Privacy Policy

vitals is a personal health-tracking application operated by Wendy Ayche in Australia. This policy describes what personal information we collect, how we use it, who we share it with, and your rights under the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

We are a small invite-only product. Even at this scale, the Privacy Act treats vitals as a "health service provider" because we record and help you understand health information. That means the Privacy Act and APPs apply regardless of our turnover.

We collect:

• Account details: email address, password (stored hashed by Supabase Auth), preferred language.
• Profile information: display name, age, sex, pregnancy status, medications and supplements, family history, free-text notes. All optional.
• Lab reports you upload: the original PDF file plus the numeric markers we extract from it.
• DNA reports you upload: the original PDF plus the plain-English findings extracted from it.
• AI-generated content: the dashboard summary, action plan, and any answers Vital gives you in chat. These are derived from your data above.
• Chat messages: every question you ask Vital and every reply Vital gives.
• Acknowledgements + plan completions: which concerns you've marked "discussed with my doctor" and which plan items you've ticked off.

We don't collect tracking pixels, advertising IDs, IP-based geolocation, or anything you don't actively put into the app.

To provide the dashboard. Specifically: to render your lab markers, to generate the plain-English summary, to write the action plan you can take to your doctor, and to answer your questions in chat. We do not use your data for marketing, analytics, or any secondary purpose.

Some of our infrastructure is hosted outside Australia. By signing up, you consent (under APP 8.2(a)) to your data being disclosed to the following overseas recipients. These vendors are not bound by Australian privacy law. If one of them mishandles your data, you may not be able to seek redress under the Australian Privacy Act.

We do not sell or otherwise disclose your data to anyone else. We do not share with insurers, employers, advertisers, or data brokers.

Reasonable steps we take under APP 11:

• Row-level security on every database table holding your data, so only you (or our server processes acting on your behalf) can read it.
• Private storage bucket for uploaded PDFs. Access requires a signed URL scoped to your account and a 60-second expiry.
• Encrypted at rest by Supabase's underlying infrastructure.
• Sanitised logging. When something fails, we log only the shape of the data (field names + string lengths), never the raw content.
• HTTPS everywhere in production. Session cookies are http-only and secure.

We do not currently use column-level encryption on top of the platform-level encryption. We plan to introduce it before opening beyond invited friends and family. See our internal security-v2 plan if you're a developer reviewer.

We keep your data while your account is active. If you delete your account, we delete your profile, lab markers, DNA findings, AI summaries, plans, and chat history within 30 days. Uploaded PDFs are removed from storage at the same time. Backups containing your data roll off within our backup retention window (currently 30 days).

We may retain anonymised aggregate logs (e.g. "how many summaries did Vital generate today") indefinitely. These cannot be linked back to you.

Under the Privacy Act you can:

• Access the personal information we hold about you. Most of it is visible in your dashboard. If you want a machine-readable export, email us (see section 9) and we'll send you a JSON file.
• Correct any information that's wrong. Most of this is editable directly via the Profile page. For AI-generated content, you can hit "Refresh summary" to regenerate.
• Delete your account at any time. Email us; we'll confirm and remove your data within 30 days.
• Complain. If you think we've mishandled your data, please contact us first (section 9). If you're not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au/privacy/privacy-complaints.

If we discover a data breach likely to cause serious harm to you, we will assess it within 30 days and, if it's an "eligible data breach" under the Notifiable Data Breaches scheme, notify you and the OAIC as soon as practicable.

For any privacy question, access request, correction, or deletion request, email wendy@opeus.ai. We aim to respond within seven business days.

If we make material changes — adding a new overseas vendor, collecting a new category of information, changing our retention period — we'll update this page and email every active user before the change takes effect.

vitals is a personal health-tracking tool. It is not a medical device. The AI-generated summary, action plan, and chat replies are intended to help you have better conversations with your doctor. They are not a diagnosis, prescription, or treatment plan. Always talk to a qualified healthcare professional before acting on anything you read here.