Privacy Policy

The short version

We collect what we need to run your protocol — your account info, your profile (age/sex/etc.), and the lab results you upload. We store everything in the European Union, encrypted at rest. We do not sell your data. You can export or delete it at any time. The long version below explains every detail.

1. Who we are

The data controller is Rhomn & Co (Montenegro), operator of Perfect Lyfe and the website at perfectlyfe.com. Reach the team at hello@perfectlyfe.com. Privacy-specific requests can go to privacy@perfectlyfe.com.

2. What we collect

Account information

• Email address and a hashed password (or OAuth identifier from Apple / Google)
• Sign-in metadata (IP address, browser, timestamps) — for security

Profile information you give us

• Age, sex assigned at birth, weight, height
• Activity level, dietary preferences
• Self-declared known conditions
• Selected wellness track (e.g. Longevity)

Health and bloodwork data

• Lab PDFs and images you upload (stored encrypted, accessible only to you)
• Biomarker values extracted from those documents (e.g. Vitamin D 22 ng/mL)
• Generated supplement protocols and your daily intake logs

Technical and usage data

• Device and browser type, operating system
• Pages visited, features used, error logs
• Crash reports — anonymised wherever practical, used only to fix bugs

3. Why we process it (legal bases under the GDPR)

The lawful bases for processing your data under Article 6 of the GDPR are:

• Contract (Art. 6(1)(b)) — to deliver the Service you signed up for: extract markers, build your protocol, log daily intake.
• Explicit consent (Art. 9(2)(a)) — for processing health data, which is a special category under Art. 9. You give consent at sign-up by accepting these terms; you can withdraw it at any time by deleting your account.
• Legitimate interest (Art. 6(1)(f)) — security monitoring, fraud prevention, and anonymous product analytics.

4. Where your data lives

All personal data is stored in the European Union (Supabase region: eu-west-1, Ireland). Files in storage (lab PDFs) and rows in the database are encrypted at rest with AES-256. All transit is over TLS 1.2 or higher.

5. Third-party processors

We use a small number of vetted sub-processors. Each only receives the minimum data required to perform their function, and each is bound by a Data Processing Agreement (DPA) compatible with GDPR.

• Supabase (Ireland) — authentication, database, file storage. Hosts the bulk of your data.
• Google (Gemini API)— extracts biomarker values from your uploaded PDF. Receives the PDF bytes for the duration of a single API call. Google's terms for the Gemini API state customer content is not used to train models.
• Anthropic (Claude API)— generates the plain-language “why” copy attached to each recommendation. Receives the structured recommendation (supplement name, dose, biomarker reference) — never your raw lab PDF or personal identifiers.
• Vercel — hosts the web frontend. Sees standard HTTP request metadata; does not store your bloodwork.
• Resend — delivers transactional email (verification, password reset, retest reminders). Receives your email address and the message content.
• Fly.io (planned) — hosts the AI orchestration service. Will sit on the path between your browser and Gemini / Anthropic.

6. What we do NOT do

• We do not sell your data, ever.
• We do not share your data with insurers or employers.
• We do not use your bloodwork data for advertising or personalised marketing.
• We do not feed your bloodwork or profile into LLM training datasets.

7. Retention

• Account, profile, bloodwork, protocols, and intake logs — kept for as long as your account is active.
• Lab PDFs — retained for the lifetime of the account so you can re-extract or audit. You can delete individual uploads at any time.
• Red-zone events (medical alerts) — kept indefinitely as an append-only audit trail, even after account deletion (in anonymised form), for safety-engineering purposes.
• Backups — full database snapshots are retained for 30 days for disaster recovery, then permanently deleted.

8. Your rights

Under the GDPR (and equivalent rights in other jurisdictions) you can:

• Access — request a copy of all data we hold about you.
• Rectify — correct any inaccurate information (most fields are editable in the Profile screen).
• Erase— delete your account and all associated data. We'll do this within 30 days of your request.
• Portability — receive a structured export (JSON / CSV) of your account, profile, biomarkers, protocols, and intake history.
• Restrict or object to processing based on legitimate interest.
• Withdraw consent for health-data processing (which means deleting your account, since the Service cannot function without it).
• Lodge a complaint with your national data protection authority.

To exercise any of these rights, email privacy@perfectlyfe.com.

9. Cookies and tracking

We use a small number of strictly necessary cookies for authentication and session management. We do not use third-party advertising or tracking cookies. If we add product analytics (e.g. PostHog), it will be self-hosted in the EU and configured to anonymise IP addresses.

10. Children

The Service is for users 18 and older. We do not knowingly collect data from children. If you believe a child has created an account, email us at privacy@perfectlyfe.com and we'll delete it.

11. Security

We protect your data with:

• Encryption at rest (AES-256) for all database rows and storage objects
• TLS 1.2+ for every network request
• Postgres Row-Level Security so even our internal services can only read data scoped to one user
• Password hashing using industry-standard algorithms (bcrypt)
• Mandatory email verification on sign-up
• Audit logs for medical-alert events (append-only, deletes blocked at the database role level)
• Vendor selection biased toward EU-region hosting and DPA-bound processors

No system is perfect. If a breach occurs that affects your data, we will notify you and the relevant supervisory authority within 72 hours, as required by GDPR.

12. Changes to this policy

We may revise this policy as the Service evolves. Material changes will be communicated by email or in-app notice. The version date at the top of this page always reflects the current policy.

13. Contact

General questions: hello@perfectlyfe.com
Privacy and data-rights requests: privacy@perfectlyfe.com