Privacy Policy

1. Information we collect

Account & profile. Email address, hashed password, display name, age, sex, height, weight, unit preference, goal mode, and time zone.

Health & logging data you submit. Food logs, water intake, fasting windows, training sessions and individual set logs, sleep records, energy-burn entries, body metrics (weight, body-fat percentage, measurements), supplement logs, vice/gut signals, AI chat transcripts, voice transcripts (when used), and any photos you upload.

Medical documents you choose to upload. Lab results, doctor notes, prescription information, imaging reports, or other clinical documents you opt to share with the Service. We apply security controls patterned on the HIPAA Security Rule (encryption in transit and at rest, access logging, role-based access controls, audit trails) to all such documents. Fursan Core is NOT a HIPAA Covered Entity, has not executed Business Associate Agreements with all subprocessors at this time, and the protections you receive are not equivalent to those required of a Covered Entity under 45 CFR Parts 160-164.

Device & integration data. Apple Health, Fitbit, Garmin, WHOOP, and Oura data only when you explicitly connect those integrations.

Operational metadata. IP address, user-agent string, request timestamps, security events, audit-log entries, and aggregate usage events used to operate, secure, and improve the Service.

2. How we use your information

We process your information to: (a) provide the Service to you (your dashboard, AI Coach, trend reports, planners, and integrations); (b) keep accounts secure (rate limiting, anomaly detection, session control); (c) investigate abuse, fraud, and security incidents; (d) communicate transactional and account messages; (e) comply with legal obligations; and (f) improve the product through aggregate, de-identified analysis. We do not sell your personal information. We do not use your User Content to train artificial-intelligence models, except where you explicitly opt in to a feature that the Service identifies as model-training.

3. Sharing

We share data only with service providers we engage to operate the Service (hosting and managed database, email delivery, AI providers, payment processors, wearable integrations you choose to enable, nutrition and recipe data sources, and analytics/error-monitoring providers). We require these providers, by contract, to use your data only to deliver their contracted service to us.

We may disclose data when required by law, in response to lawful process, to protect rights and safety, to enforce our Terms, or to investigate fraud and abuse. We will challenge overbroad legal requests where lawful and feasible.

4. Subprocessors & service providers

• Hosting and managed database. Operates account, wellness, medical-document, AI-prompt, and telemetry storage needed to run the Service.
• Email delivery. Transactional email provider sends account-verification, password-reset, and service-notice emails using your email address and limited account metadata.
• AI providers. The configured AI provider receives prompts and relevant account context only when you use an AI feature. AI processing of medical context is gated by your in-product consent.
• Apple services. Apple may process app distribution, Sign-in-with-Apple, push notifications, and on-device HealthKit integration under Apple's developer and platform terms.
• Wearable integrations. Fitbit/Google, Garmin, WHOOP, Oura, or similar providers are involved only when you choose to connect those accounts.
• Nutrition, photo, and recipe services. Food database, barcode, label OCR, recipe, and photo-analysis providers may process the search terms, barcodes, labels, or images you submit to those features.
• Payments. Payment processors handle subscription checkout, billing, and customer-portal workflows when paid plans are enabled.
• Analytics and error monitoring. We rely primarily on internal analytics tables for product and security telemetry; where a third-party monitor is enabled, this list will be updated and active customers notified.

A current named-vendor subprocessor list is available on request to privacy@fursanhealth.com.

5. AI features and medical context

When you use AI features (Coach chat, Vice Plan, Report Analysis, Food Decision, Daily Briefing, Workout Plan), the prompt you submit and relevant context from your account is transmitted to the configured AI provider for processing. Settings → Privacy & Consent displays the active AI provider and lets you opt out of AI features at any time.

Until Fursan Health has executed Business Associate Agreements with our AI providers, the AI provider's standard terms apply to your prompt data, including any data-retention or use-for-service-improvement provisions in the AI provider's terms. You should not include identifiable medical information, identifiable diagnostic data, or identifiable third-party information in any AI prompt unless you have read and accepted the active AI provider's terms. AI outputs are generated by statistical language models, may be inaccurate or fabricated, and must not be relied upon as medical advice.

6. Security

We use HTTPS-only transport with HSTS, bcrypt-class password hashing, server-side session controls with idle and absolute expiry, anti-clickjacking and anti-CSRF mitigations, rate limiting on authentication endpoints, audit logging of privileged actions, and tamper-evident hash-chained ledgering of security events. Production data stores enforce encryption at rest. iOS-stored credentials use the device Keychain with this-device-only access. Internal access to user data is on a least-privilege basis. No system is perfectly secure; if we discover a security breach affecting your data, we will notify you in accordance with applicable law and our internal incident-response plan, generally within 72 hours of confirmation.

On iOS, Fursan Core can re-authenticate with Face ID, Touch ID, or the device passcode when the app foregrounds after a user-configurable idle window. The default local biometric-lock window is five minutes. This local lock is in addition to server-side session enforcement: disabling or lengthening the biometric lock in Settings → Privacy & Consent does not disable server-side session timeouts, including the current native-session inactivity window of approximately 30 minutes before re-sign-in may be required.

If your iOS session expires due to inactivity, offline writes saved on that device, such as food logs, water, supplements, and similar entries, are designed to remain queued until you sign back in as the same user. Signing in as a different user on the same device, explicit sign-out, account deletion, or a high-risk session revocation clears those saved offline writes before they can be sent.

7. Your rights

You can:

• Access and export your data from Settings → Privacy & Consent → Export my data, or by calling GET /account/export. Exports are delivered as structured JSON, which qualifies as a commonly used, machine-readable format under GDPR Article 20.
• Delete your account from Settings → Privacy & Consent → Delete account. This permanently erases your User Content within seven days, subject to limited retention for legal, audit, and fraud-prevention purposes.
• Manage active devices from Settings → Privacy & Consent → Active devices.
• Withdraw consent for AI processing of your medical context at any time.
• Opt out of automated decision-making (GDPR Article 22) from Settings → Privacy & Consent.

If you are in the European Economic Area or the United Kingdom, you have GDPR rights of access, rectification, erasure, restriction of processing, data portability, and objection, including the right to object to processing based on legitimate interests and to lodge a complaint with your supervisory authority. If you are a California resident, you have CCPA/CPRA Rights to Know, Delete, Correct, and Limit Use of Sensitive Personal Information, and the right not to be discriminated against for exercising these rights. We do not sell or share your personal information for cross-context behavioral advertising. Submit any rights request to privacy@fursanhealth.com; we will verify your identity and respond within the timeframes required by applicable law.

8. Data residency and international transfers

Fursan Core's primary processing infrastructure is currently located in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. Where you are in a jurisdiction whose data-protection laws differ from those of the United States, you consent to that transfer in accordance with this Privacy Policy. Where transfers from the European Economic Area or the United Kingdom are involved, we rely on Standard Contractual Clauses, the EU-US Data Privacy Framework where applicable, or other lawful transfer mechanisms.

9. Children

Fursan Core is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has used the Service, contact privacy@fursanhealth.com and we will promptly delete the data.

10. Retention

We retain your account and logging data for as long as your account is active or as needed to provide the Service. When you delete your account, we wipe your User Content within seven days, except for minimal records we must retain for legal, audit, fraud-prevention, or tax purposes. Backup snapshots may persist your data for the lifetime of the backup window (typically 7 to 30 days) before they age out; we do not selectively scrub backups for individual deletion requests, but the data is no longer accessible to the application after the synchronous deletion runs.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Material changes — such as new categories of data, new processing purposes, new subprocessors handling sensitive data, or changes to your rights — will require your affirmative re-acceptance before continued use of the Service. Non-material changes (clarifications, contact-information updates, typographical corrections) will be reflected by updating the Effective date above and providing in-product notice.

12. Contact

Fursan Health, LLC. Privacy questions and rights requests: privacy@fursanhealth.com. Security disclosures: security@fursanhealth.com.