQL with row-level security (RLS)
Each user can ONLY access their own data
Encrypted connections (TLS)
SOC 2 Type II certified
Google Gemini AI - Meal Macro Estimation (Optional)
Meal photo OR text description:
Purpose: Macro estimation (AI analysis)
Retention: NOT stored (temporary processing)
Google Gemini API Terms: https://cloud.google.com/terms/service-terms
Your Protection:
Data NOT stored by Google (per API policy)
No personal identifiers sent
Optional feature (don't use it = zero data sent)
3.3 Legal Disclosures (Rare & Only When Required by Law)
We may disclose your information if legally required:
Valid Court Order: Subpoena from law enforcement
Our Response: Comply with legal obligation (notify you if permitted)
Protect Rights: Prevent fraud, unauthorized access
Our Response: Investigate and take action
Emergency Situations: Imminent threat to safety
Our Response: Disclose minimum necessary information
Business Transfer: Company acquisition or merger
Our Response: Notify users, ensure same privacy standards
Transparency Commitment: We will notify you of legal requests unless prohibited by law.
4. DATA SECURITY
We take security seriously. However, no system is 100% secure. We implement industry-standard measures to protect your data.
4.1 Encryption
In Transit (Network): TLS 1.2+ (HTTPS) - Industry standard
At Rest (Firebase): AES-256 - Military-grade
At Rest (Supabase): AES-256 - Military-grade
Local Device: Secure Enclave (iOS), Keystore (Android) - Platform-specific
4.2 Access Controls
User Isolation: Each user's data is isolated via unique User ID (UID)
Row-Level Security: Supabase enforces WHERE user_uid = auth.uid() on ALL queries
Firebase Security Rules: Only authenticated users can access their own data
Password Hashing: bcrypt/scrypt (not stored in plain text)
Two-Factor Authentication: Planned for future release
4.3 Security Practices
Regular Audits: Quarterly security reviews
Secure Coding: OWASP guidelines, code reviews
Dependency Updates: Monthly checks for vulnerabilities
Automatic Logout: After 30 days of inactivity (optional)
Session Management: Tokens expire after 7 days
4.4 Your Responsibilities
To keep your account secure:
Use a strong, unique password
Enable two-factor authentication (when available)
Don't share your password
Sign out on shared devices
Update the app regularly
If You Suspect Unauthorized Access: Email contact@thedailypeptide.com immediately.
4.5 Security Limitations
While we implement industry-standard security measures, we cannot guarantee absolute security. No system is 100% secure.
WE ACCEPT ZERO LIABILITY FOR:
Data breaches, unauthorized access, or data exposure
Security vulnerabilities, software bugs, or coding errors
Third-party breaches (Firebase, Supabase, Google)
Technical failures or system malfunctions
Data loss or corruption
Cross-user data exposure due to software defects
Any consequences resulting from security incidents
YOU ASSUME ALL RISK associated with storing data in the app. We recommend:
Using strong passwords and enabling two-factor authentication (when available)
Regularly exporting your data for backup
Not storing highly sensitive medical information in the app
Consulting your healthcare provider about secure data storage practices
5. DATA RETENTION & DELETION
We keep your data as long as your account is active. When you delete your account, ALL data is removed within 30 days.
5.1 Active Accounts
Account Information: Until you delete your account
Access: Accessible anytime
Health Logs: Until you delete your account
Access: Accessible anytime
Preferences: Until you delete your account
Access: Editable anytime
Backups: 30 days (rolling, encrypted)
Access: Not accessible (disaster recovery only)
Important: Backups are NOT guaranteed. Backup systems may fail without notice. We are NOT liable for backup failures or inability to restore data. YOU are responsible for maintaining your own backups of critical information.
Inactive Accounts:
We do NOT delete inactive accounts automatically
Your data remains accessible indefinitely
Sign back in anytime to access your data
5.2 Account Deletion (Permanent & Irreversible)
What Happens When You Delete Your Account:
Step 1: Initiate Deletion (Instant)
Go to Settings → Account → Delete Account
Step 2: Confirmation Dialog (Instant)
Type "DELETE" to confirm (prevents accidental deletion)
Step 3: Local Data Removal (Immediate)
All data removed from your device
Step 4: Cloud Deletion (Within 24-48 hours)
All Firebase and Supabase data removed
Step 5: Backup Removal (Within 30 days)
All backups purged from disaster recovery systems
Important Warnings:
Irreversible: Once deleted, data CANNOT be recovered
No "Undo": We cannot restore your data after deletion
Export First: Download your data before deleting (export feature available in Settings)
Proof of Deletion: Email contact@thedailypeptide.com if you need written confirmation of account deletion. Please allow up to 30 days for full data removal from all systems, including backups.
5.3 Data You Delete Manually (Individual Logs)
Delete a single log (swipe to delete)
Effect: Removed from app and cloud within 1 hour
Reversible: No (permanent)
Delete a plan
Effect: Removed immediately
Reversible: No (permanent)
Delete a meal log
Effect: Removed immediately
Reversible: No (permanent)
Note: Manual deletions are synced across all your devices within 1 hour.
6. YOUR RIGHTS & CONTROLS
You have FULL control over your data. Below are your rights and how to exercise them.
6.1 Right to Access Your Data
You can view ALL your data anytime:
Account settings (name, email, age, demographics)
All logs (peptides, steps, meals, etc.)
Preferences and settings
Notification history
How to Access: Open the app → Settings → Account
6.2 Right to Export Your Data
You can download ALL your data in machine-readable format (JSON):
Account information
Health logs (all dates)
Plans and schedules
Preferences
How to Export: Settings → Account → Export Data
What You Get: A ZIP file containing JSON files with all your data.
6.3 Right to Correct Your Data
You can edit ANY data anytime:
Account information (name, age, height, weight)
Past logs (tap to edit)
Plans and schedules
Preferences
How to Correct: Tap any field → Edit → Save
Sync: Changes sync across all devices within 1 hour.
6.4 Right to Delete Your Data
You can delete:
Individual logs (swipe to delete)
Entire plans
Your entire account (Settings → Delete Account)
Important: Deletions are permanent and cannot be undone.
6.5 Right to Opt-Out of Communications
Push Notifications: Settings → Notifications → Disable
Marketing Emails: Click "Unsubscribe" in any email OR Settings → Notifications → Unsubscribe
Account Security Emails: Cannot opt-out (critical for account security)
6.6 Right to Withdraw Consent
You can withdraw consent anytime:
Disable AI meal estimation (Settings → AI → Disable)
Stop using the app (no obligation to continue)
Delete your account (permanent data removal)
7. CHILDREN'S PRIVACY
Daily Peptide is NOT intended for children under 13.
We do NOT knowingly collect data from children under 13
If you are under 13, do NOT use this app
If we discover a user is under 13, we will delete their account immediately
If you are a parent/guardian and believe your child has created an account, email contact@thedailypeptide.com and we will delete it within 24 hours.
Age Verification: We rely on users to provide accurate age information. We do NOT verify ages.
8. INTERNATIONAL USERS & DATA TRANSFERS
Daily Peptide is operated from the United States.
If you are outside the U.S.:
Your data will be transferred to and stored in the United States
By using the app, you consent to this transfer
U.S. privacy laws may differ from your country
Data Storage Locations:
Firebase: Google Cloud (U.S. data centers)
Supabase: U.S. data centers
GDPR Compliance (European Users):
We provide data access, correction, and deletion rights
You can export your data anytime
You can request data deletion
Email contact@thedailypeptide.com for GDPR requests
9. CALIFORNIA PRIVACY RIGHTS (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
9.1 Right to Know
You have the right to know:
What personal information we collect
How we use it
Whether we sell or share it (we do NOT)
How to Exercise: Email contact@thedailypeptide.com with subject "CCPA Request - Right to Know"
9.2 Right to Delete
You have the right to request deletion of your personal information.
How to Exercise: Settings → Account → Delete Account OR email contact@thedailypeptide.com
9.3 Right to Opt-Out of Sale
We do NOT sell your personal information. Therefore, there is nothing to opt-out of.
9.4 Right to Non-Discrimination
We will NOT discriminate against you for exercising your CCPA rights.
9.5 Verification Process
For CCPA requests, we may ask you to verify your identity by:
Confirming your email address
Answering account security questions
Response Time: We will respond within 45 days.
10. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time.
When we make changes:
We update the "Last Updated" date
We increment the version number
We notify you via email (if changes are significant)
We notify you in-app (popup on next launch)
Continued use after changes = acceptance of new Privacy Policy.
How to Stay Informed:
Check "Last Updated" date regularly
Review Privacy Policy in app: Settings → Legal → Privacy Policy
11. THIRD-PARTY LINKS
Daily Peptide may contain links to third-party websites (e.g., peptide information sites, research papers).
We are NOT responsible for:
Third-party privacy practices
Third-party security measures
Content on third-party sites
Recommendation: Read the privacy policies of any site you visit.
12. DO NOT TRACK (DNT) SIGNALS
Daily Peptide does NOT respond to "Do Not Track" (DNT) browser signals.
Why: DNT is a browser feature, and Daily Peptide is a mobile app (not a website). We do NOT track you across websites.
13. CONTACT US
For privacy questions, concerns, or requests:
Email: contact@thedailypeptide.com
Website: https://thedailypeptide.com/legal/privacy-policy
Mailing Address:
Response Time: We aim to respond within 48 hours (business days).
14. LIMITATION OF LIABILITY
TO THE MAXIMUM EXTENT PERMITTED BY LAW:
We are NOT liable for any damages arising from use of the app
We are NOT liable for data breaches, unauthorized access, or data loss
We are NOT liable for third-party service failures (Firebase, Supabase, Google)
We are NOT liable for health outcomes or adverse effects
We are NOT liable for inaccurate data, calculations, or AI estimates
USE AT YOUR OWN RISK.
15. ACKNOWLEDGMENT
BY USING DAILY PEPTIDE, YOU ACKNOWLEDGE THAT YOU HAVE:
Read this Privacy Policy in full, including the Important Notice at the top
Understood how we collect, use, and protect your data
Agreed to all terms, conditions, and disclaimers described above
Understood that this app is a CONVENIENCE TOOL ONLY - NOT a medical tool
Understood that you must NOT rely on this app for critical functions or medical decisions
Acknowledged that we accept ZERO liability for data loss, sync failures, security breaches, or health outcomes
Agreed to assume ALL risks associated with using this app
Agreed that YOU are solely responsible for:
Maintaining your own backups of critical information
Verifying all data and calculations with healthcare professionals
All medical decisions and health outcomes
Understood all limitations regarding security, backups, synchronization, and notifications
IF YOU DO NOT AGREE, DO NOT USE DAILY PEPTIDE.
THIS APP IS PROVIDED AS A CONVENIENCE TOOL ONLY. USE AT YOUR OWN RISK.
Last Updated: January 16, 2026
Privacy Policy Version: 1.0.0
© 2026 Daily Peptide LLC. All rights reserved.