Privacy Policy

Effective Date: November 22, 2025
Last Updated: November 22, 2025

Our Privacy Commitment

At SuppMan, we believe transparency isn't just for supplement labels—it's for how we handle your data too. This Privacy Policy explains what information we collect, why we need it, and how we protect it. No legal jargon, no hidden surprises.

The Quick Version (TL;DR)

  • We analyze supplement photos to give you science-based reports
  • Free reports are public and searchable (helps others find supplement info)
  • Premium users can make their reports private
  • We never sell your personal data to anyone
  • We use standard security measures to protect your information
  • You can delete your account anytime
  • We don't share your personal data with supplement companies
  • We don't track you across other websites
  • Free tier = Public reports for community benefit

Information We Collect

1. Information You Provide Directly

When You Scan a Supplement:

  • Photos of supplement labels (processed for text extraction, then deleted)
  • Product names and brands you've scanned
  • Your notes or ratings if you add them

If You Create an Account (Optional):

  • Email address
  • Password (encrypted)
  • Display name (optional)
  • Profile preferences (e.g., health goals, allergen alerts)

If You Contact Us:

  • Name and email
  • Message content
  • Any attachments you send

2. Information Collected Automatically

Usage Data:

  • Scan timestamps and frequency
  • Features you use most
  • Device type and browser
  • General location (country/state level only)
  • Crash reports and error logs

Cookies & Similar Technologies:

  • Session cookies (to keep you logged in)
  • Preference cookies (to remember your settings)
  • Analytics cookies (to improve our service)

3. Information We Don't Collect

  • Health conditions or medical history (unless you volunteer it)
  • Payment information (processed by secure third parties)
  • Biometric data
  • Precise GPS location
  • Contact lists or social media accounts

How We Use Your Information

To Provide Our Core Service

  • Analyze supplement labels and generate reports
  • Save your scan history (if you have an account)
  • Send you reports via email (if requested)
  • Improve our ingredient database and algorithms

To Improve SuppMan

  • Understand which features are most useful
  • Fix bugs and prevent crashes
  • Develop new features based on usage patterns
  • Train our AI to better recognize supplement labels

To Communicate With You

  • Send your requested reports
  • Respond to support requests
  • Notify you of important updates (security, terms changes)
  • Send product updates (only if you opt-in)

To Ensure Safety & Security

  • Prevent fraud and abuse
  • Enforce our Terms of Service
  • Comply with legal obligations
  • Protect users' safety

How We Share Information

We Share With:

Service Providers (who help us run SuppMan):

  • Cloud hosting (AWS/Google Cloud)
  • Email service (for sending reports)
  • Analytics (anonymized data only)
  • Payment processors (for premium features)

All service providers are bound by strict confidentiality agreements.

Affiliate Partners (only if you click affiliate links):

  • We may earn commissions on purchases
  • Partners only know you clicked from SuppMan
  • They don't receive your scan history or personal data

Legal Requirements (when required by law):

  • Court orders or subpoenas
  • Government requests (with proper legal basis)
  • To protect safety or prevent harm

We Never Share With:

  • Supplement manufacturers (for marketing)
  • Data brokers
  • Advertisers (for targeting)
  • Insurance companies
  • Anyone else without your explicit consent

Your Supplement Data

Report Visibility

Free Tier (Public Reports):

  • Your reports are publicly viewable and indexed by search engines
  • This helps others researching the same supplements find reliable information
  • Reports are associated with the supplement product, not your personal identity
  • No personal information is displayed on public reports
  • Creates a searchable database of supplement analyses for community benefit

Premium Tier (Private Option):

  • Choose to make your reports private
  • Control who can view your analyses
  • Option to share via private link
  • Can toggle between public/private anytime

Why We Make Free Reports Public

  • Community Benefit: Helps others make informed supplement choices
  • SEO Value: Creates comprehensive supplement database searchable on Google
  • Transparency: Supplements sold to millions deserve public scrutiny
  • Cost Offset: Public reports help us provide free analyses

What's Public vs Private

Visible on Public Reports:

  • Supplement name and brand
  • Ingredient analysis and grades
  • Scientific references and research
  • Timestamp of analysis

Never Visible on Public Reports:

  • Your name or email
  • Your account information
  • Your location
  • Other supplements you've scanned
  • Any personal notes you add

Scan Data Storage

  • Without Account: Reports remain public, no personal data stored
  • Free Account: Reports public, scan history saved to your account
  • Premium Account: Choose public/private, full history control
  • Photos: Processed immediately, originals deleted within 1 hour

Aggregated Insights

We may share anonymized, aggregated trends like:

  • "30% of multivitamins are underdosed in Vitamin D"
  • "Most popular scanned ingredient this month: Ashwagandha"

This never includes individual or identifiable information.

Your Rights & Choices

You Can Always:

Access Your Data

  • Download all your scan history
  • See what information we have about you
  • Get a copy in machine-readable format

Control Your Data

  • Delete individual scans
  • Clear your entire history
  • Close your account permanently
  • Correct inaccurate information

Manage Communications

  • Opt-out of marketing emails
  • Choose notification preferences
  • Unsubscribe with one click

Control Cookies

  • Adjust browser settings
  • Use our cookie preference center
  • Browse in incognito mode (limited features)

For California Residents (CCPA)

You have additional rights including:

  • Right to know what personal information we collect
  • Right to delete your personal information
  • Right to opt-out of "sales" (we don't sell your data)
  • Right to non-discrimination

For EU/UK Residents (GDPR)

You have additional rights including:

  • Right to data portability
  • Right to restrict processing
  • Right to object to processing
  • Right to lodge a complaint with supervisory authority

Data Security

How We Protect Your Data

Technical Safeguards:

  • 256-bit SSL encryption in transit
  • Encrypted storage at rest
  • Regular security audits
  • Limited access on need-to-know basis

Operational Safeguards:

  • Employee training on data protection
  • Secure development practices
  • Regular backups
  • Incident response procedures

Your Role:

  • Use a strong, unique password
  • Don't share your account credentials
  • Log out on shared devices
  • Report suspicious activity immediately

Children's Privacy

SuppMan is not intended for children under 13. We don't knowingly collect data from children. If you believe a child has provided us information, please contact us immediately for deletion.

Data Retention

Data TypeRetention Period
Public Reports (Free)Permanent (valuable for research)
Private Reports (Premium)Until you delete
Account InformationUntil account deletion
Uploaded PhotosDeleted within 1 hour
Email Communications2 years
Analytics Data12 months
Server Logs30 days

Note on Public Reports: Free reports remain public indefinitely as they contribute to our searchable supplement database, benefiting the entire community.

Third-Party Links

Our reports may include links to studies, retailers, or educational resources. We're not responsible for their privacy practices. Check their policies before sharing information.

International Data Transfers

We're based in Japan. If you're accessing SuppMan from another country, your data may be transferred to and processed in Japan. We use appropriate safeguards for international transfers.

Changes to This Policy

We'll notify you of significant changes by:

  • Email (if you have an account)
  • Prominent notice on our website
  • In-app notification

Continued use after changes means you accept the updated policy.

Contact Us

For Privacy Questions:

Data Protection Officer:

Mailing Address: SuppMan, Inc. Tokyo, Japan

Response Time: We aim to respond to all privacy requests within 30 days.

Cookie Policy Appendix

Essential Cookies

Required for basic functionality:

  • Session management
  • Security tokens
  • Load balancing

Functional Cookies

Enhance your experience:

  • Remember preferences
  • Save recent scans
  • Language settings

Analytics Cookies

Help us improve:

  • Google Analytics (anonymized)
  • Performance monitoring
  • Feature usage tracking

Thank you for trusting SuppMan with your data. We take this responsibility seriously.