Privacy Policy — See Myself Well

Your health data is deeply personal. See Myself Well was built on the belief that your data belongs to you, exists to serve you, and should never be used against your interests. This Privacy Policy explains exactly what information we collect, how we use it, and the choices you have. We have written it to be read, not just clicked past.

By using See Myself Well, you agree to the practices described in this policy. If you do not agree, please do not use the app.

1. Who We Are

See Myself Well is operated by Jessica Irwin, an individual doing business as See Myself Well, based in the United States. We are not a covered entity under HIPAA, but we treat your health data with the same care and seriousness that standard requires.

Privacy contact: irwin.jessica1975@gmail.com

2. What Information We Collect

We collect three categories of information:

A. Information you provide directly

Account information: name, email address, password
Profile details: date of birth, timezone, unit preferences (imperial or metric)
Health events you log manually: fasting windows, meals and their descriptions, mood and energy ratings, sunlight exposure, workout sessions, supplement logs, journal entries, and free-text notes
Biomarker readings you enter: blood glucose, blood ketones, GKI, weight, body measurements, lab results from bloodwork
Voice journal recordings and their transcriptions

B. Information from connected devices and services

When you choose to connect a wearable device or health service, we receive data from that service on your behalf. You control which services you connect and can disconnect them at any time.

Apple Health (via Apple HealthKit): heart rate variability, resting heart rate, sleep data, workout data, active energy, blood oxygen, body weight, body fat percentage, and other metrics you have authorized
Oura Ring (via Oura API): readiness score, sleep stages, body temperature, respiratory rate, heart rate variability, and activity data
Keto-Mojo (via MyMojoHealth API): blood glucose readings, blood ketone readings, and GKI values
Other devices you connect in the future will be disclosed when those connections are added

C. Information collected automatically

Usage data: which features you use, how often, and when
Device information: device type, operating system version, app version
Diagnostic logs: error reports to help us fix technical problems
AI usage metrics: number of insight generations, token counts for cost management (not the content of your insights)

3. How We Use Your Information

We use your information for the following purposes and no others:

To provide the core service: logging your health events, computing your daily summaries, calculating correlations between factors, and displaying your data to you
To generate AI insights:your event data, goal information, and journal summaries are sent to Anthropic's Claude API to generate personalized health insights. This data is transmitted securely and is subject to Anthropic's privacy policy.
To transcribe voice journals:your voice recordings are sent to OpenAI's Whisper API for transcription. Recordings are not retained beyond the transcription process.
To manage your subscription: we use Stripe to process payments. We do not store your payment card information.
To improve the app: aggregated, de-identified usage patterns help us understand which features are working and where we can improve. We never use individual health data for this purpose.
To communicate with you: service-related emails such as password resets, subscription notices, and important updates. We do not send marketing emails without your explicit opt-in.
To ensure security: detecting and preventing fraud, unauthorized access, and technical problems.

4. How We Share Your Information

We do not sell your personal information. We do not share your health data with advertisers. The limited sharing that occurs is as follows:

Anthropic (Claude API): your event data, goal context, and journal summaries are sent to generate AI insights. Data is transmitted encrypted over HTTPS. See anthropic.com/privacy.
OpenAI (Whisper API): your voice recordings are sent for transcription. Audio is processed and not retained. See openai.com/privacy.
Supabase: our database and authentication provider stores your account and health data in encrypted, access-controlled databases. See supabase.com/privacy.
Stripe: processes subscription payments. We share only what is necessary to complete transactions. See stripe.com/privacy.
Vercel: hosts the web application. See vercel.com/legal/privacy-policy.
Legal requirements: we may disclose information if required by law, court order, or to protect the safety of users or the public. We will notify you when legally permitted to do so.
Business transfers: if See Myself Well is acquired or merges with another entity, your data may transfer as part of that transaction. You will be notified in advance and given the opportunity to delete your account.

5. Health Data — Special Protections

Health data is the most sensitive category of personal information. We apply additional protections beyond our standard practices:

All health data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access tokens for connected devices (Oura, Keto-Mojo) are stored encrypted using Supabase Vault and are never exposed in logs or error reports
We use row-level security on all database tables: your data can only be read or written by requests authenticated as you
We do not use your health data to train AI models
We do not share identifiable health data with insurance companies, employers, or pharmaceutical companies
Voice recordings are transmitted for transcription and are not stored after transcription is complete. The transcript and your corrections are stored as part of your journal entry.

6. Data Retention

We retain your data for as long as your account is active. Specific retention periods:

Account and profile data: retained until you delete your account
Health events and journal entries: retained until you delete them individually or delete your account
AI insight records: retained for 12 months to support insight quality analysis, then deleted
Voice recordings: deleted immediately after transcription is complete
Usage logs: retained for 90 days for security and debugging purposes
Payment records: retained as required by law (typically 7 years for financial records)

When you delete your account, all health data, journal entries, and personally identifiable information are permanently deleted within 30 days. Anonymized, aggregated data that cannot be linked back to you may be retained indefinitely.

7. Your Rights and Choices

You have the following rights regarding your data:

Access: you can view all of your data within the app at any time
Correction: you can edit or delete individual health events, journal entries, and profile information
Export: you can request a complete export of your data in a standard format by emailing irwin.jessica1975@gmail.com. We will fulfill export requests within 30 days.
Deletion: you can delete your account and all associated data from the Settings page. Deletion is permanent and cannot be undone.
Connected devices: you can disconnect any wearable integration at any time from the Connections page. Disconnecting does not delete historical data already synced.
Push notifications: you can control notification preferences in your device settings
AI insights: you can disable AI insight generation at any time from Settings. Disabling does not delete previously generated insights.

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete, and the right to non-discrimination for exercising these rights. To make a CCPA request, contact us at irwin.jessica1975@gmail.com.

8. Data Security

We take reasonable technical and organizational measures to protect your information:

All data transmitted between the app and our servers uses TLS encryption
Database access is controlled by row-level security policies that enforce user-level isolation
OAuth tokens for third-party services are encrypted at rest using Supabase Vault
We do not store payment card details — payments are processed entirely by Stripe
Access to production systems is restricted and logged

No system is perfectly secure. If you believe your account has been compromised, contact us immediately at irwin.jessica1975@gmail.com.

9. Children's Privacy

See Myself Well is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected information from a child under 18, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at irwin.jessica1975@gmail.com.

10. Third-Party Services and Links

The app may connect to third-party services at your direction (Oura, Keto-Mojo, Apple Health, and others). Once your data is in those services, their respective privacy policies govern how it is handled. We encourage you to review the privacy policies of any service you connect.

We do not embed third-party advertising SDKs, tracking pixels, or social media buttons in the app. We do not participate in cross-site or cross-app tracking.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and display a notice in the app at least 14 days before the changes take effect. Your continued use of See Myself Well after the effective date constitutes acceptance of the updated policy.

The date at the top of this policy reflects when it was last updated. We maintain prior versions, which you can request by contacting us.

12. Contact Us

For any questions, requests, or concerns about this Privacy Policy or our data practices, please contact:

See Myself Well
Operated by Jessica Irwin
Email: irwin.jessica1975@gmail.com

We will respond to privacy-related requests within 30 days. For account deletion or data export requests, please include “Data Request” in the subject line.