Privacy Policy

1. What Information We Collect

When you use Holistic Spartan, we may collect the following information:

Account Information: Your email address and display name when you create an account.

Health & Wellness Information: Health goals, dietary preferences, food allergies, health conditions, current and target weight, age, and activity level — but only what you voluntarily share with the platform or SpartanAI.

Chat History: Conversations with SpartanAI are stored so the AI can personalize future responses and maintain continuity.

Usage Data: Pages visited, features used, subscription status, and session timing data.

Payment Information: Stripe processes all payments. We store only your Stripe Customer ID and Subscription ID — never raw card numbers or full payment details.

2. Where Your Data Is Stored

All user data is stored using Supabase infrastructure, a third-party backend platform. Data is stored on servers in the United States.

Encryption: All data is encrypted in transit (TLS 1.3) and at rest using AES-256 encryption.

IMPORTANT — NOT HIPAA-COMPLIANT: Holistic Spartan does not maintain HIPAA compliance. Do not share medical records, clinical diagnoses, prescription information, or any data you would only share with a covered HIPAA entity. The information you share is for wellness education purposes only.

Supabase Privacy: Supabase's privacy policy governs their data handling practices at https://supabase.com/privacy

3. How We Use Your Information

We use your information to:

• Provide personalized AI coaching responses through SpartanAI • Maintain continuity between coaching sessions • Send transactional emails (subscription confirmation, trial ending notifications) • Improve the quality of coaching content and AI responses • Monitor for misuse or safety issues (e.g., crisis keyword detection) • Process subscription payments through Stripe

We do NOT sell, rent, or share your personal data with third parties for advertising or marketing purposes.

4. Age Restriction

Holistic Spartan is intended for users 18 years of age and older. We do not knowingly collect personal information from individuals under 18. If you believe a person under 18 has provided information to us, please contact coach@holistic-spartan.com and we will delete that information promptly.

5. Your Rights

You have the right to:

Access: Request a copy of all personal data we hold about you.

Correction: Request that we correct inaccurate or incomplete information.

Deletion: Request that we delete all personal data associated with your account. To request deletion, email coach@holistic-spartan.com with the subject line "Data Deletion Request." We will process your request within 30 days and confirm deletion.

Portability: Request your chat history and profile data in a machine-readable format.

Withdrawal of Consent: You may delete your account at any time from your account settings, which will trigger deletion of your personal data.

6. Data Retention

We retain your account data for as long as your account is active. Chat history is retained indefinitely to provide continuity of coaching unless you request deletion.

If you cancel your subscription or delete your account, your data is retained for 90 days before permanent deletion, to allow for account recovery if needed. After 90 days, data is permanently and irreversibly deleted.

7. Cookies

We use cookies and similar technologies for:

• Session management: Keeping you logged in across browser sessions • Preferences: Remembering your UI settings • Analytics: Understanding how visitors use the platform (aggregate, anonymized data only)

You may disable cookies in your browser settings. Disabling essential cookies may impair platform functionality. We do not use third-party advertising cookies.

8. Third-Party Services

Holistic Spartan integrates with the following third-party services:

• Supabase — database and authentication infrastructure • Stripe — payment processing • xAI (Grok) — AI response generation (your messages are processed by xAI's API; see xAI's privacy policy) • Calendly — session scheduling (if applicable)

Each third party has its own privacy policy governing their handling of data passed to them.

9. Contact & Data Requests

For all privacy-related requests, questions, or concerns, contact:

Email: coach@holistic-spartan.com Subject line: Include "Privacy Request" or "Data Deletion Request"

We respond to all privacy inquiries within 5 business days.