SuplrSuplr
← Back

Privacy Policy

Last updated: April 14, 2026

Data controller

Suplr (suplr.app) is the data controller responsible for personal data collected through this platform. Contact: info@suplr.app.

Data we collect

We collect the following data to provide the service:

  • Profile data: age, sex, and health goals.
  • Health data: allergies, current medications, and chronic conditions (special category under GDPR Art. 9).
  • Email address: for sending recommendations and newsletter.
  • Usage data: interactions with the platform to improve the service.

Purpose of processing

  • Generate personalized supplement recommendations.
  • Send weekly newsletter with tips and updates (with prior consent).
  • Improve the platform and quality of recommendations.

Legal basis

Processing is based on: (a) explicit consent for health data (GDPR Art. 9.2.a), (b) performance of the service contract (GDPR Art. 6.1.b), and (c) legitimate interest to improve the service (GDPR Art. 6.1.f).

Health data (special category)

Health data (allergies, medications, chronic conditions) is processed exclusively to personalize supplement recommendations and check for potential contraindications. This data is processed under explicit consent and stored in encrypted form.

Third parties and international transfers

We share data with the following providers to operate the service:

  • Supabase (database): data hosted in the EU.
  • Domain SMTP provider (email): for sending transactional emails and newsletter.
  • Vercel (hosting): web request processing. Data transferred to the US under standard contractual clauses.
  • Stripe (payments): payment processing for Pro subscriptions. Data transferred to the US under standard contractual clauses.

Data retention

We retain your data as long as you maintain an active account. You can request deletion at any time. Payment data is retained according to applicable tax obligations.

Your rights (GDPR)

As a user, you have the right to:

  • Access: obtain a copy of your personal data.
  • Rectification: correct inaccurate data.
  • Erasure: request deletion of your data.
  • Portability: receive your data in a structured format.
  • Restriction: restrict the processing of your data.
  • Objection: object to the processing of your data.

To exercise these rights, contact info@suplr.app. We will respond within 30 days. You may also file a complaint with the data protection authority in your country.

Cookies

We use essential technical cookies for platform operation and session cookies to maintain your authentication. We do not use advertising tracking cookies.

Changes to this policy

We may update this policy periodically. We will notify you of significant changes by email or through a notice on the platform.

Contact

For any privacy inquiries, write to us at info@suplr.app.