Privacy Policy for Protocol Buddy

Last updated: October 22, 2025

1. Introduction

Protocol Buddy ("we", "our", "the App") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your personal data when you use our web application at https://protocol-buddy.vercel.app.

2. Information We Collect

We believe in minimal data collection and only gather information necessary to provide our services:

Payment Information (Web App Only)

If you choose to purchase access after using your complimentary protocols, we collect:

  • Your email address for subscription management and access verification
  • Payment information is processed securely through Stripe (we do not store credit card details)
  • Transaction records are stored in our secure Vercel KV database

Usage Preferences

  • Dark mode preference: Stored locally on your device
  • Free protocol usage tracking: Stored to enable our freemium model

Analytics Data

We use Vercel's built-in analytics which collect basic, privacy-respecting metrics such as:

  • Page views and navigation patterns
  • Performance metrics (page load times)
  • General geographic location (country/region level only)
  • Device type and browser information

These analytics do not include personal identifiers and cannot be used to track individual users.

3. What We Do NOT Collect

We explicitly do not collect:

  • Full names, phone numbers, or physical addresses
  • Health information or medical records
  • Precise location data or GPS coordinates
  • Social media profiles or connections
  • Biometric data
  • Browsing history outside our application

4. How We Use Your Information

The limited data we collect is used exclusively for:

  • Managing your subscription and access to paid protocols
  • Processing payments securely through Stripe
  • Sending transactional emails (payment confirmations, access updates)
  • Improving application performance and user experience
  • Troubleshooting technical issues
  • Complying with legal obligations

We do NOT use your data for:

  • Advertising or marketing campaigns
  • Selling or sharing with third-party advertisers
  • User profiling or behavioral tracking
  • Training AI models or machine learning algorithms

5. Data Storage and Security

Storage Infrastructure

  • Email addresses and subscription data: Stored securely in Vercel KV database with encryption at rest
  • User preferences: Stored locally in your browser's local storage
  • Payment information: Handled exclusively by Stripe (PCI DSS compliant)

Security Measures

We implement industry-standard security measures including:

  • HTTPS encryption for all data transmission
  • Secure authentication through Firebase Admin SDK
  • Regular security updates and monitoring
  • Limited access to production data (need-to-know basis)

However, no system can guarantee 100% security. We encourage you to use strong passwords and keep your account credentials confidential.

6. Data Sharing and Third Parties

We do not sell, rent, or share your personal information with third parties for their marketing purposes. We only share data with trusted service providers who help us operate our application:

  • Stripe: Payment processing (subject to Stripe's Privacy Policy)
  • Vercel: Hosting and analytics (subject to Vercel's Privacy Policy)
  • Firebase: Authentication services (subject to Google's Privacy Policy)

These providers are contractually obligated to protect your data and use it only for providing services to Protocol Buddy.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format
  • Objection: Object to certain types of data processing
  • Withdrawal of Consent: Withdraw consent for data processing at any time

To exercise any of these rights, please contact us at the email address provided in Section 11.

8. Children's Privacy

Protocol Buddy is not intended for use by individuals under the age of 18 (or the age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately so we can delete it.

9. International Data Transfers

Protocol Buddy is hosted on Vercel's global infrastructure. Your data may be processed in countries other than your own. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable data protection laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will:

  • Update the "Last updated" date at the top of this page
  • Notify users via email (for material changes affecting your rights)
  • Display a notice on our application

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

11. Legal Disclaimer

Protocol Buddy provides educational information only and is not intended as medical advice. The dosage calculators and protocol information are for informational purposes and should not replace consultation with qualified healthcare professionals. We are not responsible for how you use the information provided through our application.