Privacy Policy

The Protocol privacy policy describes how we treat personal information when you use our website and software (collectively, 'Services'). Last updated: 16th July 2026

This Privacy Policy explains how Protocol (“Protocol”, “we”, “us” or “our”) collects, uses, stores and shares personal information when you use:

  • the Protocol mobile application (the “App”);
  • our website at joinprotocol.io;
  • our customer-support services;
  • our emails and communications; and
  • any related features, tools, calculators, reminders, subscriptions or services,

together referred to as the “Service”.

Protocol is a peptide-tracking and health-organisation service. Information you choose to record may include information concerning your health. Please read this Privacy Policy carefully before using the Service.

1. Who is responsible for your information?

For the purposes of UK data-protection law, the data controller responsible for your personal information is:

Legal name: Thomas Smith
Email: team@joinprotocol.io
Data protection contact: Thomas Smith

As data controller, we determine why and how personal information collected through Protocol is processed.

2. Scope of this Privacy Policy

This Privacy Policy applies to personal information processed by Protocol through the Service.

It does not apply to:

  • information collected directly by Apple through the App Store or your Apple Account;
  • websites or services operated by third parties;
  • healthcare professionals, clinics, pharmacies, peptide suppliers or other organisations that are not operated by Protocol; or
  • information processed by a third party independently for its own purposes.

Those organisations will have their own privacy policies and may act as separate data controllers.

3. Information we collect

The information we collect depends on how you use Protocol and which features you enable.

3.1 Account and identity information

When you create or manage an account, we may collect:

  • your email address;
  • your name or display name, if provided;
  • your internal Protocol user identifier;
  • your authentication method;
  • records showing whether your email address has been verified;
  • password-reset and authentication records;
  • your age or confirmation that you are at least 18;
  • your account creation date;
  • your account settings; and
  • records of your acceptance of our Terms, Privacy Policy and health-data consent.

Passwords are handled through our authentication provider. We do not have access to your password in readable form.

3.2 Health, peptide and protocol information

When you use Protocol’s tracking features, you may choose to provide information such as:

  • the peptides or other substances you record;
  • peptide stacks or protocols;
  • vial quantity and concentration;
  • reconstitution details;
  • diluent volume;
  • planned or recorded quantities;
  • administration dates and times;
  • dose history;
  • frequency and schedule information;
  • start and end dates;
  • reminder settings;
  • weight;
  • height;
  • age;
  • health measurements;
  • progress entries;
  • check-in responses;
  • symptoms;
  • potential side effects;
  • wellbeing information;
  • notes;
  • adherence or streak information;
  • photographs or documents you upload, where that feature is available; and
  • other information you choose to enter into free-text fields.

This information may constitute health data or other sensitive personal information.

You control which information you enter. However, some core tracking features may not function without the relevant information.

3.3 Calculator information

When you use a reconstitution or other calculator, we may process:

  • vial quantity;
  • concentration;
  • units of measurement;
  • diluent quantity;
  • syringe or measurement information;
  • the desired mathematical quantity entered by you;
  • calculated results; and
  • related selections or settings.

Depending on the App’s implementation, calculations may be completed locally on your device or may be transmitted to our systems to save the result or synchronise it with your account.

3.4 Chat and AI-feature information

When you use a chat, search, assistant or other automated feature, we may collect and process:

  • your prompts and questions;
  • content you submit;
  • information you choose to include from your Protocol records;
  • generated responses;
  • feedback you provide about a response; and
  • technical information needed to generate and deliver the response.

Chat content may include health information where you choose to discuss your health, peptide use, symptoms or protocol.

We will tell you when a feature uses artificial intelligence or sends information to an external AI service provider.

3.5 Subscription and purchase information

When you purchase or manage a subscription, we may receive:

  • the subscription product selected;
  • subscription status;
  • entitlement status;
  • transaction and purchase identifiers;
  • purchase and renewal dates;
  • trial or introductory-offer status;
  • cancellation or expiry status;
  • App Store storefront;
  • currency and general pricing information; and
  • limited transaction or receipt information required to validate purchases.

Payments made through the Apple App Store are processed by Apple. We do not receive your full payment-card number or payment credentials.

3.6 Device and technical information

We or our service providers may automatically collect limited technical information, including:

  • device type and model;
  • operating system and version;
  • App version;
  • language;
  • country or regional setting;
  • time zone;
  • IP address;
  • internal user or installation identifiers;
  • authentication events;
  • session information;
  • dates and times of access;
  • feature interactions;
  • server logs;
  • crash reports;
  • performance information;
  • error logs; and
  • diagnostic information.

We use this information to operate, secure, troubleshoot and improve the Service.

We do not use technical information to build advertising profiles or track you across third-party apps or websites.

3.7 Notification information

If you enable push notifications, we may collect:

  • a push-notification token;
  • your notification preferences;
  • reminder times;
  • time-zone information;
  • notification delivery status; and
  • limited technical delivery information.

You can disable push notifications at any time through your device settings. You may also be able to manage individual reminder types inside Protocol.

Notification previews may be visible on your device’s lock screen depending on your device settings. You are responsible for configuring notification-preview settings appropriate for your privacy needs.

3.8 Communications and support

When you contact us, we may collect:

  • your name;
  • email address;
  • the content of your message;
  • screenshots or attachments;
  • information about your account or device;
  • support history; and
  • any other information you choose to provide.

Please avoid including unnecessary health information in a support request.

3.9 Marketing preferences

Where you choose to receive marketing, we may collect:

  • your email address;
  • your marketing preferences;
  • the date, time and method of your consent;
  • email-delivery and engagement information; and
  • unsubscribe records.

Marketing consent is optional and is not required to use Protocol.

4. How we collect information

We collect personal information:

4.1 Directly from you

For example, when you:

  • create an account;
  • enter a peptide or protocol;
  • log an activity;
  • enter health information;
  • use a calculator;
  • use chat;
  • contact support;
  • purchase a subscription; or
  • opt in to marketing.

4.2 Automatically

Certain technical information is generated when you access or use the Service, including server logs, device information, authentication events and subscription events.

4.3 From service providers and platforms

We may receive information from:

  • Apple, concerning subscriptions and App Store transactions;
  • RevenueCat, concerning subscription status and entitlements;
  • Supabase, concerning authentication and backend activity;
  • email-delivery providers, concerning email delivery;
  • Expo services, where used for application updates or notifications;
  • crash-reporting or analytics providers listed in this Privacy Policy; and
  • an AI provider, where you use an AI-powered feature.

5. Why we use your information

We use personal information for the following purposes.

5.1 Providing the Service

This includes:

  • creating and authenticating your account;
  • saving and synchronising your records;
  • providing peptide and protocol tracking;
  • generating calculations;
  • displaying your history and progress;
  • scheduling reminders;
  • providing chat or automated features;
  • managing subscriptions;
  • restoring purchases; and
  • responding to support requests.

Our lawful basis is generally that processing is necessary to perform our contract with you or to take steps at your request before entering into that contract.

Where this processing involves health data, we also rely on your explicit consent as described below.

5.2 Processing health information

We process health-related information so that you can record, organise, review and manage the information you choose to store through Protocol.

For UK and EEA users:

  • our Article 6 lawful basis is normally that processing is necessary to provide the Service you requested; and
  • our additional Article 9 condition for processing health data is your explicit consent.

We do not process health information for advertising, insurance eligibility, employment decisions, data-broker activity or unrelated profiling.

5.3 Communicating with you

We use your contact details to send:

  • verification emails;
  • password-reset messages;
  • security alerts;
  • subscription or account information;
  • material updates to the Service;
  • updates to legal documents;
  • responses to support enquiries; and
  • other necessary service messages.

Our lawful basis is performance of our contract with you, compliance with legal obligations and our legitimate interest in administering and securing the Service.

5.4 Processing subscriptions

We use purchase and subscription information to:

  • verify purchases;
  • activate paid features;
  • maintain entitlements;
  • prevent subscription fraud;
  • restore purchases;
  • provide subscription support; and
  • understand subscription performance.

Our lawful basis is performance of our contract with you and our legitimate interest in operating and protecting our paid services.

5.5 Security and misuse prevention

We may process account, device and technical information to:

  • protect accounts;
  • identify unauthorised access;
  • prevent fraud and abuse;
  • investigate security incidents;
  • enforce our Terms;
  • protect users and third parties; and
  • maintain the integrity of our systems.

Our lawful basis is our legitimate interest in keeping Protocol safe and secure and, where applicable, compliance with legal obligations.

5.6 Improving the Service

We may use limited technical, diagnostic and usage information to:

  • identify errors;
  • measure performance;
  • understand which features function correctly;
  • improve usability;
  • develop new features; and
  • maintain compatibility with devices and operating systems.

Where reasonably possible, we use aggregated or de-identified information for these purposes.

We do not use identifiable health records or private chat content to train a general-purpose artificial-intelligence model unless you have been given clear information and have provided separate, explicit consent.

5.7 Marketing

Where you have opted in, we may use your email address to send product news, feature announcements or promotional communications.

Our lawful basis is your consent.

You may withdraw marketing consent at any time using the unsubscribe link in an email or by contacting us. Withdrawing marketing consent will not affect service emails needed to operate your account.

5.8 Legal and regulatory purposes

We may process information where necessary to:

  • comply with applicable law;
  • respond to lawful requests;
  • establish, exercise or defend legal claims;
  • maintain required business records;
  • respond to regulators or courts; or
  • protect a person from serious harm.

Our lawful basis is compliance with a legal obligation, our legitimate interests or another basis permitted by applicable law.

6. Health-data consent

Health information receives additional protection under data-protection law.

Before Protocol begins storing or otherwise processing your health information, we may ask you to provide a separate, explicit consent.

Your consent must be given through a clear affirmative action. Accepting our general Terms of Use does not, by itself, constitute explicit consent to process health data.

You may withdraw your health-data consent at any time through:

Withdrawing consent does not affect the lawfulness of processing carried out before consent was withdrawn.

Because processing health information is central to Protocol’s tracking features, withdrawing consent may require us to:

  • delete your stored health and protocol records;
  • disable affected features; or
  • close your Protocol account where the Service can no longer be provided without that information.

We will explain the consequences before completing the withdrawal request.

7. How we use AI providers

Where Protocol includes an AI-powered chat or assistant, information submitted to that feature may be sent to OpenAI so that a response can be generated.

The information sent may include:

  • your prompt;
  • relevant conversation history;
  • selected Protocol records, where you choose to include them; and
  • limited technical information needed to operate the feature.

We do not send your entire Protocol account or health history to an AI provider unless this is necessary for a feature you have deliberately requested and you have been clearly informed.

We require AI service providers processing personal information on our behalf to:

  • process it only for authorised purposes;
  • apply appropriate security protections;
  • comply with applicable data-protection requirements; and
  • not use identifiable Protocol health information to train general-purpose models without separate authorisation.

AI outputs may be stored in your Protocol account so that you can revisit the conversation.

You may delete conversations through the App where that functionality is available.

Protocol does not use AI to make decisions that produce legal or similarly significant effects concerning you.

8. Who we share information with

We do not sell personal information.

We do not share health information with advertisers, data brokers, employers, insurance companies or peptide suppliers.

We may disclose information to the following categories of recipients where necessary to operate the Service.

8.1 Supabase

We use Supabase for services that may include:

  • account authentication;
  • database hosting;
  • file storage;
  • backend functions;
  • access control; and
  • security logging.

Supabase may process account information, health and protocol records, technical data and content stored through Protocol on our behalf.

8.2 RevenueCat

We use RevenueCat to manage subscriptions, purchase validation and premium-feature entitlements.

RevenueCat may process:

  • an internal user identifier;
  • purchase history;
  • subscription status;
  • product identifiers;
  • receipt or transaction information;
  • storefront and currency information; and
  • related subscription events.

RevenueCat does not process your full payment-card details on our behalf.

8.3 Apple

Apple may process information in connection with:

  • downloading and updating the App;
  • App Store purchases;
  • subscription billing;
  • refunds;
  • Apple Account services;
  • App Store analytics; and
  • Apple Push Notification Service.

Apple processes this information under its own terms and privacy policy.

8.4 Resend

We use Resend to deliver emails such as:

  • account-verification emails;
  • password-reset messages;
  • security notifications;
  • service communications; and
  • marketing emails where you have opted in.

Resend may process your email address, message content and email-delivery metadata.

8.5 Expo

Protocol is developed using Expo technology.

Where we use Expo Application Services, Expo may process limited device, application and technical information in connection with:

  • building and distributing the App;
  • delivering software updates;
  • crash or diagnostic services; and
  • push-notification delivery.

Where Expo’s push-notification service is used, Expo may process your push token and the content and delivery metadata of notifications sent through that service.

8.6 OpenAI

Where you use an AI-powered feature, OpenAI may process the content described in section 7.

8.7 Professional advisers

We may share information with lawyers, accountants, auditors, insurers or professional advisers where reasonably necessary for legal, regulatory, tax, security or business purposes.

8.8 Authorities and protection of rights

We may disclose information where we reasonably believe disclosure is necessary to:

  • comply with law or a binding legal request;
  • enforce our Terms;
  • investigate fraud or unlawful activity;
  • protect the security of the Service;
  • protect our legal rights; or
  • protect the vital interests of a person.

8.9 Business transfers

If Protocol or its business is involved in a merger, acquisition, financing, reorganisation or sale of assets, personal information may be disclosed as part of that transaction.

We will require the recipient to use personal information consistently with this Privacy Policy or provide notice of material changes.

9. Protection required from service providers

Where another company processes personal information on our behalf, we require it through appropriate contractual and organisational measures to:

  • process information only on documented instructions;
  • use it only for authorised purposes;
  • protect its confidentiality and security;
  • assist with appropriate privacy requests;
  • delete or return it when no longer required; and
  • provide data protection equivalent to that described in this Privacy Policy and required by applicable law.

Some service providers may also process limited information as independent controllers under their own privacy policies.

10. No sale or advertising use of health information

Protocol does not:

  • sell personal information;
  • sell or license health information;
  • share personal information for cross-context behavioural advertising;
  • use health information to target advertising;
  • disclose health information to data brokers;
  • use health information to determine insurance eligibility or pricing; or
  • use HealthKit or other device-derived health information for advertising or marketing.

If these practices change, we will update this Privacy Policy and obtain consent where required before the new processing begins.

11. International data transfers

Protocol is based in the United Kingdom, but some service providers may process information in the United States or other countries.

This means personal information may be transferred outside the United Kingdom or the country in which you live.

Where required, we protect international transfers using appropriate safeguards, which may include:

  • a UK adequacy regulation;
  • the UK International Data Transfer Agreement;
  • the UK Addendum to the European Commission’s Standard Contractual Clauses;
  • the European Commission’s Standard Contractual Clauses;
  • contractual, technical and organisational protections; or
  • another lawful transfer mechanism.

You may contact us for more information about the safeguards used for a particular service provider.

12. How long we keep information

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy.

Our expected retention periods are:

Account and profile information

Retained while your account remains active.

Following account deletion, account information will normally be removed from active systems within 30 days, unless it must be retained for a lawful reason.

Health, peptide and protocol records

Retained while your account remains active or until you delete the relevant record.

Following account deletion or withdrawal of health-data consent, these records will normally be removed from active systems within 30 days.

Backup copies

Deleted information may remain in encrypted backups for up to 90 days before being overwritten through the ordinary backup cycle.

Backup information is not restored to active use except where required for disaster recovery, security or legal reasons.

Subscription and transaction records

Retained for the duration of the subscription and for up to six years afterwards where necessary for accounting, tax, fraud prevention or legal claims.

Authentication and security records

Normally retained for up to 12 months, although relevant records may be retained longer where needed to investigate a security incident, fraud or legal claim.

Support communications

Normally retained for up to 24 months after the support matter is closed, unless a longer period is necessary for an ongoing dispute or legal obligation.

Consent records

Records showing consent, withdrawal and acceptance of legal documents may be retained for up to six years after account closure or withdrawal, where necessary to demonstrate compliance or address legal claims.

Marketing information

Retained until you unsubscribe or withdraw consent.

We may retain limited suppression information after an unsubscribe so that we can honour your request not to receive further marketing.

AI conversations

Retained in your account until you delete the conversation or your account, subject to backup cycles and any shorter or longer retention period clearly stated when the AI feature is used.

Our AI provider’s transient retention period is [30 days.

We may retain information for longer where required by law, needed for a legal claim, or necessary to investigate fraud or protect users.

13. Account and data deletion

You can initiate deletion of your Protocol account through the account settings in the App.

Account deletion will delete or anonymise personal information associated with your account, subject to:

  • legal retention obligations;
  • security and fraud-prevention requirements;
  • unresolved transactions or disputes;
  • legal claims;
  • backup deletion cycles; and
  • information that has been irreversibly anonymised.

Account deletion is generally irreversible. You may lose your protocols, tracking history, health entries, chat history and other saved information.

Deleting your Protocol account does not automatically cancel a subscription billed through Apple. You must cancel an Apple subscription separately through your Apple Account subscription settings.

You may also request deletion by emailing team@joinprotocol.io.

We may need to verify your identity before completing a deletion request.

14. Security

We use appropriate technical and organisational measures designed to protect personal information against unauthorised access, alteration, disclosure, loss or destruction.

These measures may include:

  • encryption during transmission;
  • encryption of stored information where appropriate;
  • access controls;
  • authentication controls;
  • database row-level security;
  • restricted administrative access;
  • environment and secret management;
  • security monitoring;
  • logging;
  • backups;
  • vulnerability and dependency management; and
  • contractual protections for service providers.

Access to identifiable health information is limited to personnel and service providers who need access for an authorised operational, security or support purpose.

No system can be guaranteed to be completely secure. You are responsible for maintaining the confidentiality of your login credentials and securing the device on which you use Protocol.

If we become aware of a personal-data breach, we will investigate it and notify affected individuals and regulators where required by law.

15. Your privacy rights

Depending on where you live and the circumstances, you may have the right to:

  • request access to your personal information;
  • receive a copy of your information;
  • request correction of inaccurate or incomplete information;
  • request deletion of your information;
  • request restriction of processing;
  • object to processing based on legitimate interests;
  • receive information you provided in a portable format;
  • request transfer of eligible information to another organisation;
  • withdraw consent;
  • object to direct marketing;
  • complain to a data-protection regulator; and
  • receive information about safeguards used for international transfers.

These rights are subject to legal conditions and exemptions.

You will not normally be charged for exercising your rights. We may charge a reasonable fee or refuse a request where permitted by law, including where a request is manifestly unfounded, excessive or repetitive.

We may need to verify your identity before acting on a request.

For UK GDPR requests, we normally respond within one month. Where permitted by law, this period may be extended for a complex request or multiple requests, and we will tell you if an extension is required.

To exercise a right, email team@joinprotocol.io.

Withdrawing consent

You may withdraw:

  • marketing consent using the unsubscribe link in an email;
  • notification permission through your device settings; and
  • health-data consent through the App’s privacy settings or by contacting us.

Withdrawal does not affect processing that was lawful before withdrawal.

16. Complaints

Please contact us first if you have a concern so that we have an opportunity to investigate it.

You also have the right to complain to the UK Information Commissioner’s Office.

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
United Kingdom

You may also complain to the data-protection authority in the country where you live or work, where applicable.

17. California and other United States privacy rights

This section applies only where the relevant United States state privacy law applies to Protocol and to the person making the request.

Depending on your state, you may have the right to:

  • know or confirm whether we process your personal information;
  • access particular personal information;
  • request deletion;
  • request correction;
  • obtain a portable copy;
  • opt out of the sale or sharing of personal information;
  • opt out of targeted advertising;
  • limit certain uses of sensitive personal information;
  • appeal a refusal of a privacy request; and
  • not be discriminated against for exercising a privacy right.

Protocol does not sell personal information or share personal information for cross-context behavioural advertising.

Protocol uses sensitive health information only for purposes reasonably necessary to provide the Service, secure the Service, comply with law and fulfil the other limited purposes described in this Privacy Policy.

California residents may submit a request by:

Where the California Consumer Privacy Act applies, we will normally respond to a verified request within 45 days. We may extend this period as permitted by law and will provide notice of an extension.

We may verify your request using information associated with your Protocol account.

An authorised agent may submit a request where permitted by law, but we may require evidence of the agent’s authority and verification of the relevant consumer’s identity.

18. Children

Protocol is intended only for adults aged 18 and over.

We do not knowingly collect personal information from anyone under 18.

Parents and guardians must not create an account for a child or use Protocol to manage a child’s peptide, medicine or health-related activity.

If we learn that information has been collected from someone under 18, we will take reasonable steps to delete the account and associated information.

Contact team@joinprotocol.io if you believe that a person under 18 has provided personal information to Protocol.

19. Device permissions

Protocol may ask for device permissions where required for a particular feature.

These may include:

Notifications

Used to provide dose, protocol, check-in or other reminders.

Camera or photo library

Used only where you choose to upload an image or document.

Apple Health

Protocol will access Apple Health or HealthKit information only if:

  • the integration is offered;
  • you deliberately enable it;
  • the specific categories of health information are disclosed to you; and
  • you grant the relevant Apple permission.

HealthKit permission can be changed through Apple Health or device settings.

Protocol will not use HealthKit information for advertising or marketing.

Permissions can normally be withdrawn through your device settings. Some features may stop functioning after permission is withdrawn.

Delete any permission category from the published policy if the App does not request it.

20. Cookies and website technologies

Our website may use cookies, local storage and similar technologies.

Strictly necessary technologies may be used to:

  • operate the website;
  • maintain security;
  • remember privacy settings;
  • enable forms; and
  • prevent abuse.

Where required by law, we will obtain consent before using non-essential analytics, personalisation or marketing technologies.

You can manage available choices through our cookie banner or browser settings.

The mobile App does not rely on browser cookies in the same way as a website, but it may use local device storage, secure storage, SDKs and internal identifiers to provide its functionality.

Our current website analytics provider is: Google Analytics. We do not collect in-app analytics.

21. Automated decision-making

Protocol may use automated systems to:

  • generate informational responses;
  • calculate mathematical outputs;
  • organise records;
  • display trends;
  • schedule reminders; or
  • detect potential security issues.

Protocol does not use solely automated processing to make decisions that produce legal or similarly significant effects concerning you.

Automated outputs are not a substitute for professional medical advice.

22. Research

We do not use identifiable health information for human-subject research.

If we introduce a research programme, we will provide separate information and obtain any consent, ethical approval or regulatory authorisation required before using your information for that purpose.

23. Changes to this Privacy Policy

We may update this Privacy Policy to reflect:

  • changes to the Service;
  • new features or providers;
  • changes to our processing activities;
  • legal or regulatory requirements; or
  • security and operational developments.

The latest version will be made available through the App and website.

Where a change materially affects how we use personal information, we will provide reasonable notice through the App, by email or by another appropriate method.

Where required, we will obtain fresh consent before beginning materially different processing.

The effective date at the top of the policy shows when the latest version took effect.

24. Contact us

Questions, concerns and privacy requests should be sent to:

Thomas Smith
Email: team@joinprotocol.io
Data protection contact: Thomas Smith