Last updated: March 8, 2026
Privacy Policy
Truvarc — Your True Health Arc
This is a placeholder privacy policy. Full legal text will be added before public launch. Please consult your legal counsel to finalize this policy.
Your health data is private. We do not sell, share, or monetize your personal health information. Your data belongs to you.
This Privacy Policy explains how Truvarc ("we", "us", or "our") collects, uses, and protects your personal information when you use our Service.
1. Information We Collect
We collect information you provide directly:
- Account information: name, email address, password (hashed)
- Health profile: age, height, weight, medical conditions, medications, allergies, goals
- Logged health data: food entries, hydration, pain logs, supplement doses, weight history
- Wearable data: Fitbit activity, sleep, and heart rate data (if connected)
- Telegram data: Telegram user ID and check-in conversation data (if connected)
- Billing information: processed by Stripe — we do not store payment card details
We also automatically collect:
- Session data for authentication
- Error logs and usage data for service improvement
2. How We Use Your Information
- To provide personalized AI health coaching and insights
- To send you health check-ins via Telegram (if enabled)
- To generate your health arc, reports, and risk assessments
- To process subscription payments
- To send transactional emails (welcome, password reset, billing)
- To improve and maintain the Service
3. Data Sharing
We do not sell your personal information. We share data only with:
- Anthropic: AI coaching prompts are processed through the Claude API. We do not send identifying information beyond what you explicitly include in health logs.
- Stripe: Payment processing. Subject to Stripe's Privacy Policy.
- Fitbit/Google: If you connect a Fitbit account, data is retrieved per Fitbit's API. Subject to Fitbit's Privacy Policy.
- Resend: Transactional email delivery. Subject to Resend's Privacy Policy.
- Legal requirements: We may disclose data if required by law.
4. Data Security
We protect your data using:
- Passwords hashed with bcrypt (12 salt rounds)
- HTTPS-only connections in production
- HTTP-only, secure session cookies
- Atomic database writes to prevent data corruption
5. Data Retention and Deletion
Your health data is stored as long as your account is active. You can export all your data at any time from the dashboard (Settings → Export). To delete your account and all associated data, contact us at hello@truvarc.com.
6. Your Rights
Depending on your location, you may have rights to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and data
- Export your data in a portable format
- Opt out of certain communications
To exercise these rights, contact us at hello@truvarc.com.
7. Cookies
We use a single session cookie to keep you logged in. We do not use advertising or tracking cookies.
8. Children's Privacy
Truvarc is not directed at children under 18. We do not knowingly collect information from minors.
9. Changes to This Policy
We may update this Privacy Policy. We will notify you of material changes by email or through the Service. Continued use after changes constitutes acceptance.
10. Contact
Privacy questions? Contact us at hello@truvarc.com.