← Back

Consumer Health Data Notice

Effective Date: April 21, 2026

This Consumer Health Data Notice describes how FASTA1C collects, uses, shares, and protects health-related information you provide. This notice supplements our Privacy Policy and applies specifically to consumer health data as defined under applicable state consumer health privacy laws.

1. What Is Consumer Health Data

"Consumer health data" means personal information that identifies or is reasonably linkable to a specific individual and that relates to their health condition, past, present, or future physical health, or the seeking of healthcare. In the context of FASTA1C, this includes blood glucose readings and any notes you attach to them.

2. What We Collect

We collect the following consumer health data when you use the Service:

  • Blood glucose readings (mg/dL values and timestamps)
  • Notes you voluntarily attach to readings
  • Estimated A1C calculations derived from your readings

We do not collect genetic data, biometric data, precise geolocation, or data about specific health conditions beyond what you voluntarily enter as notes.

3. How We Use It

We use your consumer health data solely to:

  • Calculate and display your estimated A1C and related statistics
  • Track trends in your readings over time
  • Send reminders and trend alerts you have opted into
  • Allow you to export your data

We do not use your health data for advertising, marketing profiling, sale, or any purpose unrelated to providing the Service to you.

4. How We Share It

We do not sell your consumer health data. We share it only as strictly necessary to deliver the Service:

  • Supabase — secure database and authentication infrastructure. Your data is stored with row-level security; only you can read your own data.
  • Resend — email delivery for reminders and account communications. We share only your email address and first name as needed to send messages.
  • Twilio — SMS delivery for reminders, if you opt into SMS notifications. We share only your phone number as needed to send messages.

Each of these providers is contractually bound to use your data only to provide the specified service.

We may disclose your information if required by law, court order, or valid legal process.

5. Your Rights

You have the following rights regarding your consumer health data:

  • Access: You can export all your health data at any time from the Settings page.
  • Deletion: You can permanently delete your account and all associated data from the Settings page. Deletion is immediate and irreversible.
  • Correction: You can delete individual readings from the Dashboard and re-enter corrected values.
  • Withdrawal of consent: You may withdraw consent to SMS or email notifications at any time from the Settings page or by replying STOP to any SMS.
  • Portability: You can download your data in JSON or CSV format from the Settings page at any time.

6. Data Retention

We retain your consumer health data for as long as your account is active. When you delete your account, all associated health data is permanently and immediately deleted from our database. No backup copies of your health data are retained following account deletion.

7. Security

Your health data is stored in a database with row-level security enforced at the database layer, meaning only your authenticated account can access your data. Communications between your device and our servers are encrypted using TLS.

8. Children

The Service is not directed to individuals under 18 years of age. We do not knowingly collect consumer health data from minors.

9. Changes to This Notice

We may update this Notice from time to time. We will notify you of material changes via email or by prominent notice within the Service before the changes take effect.

10. Contact

To exercise your rights or ask questions about this Notice, contact us at privacy@fasta1c.com.