Privacy Policy

Our Privacy Commitment

At SuppMan, we believe transparency isn't just for supplement labels—it's for how we handle your data too. This Privacy Policy explains what information we collect, why we need it, and how we protect it. No legal jargon, no hidden surprises.

The Quick Version (TL;DR)

  • We analyze supplement photos to give you science-based reports
  • All reports are public and searchable (helps others find supplement info)
  • Who scans what is always private—your identity is never linked to reports
  • We never sell your personal data to anyone
  • We use standard security measures to protect your information
  • You can delete your account anytime
  • We don't share your personal data with supplement companies
  • We don't track you across other websites

Information We Collect

1. Information You Provide Directly

When You Scan a Supplement:

  • Photos of supplement labels (EXIF metadata removed, image kept in report)
  • Product names and brands you've scanned
  • Your notes or ratings if you add them

If You Create an Account (Optional):

  • Email address
  • Password (encrypted)
  • Display name (optional)
  • Profile preferences (e.g., health goals, allergen alerts)

If You Contact Us:

  • Name and email
  • Message content
  • Any attachments you send

2. Information Collected Automatically

Usage Data:

  • Scan timestamps and frequency
  • Features you use most
  • Device type and browser
  • General location (country/state level only)
  • Crash reports and error logs

Cookies & Similar Technologies:

  • Session cookies (to keep you logged in)
  • Preference cookies (to remember your settings)
  • Analytics cookies (to improve our service)

3. Information We Don't Collect

  • Health conditions or medical history (unless you volunteer it)
  • Payment information (processed by secure third parties)
  • Biometric data
  • Precise GPS location
  • Contact lists or social media accounts

How We Use Your Information

To Provide Our Core Service

  • Analyze supplement labels and generate reports
  • Save your scan history (if you have an account)
  • Send you reports via email (if requested)
  • Improve our ingredient database and algorithms

To Improve SuppMan

  • Understand which features are most useful
  • Fix bugs and prevent crashes
  • Develop new features based on usage patterns
  • Improve our algorithms to better recognize supplement labels

To Communicate With You

  • Send your requested reports
  • Respond to support requests
  • Notify you of important updates (security, terms changes)
  • Send product updates (only if you opt-in)

To Ensure Safety & Security

  • Prevent fraud and abuse
  • Enforce our Terms of Service
  • Comply with legal obligations
  • Protect users' safety

How We Share Information

We Share With:

Service Providers (who help us run SuppMan):

  • Cloud hosting (AWS/Google Cloud)
  • Email service (for sending reports)
  • Analytics (anonymized data only)
  • Payment processors (for premium features)

These providers only access what they need to do their job, nothing more.

Affiliate Partners (only if you click affiliate links):

  • We may earn commissions on purchases
  • Partners only know you clicked from SuppMan
  • They don't receive your scan history or personal data

Legal Requirements (when required by law):

  • Court orders or subpoenas
  • Government requests (with proper legal basis)
  • To protect safety or prevent harm

We Never Share With:

  • Supplement manufacturers (for marketing)
  • Data brokers
  • Advertisers (for targeting)
  • Insurance companies
  • Anyone else without your explicit consent

Your Supplement Data

Report Visibility

All reports are public and searchable—so anyone researching a supplement can find real analysis, not just marketing. But who scans what stays private. Your account is never linked to public reports.

What's Public vs Private

Visible on Public Reports:

  • Supplement name and brand
  • Ingredient analysis and grades
  • Scientific references and research
  • Timestamp of analysis

Never Visible on Public Reports:

  • Your name or email
  • Your account information
  • Your location
  • Other supplements you've scanned
  • Any personal notes you add

Scan Data Storage

  • All Reports: Public and searchable, never linked to your identity
  • Without Account: No personal data or scan history stored
  • With Account: Scan history saved privately to your account
  • Photos: EXIF metadata stripped, then kept as part of the report

Aggregated Insights

We may share anonymized, aggregated trends like:

  • "30% of multivitamins are underdosed in Vitamin D"
  • "Most popular scanned ingredient this month: Ashwagandha"

This never includes individual or identifiable information.

Your Rights & Choices

You Can Always:

Access Your Data

  • Download all your scan history
  • See what information we have about you
  • Get a copy in machine-readable format

Control Your Data

  • Delete individual scans
  • Clear your entire history
  • Close your account permanently
  • Correct inaccurate information

Manage Communications

  • Opt-out of marketing emails
  • Choose notification preferences
  • Unsubscribe with one click

Control Cookies

  • Adjust browser settings
  • Use our cookie preference center
  • Browse in incognito mode (limited features)

For California Residents (CCPA)

You have additional rights including:

  • Right to know what personal information we collect
  • Right to delete your personal information
  • Right to opt-out of "sales" (we don't sell your data)
  • Right to non-discrimination

For EU/UK Residents (GDPR)

You have additional rights including:

  • Right to data portability
  • Right to restrict processing
  • Right to object to processing
  • Right to lodge a complaint with supervisory authority

Data Security

We encrypt your data in transit and at rest, run regular security audits, and limit who can access what. We keep backups and have a plan if something goes wrong.

Your part: Use a strong password, don't share your login, and log out on shared devices.

Children's Privacy

SuppMan is for adults. We don't knowingly collect data from children under 13. If you think a child has signed up, let us know and we'll delete their data.

Data Retention

Data TypeRetention Period
Public ReportsPermanent
Account InformationUntil you delete your account
Uploaded PhotosKept as part of report (EXIF metadata stripped)
Email Communications2 years
Analytics Data12 months
Server Logs30 days

Third-Party Links

Our reports may link to studies, retailers, or educational resources. Once you leave SuppMan, their privacy rules apply—not ours.

International Data Transfers

We're based in Japan. If you're using SuppMan from elsewhere, your data gets processed here. We follow standard practices to keep it safe in transit.

Changes to This Policy

We'll give you a heads up about big changes via email, website banner, or in-app notification.

Contact Us

Got questions? Email us at [email protected] or visit contact. We're based in Tokyo, Japan and aim to respond within 7 days.

Cookies

We use cookies to keep you logged in, remember your preferences, and understand how people use SuppMan (via anonymized analytics). Nothing sneaky.

Last Updated: December 21, 2025