Introduction
StrainFit ("we," "our," or "us") is committed to protecting your privacy and the confidentiality of your personal health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application.
Information We Collect
Personal Information
When you create an account, we collect:
- Email address
- Name (if provided)
- Account authentication credentials
Health Information
You may voluntarily provide:
- Body type, height, and weight
- Health conditions and wellness goals
- Current medications
- Cannabis tolerance level
- Session data (strain, dosage, consumption method)
- Notes and observations about effects
Vitals and Wearable Data (Future Feature)
With your explicit permission, we may integrate data from:
- Apple Health, Google Fit, or Fitbit
- Blood pressure, heart rate, HRV, SpO₂
- Sleep and activity data
Technical Information
- Device information (type, OS, browser)
- IP address and location data
- Usage analytics and app interactions
- Error logs and crash reports
How We Use Your Information
- Provide Core Services: Track sessions, display analytics, and generate reports
- Personalization: Offer recommendations based on your profile and goals
- Research (Optional): Anonymized data may contribute to cannabis research studies
- Improve Services: Analyze usage patterns to enhance features
- Communication: Send important updates, security alerts, or feature announcements
- Legal Compliance: Comply with applicable laws and regulations
Data Security
We implement industry-standard security measures:
- End-to-end encryption for data in transit (SSL/TLS)
- Encryption at rest for stored data
- HIPAA-compliant cloud infrastructure
- Regular security audits and penetration testing
- Multi-factor authentication options
- Limited employee access with strict confidentiality agreements
Data Sharing
We do not sell your personal health information.
We may share data only in these circumstances:
- With Your Consent: When you explicitly authorize sharing (e.g., exporting reports to your doctor)
- Anonymized Research: De-identified, aggregated data may be shared with research institutions or industry partners (opt-in only)
- Service Providers: Trusted third-party vendors (hosting, analytics) under strict confidentiality agreements
- Legal Requirements: When required by law, court order, or to protect safety
Your Rights
You have the right to:
- Access: Request a copy of all your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request permanent deletion of your account and data
- Export: Download your data in portable formats (PDF, CSV)
- Opt-Out: Decline participation in research data sharing
- Revoke Consent: Withdraw permission for wearable data access at any time
To exercise these rights, contact us at privacy@strainfit.com
Data Retention
We retain your personal data only as long as necessary to provide services or as required by law. You may request deletion at any time. Anonymized research data cannot be reversed once de-identified.
Children's Privacy
StrainFit is intended for users 21 years of age or older (or 18+ in jurisdictions where medical cannabis is legal for adults). We do not knowingly collect information from minors.
Third-Party Services
We use third-party services (Clerk for authentication, MongoDB for data storage, Vercel for hosting). These providers have their own privacy policies and are bound by confidentiality agreements.
International Users
If you access StrainFit from outside the United States, your data may be transferred to and processed in the U.S. By using the app, you consent to this transfer.
Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notification. Your continued use after changes constitutes acceptance of the updated policy.
Contact Us
For privacy-related questions or concerns:
- Email: privacy@strainfit.com
- Address: StrainFit, Inc., [Your Address - To be added when incorporated]