Privacy Policy

Last updated: March 28, 2026

Our Health Data Promise

Your compound protocols, doses, weight, measurements, and progress photos are encrypted and never sold, shared with advertisers, or used for marketing purposes. We do not monetize your health data in any way. Your data belongs to you — you can export or delete it at any time.

Your Privacy Matters

At Regimen, we take your privacy seriously. This policy explains how we collect, use, and protect your information.

Information We Collect

We collect information you provide directly to us. Only your email address is required to create an account. All other data is entirely optional — you choose what to track:

  • Required: Email address for account creation and notifications
  • Optional: Protocol information (compounds, doses, schedules, and cycle data)
  • Optional: Progress tracking data (weight, body measurements, progress photos)
  • Optional: Side effect logs and notes
  • Automatic: Anonymous usage data to improve our service

You are in full control of what you share. The app works with as much or as little data as you choose to enter.

Information from Apple Health & Google Health Connect

If you choose to connect Apple Health or Google Health Connect, we may read health metrics you explicitly authorize (such as weight, body measurements, and activity data) to display alongside your protocol data in the app. We do not write data to Apple Health or Google Health Connect without your permission. Health data accessed through these integrations is:

  • Only used to display correlations and trends within the Regimen app
  • Never shared with third parties, advertisers, or data brokers
  • Never used for marketing or ad targeting
  • Processed in accordance with Apple's and Google's health data policies

You can disconnect Apple Health or Google Health Connect at any time through your device settings or within the Regimen app. Disconnecting immediately stops all health data access.

How We Use Your Information

We use your information to:

  • Provide and maintain the Regimen service
  • Send you dose reminders and notifications you've configured
  • Display protocol analytics, trends, and correlations
  • Improve our app and develop new features
  • Respond to your support requests
  • Send important service updates (e.g., security notices, Terms of Service changes)

We do not use your information to:

  • Serve advertisements
  • Build advertising profiles
  • Sell or share data with third parties for marketing
  • Train AI models on your personal health data

Data Security

Your data is encrypted both in transit (TLS 1.2+) and at rest using industry-standard encryption. We use trusted cloud infrastructure providers for secure data storage. Access to user data is restricted to essential service operations only.

Progress photos are stored securely and are only accessible to you. They are never used for marketing, shared publicly, or accessible to other users.

We regularly review our security practices and infrastructure to protect against unauthorized access, alteration, or destruction of your personal information.

We Don't Sell Your Data — Ever

We never sell, rent, license, or share your personal health information with third parties for marketing, advertising, or data brokerage purposes. This includes your compound protocols, doses, weight data, measurements, progress photos, side effect logs, and any data accessed through Apple Health or Google Health Connect.

This is not a temporary policy — it is a core principle of how Regimen operates. We make money from app subscriptions, not from your data.

Third-Party Services

We use the following third-party services to operate Regimen:

  • Authentication: Email-based authentication and Apple Sign-In for secure account access
  • Cloud Infrastructure: Industry-standard cloud providers for encrypted data storage and processing
  • Analytics: Google Analytics for anonymous website usage data (page views, scroll depth, button clicks). No personally identifiable health information is shared with Google Analytics
  • Push Notifications: Standard iOS and Android push notification services for dose reminders

These services are selected for their security standards and compliance with data protection regulations. We do not use any third-party services that have access to your health protocol data.

Data Retention

We retain your data for as long as your account is active. Upon account deletion, your data is permanently removed within 30 days. You can request account deletion at any time through the app settings or by contacting us.

Children's Privacy

Regimen is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child under 18 has provided us with personal information, please contact us at support@helloregimen.com and we will promptly delete that information.

International Users & Your Privacy Rights

Regimen serves users worldwide. If you are located in the European Economic Area (EEA), United Kingdom, Brazil, or other jurisdictions with data protection laws, you have specific rights regarding your personal data.

Your rights include:

  • Access: Request a copy of all personal data we hold about you
  • Rectification: Request correction of inaccurate personal data
  • Deletion: Request deletion of your account and all associated data
  • Data Portability: Request your data in a structured, machine-readable format
  • Withdraw Consent: Withdraw consent for data processing at any time
  • Restriction: Request that we limit how we use your data
  • Objection: Object to processing of your data for specific purposes

Legal basis for processing (GDPR):

  • Consent: You consent to data collection when you create an account and configure health integrations
  • Contract: Processing is necessary to provide the Regimen service you signed up for
  • Legitimate Interest: Anonymous analytics to improve the app experience

Data location: Your data is stored on secured servers in the United States using industry-standard encryption. By using Regimen, you consent to the transfer of your data to the United States for processing and storage.

To exercise any of these rights, contact us at support@helloregimen.com. We will respond within 30 days.

Cookies and Analytics

We use Google Analytics to understand how visitors interact with our website. This helps us improve your experience. Google Analytics uses cookies to collect anonymous usage data such as page views, scroll depth, and button clicks. No personally identifiable information is shared with Google.

You can opt out of Google Analytics by using browser settings, privacy-focused browser extensions, or Google's opt-out tool. We also use essential cookies required for authentication and to keep you logged in securely.

Your Rights

All Regimen users, regardless of location, have the right to:

  • Access your personal data
  • Request deletion of your account and all data
  • Export your protocol data
  • Opt out of notifications and non-essential communications
  • Disconnect Apple Health or Google Health Connect integrations at any time

For additional rights specific to your jurisdiction (including GDPR and LGPD rights), see the "International Users & Your Privacy Rights" section above.

Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at: support@helloregimen.com

We aim to respond to all privacy-related inquiries within 30 days.