StackTerminal.Health

BETA

Privacy Policy

Last updated: March 2026

StackTerminal.Health is built on the principle that your health data belongs to you. This policy explains what we collect, why, and how we protect it.

Who we are

StackTerminal.Health is an educational supplement stack recommendation platform. We are not a medical provider. Contact: info@stackterminal.health.

What we collect

  • Account information — your name and email address, provided via Google or GitHub OAuth when you sign in. We do not store your password.
  • Profile data — age, sex, weight, height, and dietary preferences, which you provide voluntarily to personalize dosing recommendations.
  • Goals and preferences — the health goals, constraints, and stack categories you select during onboarding or in your profile.
  • Wearable data (optional) — if you connect Strava, WHOOP, Oura Ring, Garmin Connect, or Fitbit, we receive and store a summary of your recent activity, recovery, and sleep data from those platforms. This is used exclusively to improve your supplement recommendations.
  • Blood test data (optional) — if you upload a blood test PDF, we send it to OpenAI's API for analysis. Only the extracted structured data (marker names, values, and reference ranges) is stored in your profile — the original PDF is never retained by us or by OpenAI after processing.
  • Stacks and comments — the stacks you build, any edits you make, and comments you post on public stacks.
  • Usage data — standard server logs (page requests, timestamps, error traces) for debugging and reliability. We do not use third-party analytics trackers.

How we use your data

  • To generate personalized supplement stack recommendations based on your profile and goals.
  • To personalize dosing suggestions using your body metrics and wearable data.
  • To show you your stacks and let you share them publicly if you choose to.
  • To improve the quality of our recommendation algorithms — using aggregate, non-identifiable signals only.
  • To respond to support requests sent to our email.

We do not sell your data. We do not use your data for advertising. We do not share it with third parties except as described in this policy.

Wearable integrations

Connecting a wearable is entirely optional. When you connect Strava, WHOOP, Oura Ring, or Garmin Connect:

  • We request only the minimum scopes needed to read health and activity summaries.
  • OAuth tokens are stored securely in our database and used only to fetch your data on your request (via the Sync button).
  • Wearable summary data is stored in your profile and used solely to weight your supplement recommendations and compute archetypes.
  • You can disconnect any integration at any time from your member page. Disconnecting immediately deletes the stored tokens and clears the associated summary data from your profile.

Reel Check

When you use the Reel Check feature, you submit an Instagram Reel URL. We send the audio to OpenAI's Whisper API for transcription and use GPT to extract supplement claims. The URL and transcript are not stored after the analysis is complete. We do not log or retain the content of reels you analyze.

Third-party services

  • Vercel — hosts the application and database. Data is stored in the EU/US depending on region routing.
  • Google / GitHub OAuth — used for sign-in only. We receive your name and email; we do not receive access to your Google or GitHub account data beyond that.
  • OpenAI — used for Reel Check transcription and claim analysis, and for the AI risk assessment on stack pages. Inputs are processed per OpenAI's data usage policies.
  • Amazon — if you click "Buy stack," we may generate an Amazon affiliate link. No data is sent to Amazon until you click through.

Cookies

We use cookies for authentication sessions (via NextAuth.js) and short-lived OAuth state tokens during the sign-in and wearable connection flows. We do not use advertising or tracking cookies. You can clear cookies at any time in your browser settings, which will sign you out.

Data retention

Your data is retained for as long as your account is active. You can request deletion at any time by emailing us at info@stackterminal.health. We will delete your profile, stacks, and wearable data within 14 days.

Your rights

  • Access — you can view all data we hold about you by reviewing your member profile.
  • Correction — you can update your profile data at any time.
  • Deletion — you can request full account deletion by emailing us.
  • Portability — you can export your stacks in JSON format from the admin export (if applicable) or by request.
  • Withdrawal — you can disconnect any wearable integration at any time, immediately revoking our access.

Security

All data is transmitted over HTTPS. OAuth tokens are stored in a private PostgreSQL database. We do not log tokens in plaintext. No credit card or payment data is ever stored by us — purchases go directly through Amazon or Shopify.

Children

StackTerminal.Health is intended for adults. We do not knowingly collect data from anyone under 16. If you believe a minor has created an account, please contact us and we will delete it promptly.

Changes to this policy

We may update this policy as the platform evolves. If changes are material, we will note the updated date at the top of this page. Continued use of the platform after an update constitutes acceptance of the revised policy.

StackTerminal.Health is an educational tool & does not provide medical advice.
Questions? Contact: info@stackterminal.health
© 2026 StackTerminal.Health