🦠VitalSync
Gut Health QuizSleep QuizProducts

Privacy Policy

Last updated: April 19, 2026

Template document for informational purposes. Not legal advice. Consult a licensed attorney before relying on this Policy.

1. Who we are

VitalSync ("VitalSync," "we," "our") operates vitalsync.fit, a pseudonymous community for health and beauty reviews. Contact: privacy@vitalsync.fit.

2. Information we collect

  • Account info — username, email, hashed password, optional profile details.
  • User Content — posts, reviews, comments, votes, reports, and messages. May include health-related information you choose to share.
  • Usage data — pages viewed, clicks, search queries, referring URL, approximate location (city/country from IP).
  • Device & technical data — IP address, browser, OS, device type, crash/error logs.
  • Cookies & similar — see our Cookie Policy.
  • Payment info (business subscribers) — handled by Stripe; we receive last-4, brand, and billing metadata, not the full card.
  • Communications — emails you send to our support or privacy addresses.

3. Consumer health data (Washington MHMDA notice)

VitalSync is a community for health reviews. Content you post may reveal information about your physical or mental health, conditions, treatments, or diagnoses ("Consumer Health Data"). We treat this as sensitive data.

  • Collection. We collect Consumer Health Data only when you voluntarily post it. The specific purpose is to display your post/review to other community members and moderators.
  • Sharing. We share Consumer Health Data only with service providers strictly necessary to operate the Service (hosting, moderation, email) — listed in Section 6.
  • No sale. We do not sell Consumer Health Data and do not share it for cross-context behavioral advertising.
  • Withdraw consent. You can delete a post at any time, or close your account, to withdraw future collection and sharing. Email privacy@vitalsync.fit.
  • Geofence. We do not use location data to implement a geofence around any healthcare facility (RCW 19.373.110).

4. How we use information

  • Operate, maintain, and secure the Service.
  • Display User Content to other users.
  • AI-assisted and human content moderation (see AI Policy).
  • Send transactional emails (password resets, moderation notices).
  • Send newsletters or product updates — only if you opted in; unsubscribe any time.
  • Analyze usage to improve the product.
  • Prevent fraud, abuse, spam, and legal violations.
  • Comply with legal obligations and enforce our Terms.

5. Legal bases (EEA / UK users)

  • Contract — to provide the Service you signed up for.
  • Legitimate interests — analytics, security, product improvement.
  • Consent — marketing emails, non-essential cookies, special-category (health) data. You may withdraw consent at any time.
  • Legal obligation — responding to lawful requests.

6. Service providers / subprocessors

We share data with the following processors, bound by data-processing agreements:

  • Supabase (US) — database, auth, storage.
  • Stripe (US) — payments for business subscriptions.
  • Resend (US) — transactional and newsletter email.
  • Anthropic (US) — AI moderation and support chatbot (Claude). API traffic is not used to train Anthropic models.
  • Google — Analytics, AdSense (only if you consent to analytics/advertising cookies).
  • Meta Platforms — Meta Pixel (only if you consent to advertising cookies).
  • Vercel (US) — hosting.

We may update this list; the current version is maintained in our Cookie Policy and on this page. We do not sell personal information.

7. International data transfers

Our processors are primarily US-based. Transfers from the EEA/UK rely on the European Commission's Standard Contractual Clauses and, where applicable, the EU–US Data Privacy Framework. Ask us for a copy of the relevant SCCs at privacy@vitalsync.fit.

8. Retention

  • Account and posts: while your account is active; deleted on request within 30 days.
  • Server logs: 30–90 days.
  • Stripe billing records: 7 years (US tax rules).
  • Newsletter list: until you unsubscribe, then suppression list only.
  • Backups: residual copies may persist for up to 90 days after deletion.

9. Cookies, tracking, and analytics

See our Cookie Policy. We honor the Global Privacy Control (GPC) browser signal as an opt-out of sale/sharing and targeted advertising.

10. Your rights

Depending on where you live, you may have the right to:

  • Access or receive a copy of the personal information we hold about you.
  • Correct inaccurate information.
  • Delete personal information.
  • Port your data to another service in a machine-readable format.
  • Opt out of sale, sharing, or targeted advertising (we do not sell).
  • Limit use of sensitive personal information.
  • Object to or restrict processing (EEA/UK).
  • Withdraw consent (including for consumer health data).
  • Not be subject to unlawful discrimination for exercising your rights.
  • Appeal a denied request (in states that require an appeal process).
  • Lodge a complaint with a supervisory authority (EEA/UK) or state AG.

Exercise rights by emailing privacy@vitalsync.fit or, where available, using in-product self-service. We respond within 45 days (extendable once by 45 days for complex requests). We may need to verify your identity using your registered email and recent account activity. You may designate an authorized agent.

11. Children

The Service is for users 18 and older. We do not knowingly collect data from children under 13; if we learn we have, we will delete it. Users identified as 13–17 are not permitted and, if detected, their accounts are disabled. We do not use personal information of users we know to be minors for targeted advertising or profiling.

12. Do Not Track & GPC

Browsers transmit a Do-Not-Track ("DNT") header with no legally agreed meaning; we do not respond to DNT specifically. We do honor the Global Privacy Control (GPC) signal and treat it as an opt-out of sale/sharing and targeted advertising under CCPA, CPA, CTDPA, and other applicable state laws.

13. Security

We use HTTPS, encryption in transit and at rest for databases, access controls, logging, and regular security review. No system is perfectly secure. Report vulnerabilities to security@vitalsync.fit.

14. Breach notification

If personal information is compromised, we will notify affected users and regulators as required by applicable breach-notification laws (including the breach laws of all 50 US states, UK GDPR Art. 33, EU GDPR Art. 33, and WA RCW 19.255).

15. Changes

We may update this Policy. Material changes will be announced at least 14 days in advance, by notice on the Service or by email to registered users.

16. Contact

Privacy questions or rights requests: privacy@vitalsync.fit.

← Back to VitalSync
🦠VitalSync

Science-based gut health and sleep assessments. Free quizzes with personalized recommendations.

Quizzes & Resources

  • Gut Health Quiz
  • Sleep Quality Quiz
  • Recommended Products

Company

  • About VitalSync
  • FAQ
  • Partnerships & Advertising
  • Community Guidelines

Legal

  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Medical & Affiliate Disclaimer
  • FTC Disclosures
  • AI Policy
  • DMCA
  • Accessibility

Weekly research, straight to your inbox

One evidence-based article on gut health or sleep every week. No spam.

VitalSync provides general wellness information and is not a substitute for professional medical advice. Always consult a healthcare provider for medical concerns.

© 2026 VitalSync. All rights reserved.