Privacy Policy

Last Updated: March 6, 2026

IntoTheGrey ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application IntoTheGrey (the "App").

Health Data Protection

Your health and supplement tracking data is treated with the highest level of privacy protection:

  • NEVER used for advertising, marketing, or data mining
  • NEVER sold or shared with third parties
  • NEVER stored in iCloud or third-party cloud services
  • You have complete control over your health data (view, edit, delete at any time)

Your supplement tracking, dose logs, and wellness notes remain entirely private to you.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Email address and password when you create an account
  • Profile Information: Display name, measurement preferences (metric/imperial), theme preferences
  • Health-related Tracking Data: Supplement/compound names, vial inventory, reconstitution details, dose logs, reminder schedules, daily wellness entries (mood, energy, sleep ratings - if you choose to log them), and notes that you choose to enter
  • Age Verification: Confirmation that you are 21 years of age or older

Important: All health-related data is stored solely for your personal tracking purposes. We do not analyze, aggregate, or use your health data for any purpose other than providing the app's functionality to you.

1.2 Information Collected Automatically

  • Device Information: Device type, operating system version, unique device identifiers
  • Usage Data: App feature usage, screen views, session duration (only if you consent to analytics)
  • Crash Data: Error logs and crash reports to help us fix bugs (only if you consent)

1.3 Information We Do NOT Collect

  • Location data
  • Contacts or address book
  • Photos or camera data
  • Biometric data
  • Financial or payment information

2. How We Use Your Information

We use your information to:

  • Provide and maintain the App's functionality
  • Create and manage your account
  • Store and sync your tracking data across devices
  • Send you reminders you have configured
  • Improve the App based on anonymous usage patterns (with consent)
  • Fix bugs and improve stability (with consent)
  • Respond to your support requests
  • Comply with legal obligations

3. Data Storage and Security

3.1 Where Your Data Is Stored

Your data is stored securely using Supabase (hosted in the United States), which provides enterprise-grade security including:

  • Encryption at rest and in transit (TLS/SSL)
  • Row Level Security (RLS) - you can only access your own data
  • Regular security audits and monitoring
  • SOC 2 Type II compliance

Health-related data is isolated from analytics and stored exclusively for your personal use.

3.2 Security Measures

We implement appropriate technical and organizational measures to protect your data:

  • Encrypted database connections
  • Row-level security policies ensuring you can only access your own data
  • Secure authentication with password hashing
  • Session timeouts after periods of inactivity
  • No storage of sensitive data in device backups

4. Data Sharing

We do not sell, trade, or share your personal information or health data with third parties except:

  • When required by law or legal process
  • To protect our rights, safety, or property
  • With Supabase (our infrastructure provider) under strict data processing agreements

We do NOT share your data with:

  • Advertisers or marketing companies
  • Data brokers or analytics aggregators
  • Insurance companies or healthcare providers
  • Any third party for commercial purposes

5. Analytics

If you consent to analytics, we collect anonymous usage data to improve the app. This data cannot identify you personally and does NOT include:

  • Compound names or supplement details
  • Dosage information
  • Wellness ratings or notes
  • Any personally identifiable health data

You can opt out of analytics at any time in Settings.

6. Data Retention

  • Active accounts: Your data is retained as long as your account is active
  • Account deletion: All personal and health data is permanently deleted within 30 days
  • Backups: Deleted data is removed from backups within 90 days
  • Legal requirements: We may retain data longer if required by law

7. Your Rights (GDPR/CCPA Compliance)

You have the following rights regarding your personal and health data:

  • Right to Access: View all your data within the app at any time
  • Right to Rectification: Edit your profile, vials, and logs at any time
  • Right to Erasure: Delete your account and all associated data permanently
  • Right to Data Portability: Export your data in machine-readable format (coming soon)
  • Right to Object: Opt out of analytics tracking in Settings
  • Right to Withdraw Consent: Change privacy preferences at any time

To exercise any of these rights, contact us at privacy@intothegrey.app or use the in-app settings.

EU Residents (GDPR)

If you are in the European Union, you also have the right to:

  • Restrict processing
  • Lodge a complaint with a supervisory authority

California Residents (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information is collected
  • Know whether your data is sold or disclosed (we do NOT sell data)
  • Equal service and price regardless of privacy choices

8. Children's Privacy

The App is intended for adults aged 21 and older. We do not knowingly collect information from anyone under 21 years of age. If we learn we have collected personal information from someone under 21, we will delete that information immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy in the App
  • Updating the "Last Updated" date
  • Sending a notification for material changes

Your continued use of the App after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: privacy@intothegrey.app

Summary

What We CollectWhyYour Control
Email & passwordAccount accessDelete account anytime
Tracking dataCore app functionalityEdit or delete anytime
Usage analyticsImprove the appOpt-in only, can disable
Crash reportsFix bugsOpt-in only, can disable

✓ We NEVER sell your data
✓ We NEVER share health information with advertisers
✓ We NEVER use health data for marketing or data mining
✓ Health data is NEVER stored in iCloud