Privacy Policy

Effective Date: January 1, 2025
Last Updated: February 1, 2026

PepTrac is committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how we collect, use, store, and protect your data.

Information We Collect

Personal Health Information

Data You Provide:

  • Protocol information (peptide types, dosages, schedules)
  • Shot tracking data (completion times, injection sites, dosages)
  • Daily log entries (symptoms, metrics, measurements)
  • Height and weight measurements
  • Custom notes and observations

Automatically Collected:

  • App usage patterns and feature utilization
  • Technical performance data
  • Crash reports and error logs
  • Device information (model, iOS version, app version)

Telemetry and Anonymous Analytics

PepTrac collects anonymous usage analytics through TelemetryDeck, a privacy-focused and GDPR-compliant analytics provider. TelemetryDeck only receives non-identifiable usage signals, which help us understand feature adoption and improve app performance.

TelemetryDeck does not collect personal health information, protocol data, notes, identifiers, or any data that can be used to identify you or your device.

Apple Health Integration

When you enable Apple Health sync:

  • We read height and weight data from your Health app
  • We write daily log metrics to your Health app (with permission)
  • All Health data access requires explicit user consent
  • You can revoke permissions at any time

Device and Technical Data

  • Device identifiers for app functionality
  • Network connection information
  • App performance metrics
  • User interface interaction patterns
  • Local storage usage patterns

How We Use Your Information

Primary Uses

Treatment Tracking:

  • Display your protocols, shots, and daily logs
  • Calculate estimated level estimates and dosing recommendations
  • Generate reminders and notifications
  • Create analytics and progress visualizations

App Functionality:

  • Sync data across app features
  • Provide personalized user experience
  • Maintain data consistency and accuracy
  • Enable import/export capabilities

Performance & Reliability:

  • Identify and fix technical issues
  • Optimize app performance
  • Prevent data loss or corruption
  • Ensure compatibility across devices
  • Use anonymous usage analytics via TelemetryDeck to understand feature usage and guide app improvements (without collecting personal or health data)

We DO NOT Use Your Data For:

❌ Marketing or advertising purposes
❌ Selling to third parties
❌ Creating user profiles for external use
❌ Sharing with pharmaceutical companies
❌ Insurance or employment decisions
❌ Research without explicit consent

Data Storage and Security

Local Storage

Primary Storage Location:

  • All core data stored locally on your device
  • SQLite database with built-in encryption
  • No external server transmission required
  • Data remains under your direct control

Cloud Backup (Optional)

iCloud Sync:

  • Optional backup to your personal iCloud account
  • End-to-end encryption through Apple’s systems
  • Sync across your personal devices only
  • You control backup enable/disable

What Gets Backed Up:

  • Protocol configurations
  • Shot history and tracking data
  • Daily log entries and custom metrics
  • App settings and preferences
  • Analytics chart configurations

What Doesn’t Get Backed Up:

  • Temporary files and caches
  • Debug logs and crash reports
  • Calculated values (regenerated on restore)
  • Device-specific settings

Data Sharing and Disclosure

With Your Consent

Export Features:

  • Export data for healthcare providers
  • Share analytics charts and reports
  • Backup data to external services
  • Email data summaries to yourself or medical team

Without Your Consent

We only share data without consent in these limited circumstances:

  • Legal Requirements: When required by law or court order
  • Safety Situations: To prevent harm to you or others
  • Technical Support: Anonymized data for debugging critical issues
  • Anonymous usage analytics via TelemetryDeck, used solely to improve app performance and user experience, without collecting personal or health-related information

We Never Share:

  • Personal health information for marketing
  • Data with insurance companies
  • Information with employers
  • Detailed usage patterns with third parties

Your Privacy Rights

Data Access and Control

View Your Data:

  • Access all stored information through app interface
  • Export complete data sets in multiple formats
  • Review data collection and usage patterns
  • Understand what information is stored locally

Modify Your Data:

  • Edit or delete any stored information
  • Correct inaccurate entries
  • Update personal information
  • Customize data retention preferences

Delete Your Data:

  • Remove specific entries or entire categories
  • Factory reset to clear all data
  • Selective deletion of data types
  • Permanent removal with confirmation

Privacy Settings

Notification Privacy:

  • Control what information appears in notifications
  • Enable privacy mode for sensitive environments
  • Customize reminder content and detail level
  • Manage lock screen information display

Apple Health Permissions:

  • Granular control over Health app integration
  • Enable/disable specific data types
  • Revoke permissions at any time
  • Monitor data sharing activity

Export Controls:

  • Choose what data to include in exports
  • Control sharing permissions and recipients
  • Set expiration for shared data
  • Manage healthcare provider access

Children’s Privacy

Age Requirements

  • PepTrac is designed for users 18 years and older
  • We do not knowingly collect data from children under 18
  • Parental consent required for users under 18
  • Special protections for minor users

Parental Rights

If your child uses PepTrac with medical supervision:

  • Parents can access and control child’s data
  • Healthcare provider oversight recommended
  • Enhanced privacy protections apply
  • Right to request data deletion

International Users

Data Processing

  • Data processed locally on your device
  • Minimal data transmission outside your device
  • Compliance with local privacy laws
  • No cross-border data transfer for core functionality

Regional Requirements

European Union (GDPR):

  • Enhanced consent mechanisms
  • TelemetryDeck processes only anonymous, non-identifiable usage signals in compliance with GDPR Article 4(5) and maintains full pseudonymization and privacy protections.
  • Right to data portability
  • Right to be forgotten
  • Data protection officer contact

California (CCPA):

  • Right to know about data collection
  • Right to delete personal information
  • Right to opt-out of data sales
  • Non-discrimination for exercising rights

Changes to This Policy

Notification Process

How We Notify You:

  • In-app notifications for policy updates
  • Email notification to registered users
  • Prominent display of changes in app
  • Option to review full policy changes

Your Choices:

  • Continue using app indicates acceptance
  • Option to export data before policy takes effect
  • Right to delete account if you disagree
  • Contact support with questions about changes

Version History

  • Previous policy versions available on request
  • Change log maintained for transparency
  • Effective dates clearly marked
  • Reason for changes explained

Data Retention

Retention Periods

Active Usage:

  • Data retained as long as you use the app
  • No automatic deletion of active data
  • User controls all data lifecycle decisions

Inactive Accounts:

  • Data remains until you choose to delete
  • No automatic account deactivation
  • Local storage means data persists on device

Backup Data:

  • iCloud backups follow Apple’s retention policies
  • Exported data retention controlled by you
  • Shared data retention managed by recipients

Contact Information

Privacy Questions

Email: support@peptrac.com
Response Time: 5-7 business days for privacy inquiries

Data Requests

For data access, modification, or deletion requests:

  1. Email support@peptrac.com with your request
  2. Include verification information (device model, app version)
  3. Specify exactly what data or action you’re requesting
  4. Allow 10-14 days for complex data requests

Complaints and Concerns

Regulatory Bodies:

  • Contact your local data protection authority
  • File complaints with relevant privacy commissioners
  • Report concerns to app store providers
  • Escalate through legal channels if necessary

Security Measures

Technical Safeguards

  • Device encryption for all stored data
  • Secure coding practices and regular updates
  • Anonymous analytics signals processed by TelemetryDeck include no personal identifiers and are encrypted in transit.
  • Protection against common security vulnerabilities
  • Regular security assessments and improvements

Operational Safeguards

  • Employee training on privacy protection
  • Access controls for any data handling
  • Incident response procedures
  • Regular privacy impact assessments

Physical Safeguards

  • Data stored locally on your secured device
  • No centralized servers with personal data
  • Protection relies on your device security
  • Backup security through Apple’s infrastructure

Effective Date and Agreement

This Privacy Policy is effective as of the date listed above. By using PepTrac, you agree to the collection and use of information in accordance with this policy.

Last Review Date: February 1, 2026
Next Scheduled Review: May 1, 2026

Your privacy is fundamental to our mission of providing secure, effective peptide therapy tracking.