Privacy Policy

Last updated: April 22, 2026

Biotica ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your choices. By using Biotica, you agree to this policy.

1. Information We Collect

Account Information

When you register, we collect your email address and, optionally, your name. If you sign up via a third-party provider, we receive basic profile information from that provider.

Health and Biometric Data

When you connect third-party integrations, we collect and store:

• Sleep data — sleep score, HRV, readiness score, resting heart rate, sleep stages (from Oura Ring)
• Body composition — weight, body fat percentage, muscle mass, hydration (from Withings)
• Activity data — steps, active calories (from Android Health Connect)
• Workout data — exercises, sets, reps, weights logged within the App
• Supplement data — supplement names, dosages, and timing you log manually

Usage Data

We automatically collect information about how you use Biotica, including features accessed, time spent, and crash reports. This data is used to improve the App.

Device Information

We collect device identifiers, operating system version, and app version for diagnostics and compatibility purposes.

2. How We Use Your Information

We use your information to:

• Provide and operate the Biotica service, including syncing your biometric data
• Generate personalized AI-powered workout programs and performance insights
• Track your supplement protocol and correlate it with your biometric trends
• Send transactional emails (account verification, password reset)
• Improve and debug the App through aggregated, anonymized analytics
• Comply with legal obligations

We do not sell your personal or health data to third parties. We do not use your health data for advertising purposes.

3. Third-Party Services

Biotica integrates with the following third-party services when you choose to connect them:

• Oura Ring — sleep, HRV, and readiness data via Oura Cloud API. Governed by Oura's Privacy Policy.
• Withings — body composition data via Withings Health API. Governed by Withings' Privacy Policy.
• Android Health Connect — steps and activity data stored locally on your Android device. No data is sent to Google through Biotica.
• Garmin and MyFitnessPal — integrations are in development and not currently active.

We also use the following infrastructure providers:

• Supabase — database and authentication provider. Data is stored in US-based data centers. See Supabase Privacy Policy.
• RevenueCat — subscription and billing management. See RevenueCat Privacy Policy.
• Anthropic (Claude API) — powers AI coaching features. Prompts include your biometric data. Anthropic does not use API data for model training. See Anthropic Privacy Policy.

4. Data Storage and Security

Your data is stored in Supabase's PostgreSQL database with row-level security enforced — your data is only accessible to your authenticated account. All data is encrypted in transit (TLS) and at rest. OAuth tokens for third-party integrations are stored in your account record and never shared with other users.

No security system is perfect. We encourage you to use a strong, unique password and enable two-factor authentication where available.

5. Health Data

Biotica treats health and biometric data with the highest level of care. We do not:

• Sell your health data
• Share your health data with insurers, employers, or marketers
• Use your health data to build advertising profiles
• Use your individually identifiable health data to train AI models without your explicit consent

Biotica is not a HIPAA-covered entity and does not provide healthcare services. The App is a personal fitness and wellness tool. Please do not use Biotica as a substitute for professional medical care.

6. Data Retention

We retain your data as long as your account is active. If you delete your account, we will delete your personal data and biometric records within 30 days, except where we are required to retain it for legal or compliance reasons. Anonymized, aggregated data that cannot identify you may be retained indefinitely.

7. Your Rights and Choices

You have the right to:

• Access your personal data through the App (Settings → Export My Data)
• Correct inaccurate data through the App settings
• Delete your account and all associated data (Settings → Delete Account)
• Disconnect third-party integrations at any time (Settings → Connected Integrations)
• Opt out of non-essential communications by updating notification preferences

California residents have additional rights under the CCPA, including the right to know what personal information is collected, the right to delete, and the right to opt out of sale (we do not sell personal information). To exercise these rights, contact us at privacy@biotica.app.

8. Children's Privacy

Biotica is not directed to children under 18. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child, please contact us immediately at privacy@biotica.app.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy in the App or on this page with a revised "Last updated" date. Continued use of Biotica after changes take effect constitutes acceptance of the revised policy.

10. Contact

Questions, concerns, or requests related to your privacy? Contact us at privacy@biotica.app.