Privacy Policy

Introduction

Pepties ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

By using Pepties, you consent to the data practices described in this policy. If you do not agree, please do not use the Service.

Information We Collect

1. Personal Information

When you create an account, we collect:

• Phone number — Used for OTP-based authentication via Firebase Authentication.
• Full name — To personalize your experience.
• Date of birth — For age-related health context.
• Gender — To provide relevant health insights.
• Blood group — For health profile completeness.

2. Health & Medical Data

When you upload medical reports, we collect and process:

• Report files (images or PDFs) — Stored securely in Firebase Cloud Storage.
• Extracted text — Generated via OCR from your uploaded documents.
• AI-generated analysis — Including summaries, health tips, FHIR-structured data, trends, and health insights generated by Google Gemini AI.

3. Chat Data

Messages you send to PeptiesAI (our chat assistant) are processed in real-time to generate responses based on your health data. Chat sessions are temporary and not permanently stored on our servers.

4. Usage Data

We may collect general usage data such as app interaction patterns, feature usage frequency, and crash reports to improve the Service.

How We Use Your Information

• Authentication: To verify your identity through phone-based OTP login.
• Health Analysis: To process your medical reports using AI and provide summaries, tips, trends, and insights.
• AI Chat: To power PeptiesAI with context from your health data so it can answer your health-related questions.
• Family Sharing: To enable connected family members to view each other's health dashboards, upon mutual consent.
• Health Tips: To fetch and display relevant health tips from trusted external sources (health.gov API).
• Service Improvement: To improve our AI models, fix bugs, and enhance the user experience.

Data Storage & Security

• Firebase Infrastructure: All data is stored on Google's Firebase platform, which provides enterprise-grade security including encryption at rest and in transit.
• Cloud Firestore: Your profile data, health insights, and report metadata are stored in Cloud Firestore with per-user access rules.
• Cloud Storage: Uploaded report files are stored in Firebase Cloud Storage with authenticated access only.
• Cloud Functions: AI processing runs on serverless Firebase Cloud Functions, ensuring data is processed in secure, isolated environments.

We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

Third-Party Services

Pepties uses the following third-party services:

• Google Firebase — Authentication, database, file storage, and serverless functions.
• Google Gemini AI — Powers report analysis, health insights generation, and the chat assistant. Your health data is sent to Gemini's API for processing.
• health.gov API — Provides general health tips. No personal data is sent to this service.

We do not sell, trade, or rent your personal or health information to any third parties.

Family Sharing & Data Access

When you add a family member through the app:

• A connection request is sent and must be accepted by the other party.
• Once connected, family members can view each other's health dashboards and report summaries.
• Either party can remove the connection at any time, immediately revoking access.