Privacy Policy

Phi Longevity, LLC · Effective Date: March 20, 2026 · Last Updated: March 20, 2026

We wrote this policy to be readable, not to hide behind legalese. If something is unclear, email us at privacy@philongevity.com and we’ll explain it in plain English.

What This Policy Covers

This Privacy Policy describes how Phi Longevity, LLC (“Phi Longevity,” “we,” “our,” or “us”) collects, uses, stores, and protects your information when you use our website at philongevity.com and our health intelligence platform (collectively, the “Service”). It also describes your rights regarding your data and how to exercise them.

By using the Service, you agree to the practices described in this policy. If you don’t agree, please don’t use the Service.

What Information We Collect

Information You Provide Directly

Account information: When you create an account, we collect your name, email address, and password (stored as a secure hash — we never store your plain-text password).

Health documents: You may upload health-related files including lab results (PDFs, images, structured data), wearable exports, imaging reports, genetic test summaries, and similar documents. This is the core of what the Service analyzes.

Profile information: Optional health context you choose to provide, such as age, sex assigned at birth, height, weight, and health goals. The more context you provide, the more relevant your analysis.

Payment information: If you subscribe to a paid plan, payment is processed by Stripe. We do not store your credit card number. We receive a payment confirmation token and your billing address for tax purposes.

Communications: If you contact us by email or through our support system, we retain that correspondence.

Information Collected Automatically

Usage data: We collect information about how you interact with the Service — pages visited, features used, time spent, and actions taken. This helps us improve the product.

Device and technical data: Browser type, operating system, IP address, and device identifiers. We use this for security, fraud prevention, and debugging.

Cookies and similar technologies: We use session cookies to keep you logged in and analytics cookies to understand usage patterns. You can disable cookies in your browser settings, though some features may not work correctly.

How We Use Your Information

We use your information to:

  • Provide the Service — analyze your health data and generate personalized reports and recommendations
  • Improve the Service — understand how people use the platform so we can make it better
  • Communicate with you — send account notifications, support responses, and (if you opt in) product updates and health insights
  • Ensure security — detect fraud, prevent unauthorized access, and protect the integrity of the Service
  • Comply with legal obligations — respond to lawful requests from authorities where required

We do not use your health data to train machine learning models that are shared outside Phi Longevity without your explicit consent.

How Your Data Is Stored and Protected

Your data is stored on Google Cloud Platform infrastructure (Firebase/Firestore and Cloud Storage) in the United States. Google Cloud maintains SOC 2 Type II certification and ISO 27001 compliance.

Encryption

  • • All data is encrypted in transit using TLS 1.2 or higher
  • • All data is encrypted at rest using AES-256
  • • Health documents are stored in access-controlled, encrypted cloud storage buckets

Access controls

  • • Only you can access your health data through your authenticated account
  • • Phi Longevity employees have role-based access limited to what’s necessary for their function
  • • We maintain audit logs of all administrative data access
  • • No employee can access your health documents without documented justification

Retention

We retain your account data for as long as your account is active. If you delete your account, we delete your health documents and personal data within 30 days, except where we’re required to retain records for legal or tax purposes (typically 7 years for financial records only — not health data).

HIPAA Alignment Statement

Phi Longevity operates in alignment with HIPAA privacy principles, including the handling of Protected Health Information (PHI) with appropriate safeguards. We implement administrative, physical, and technical safeguards consistent with the HIPAA Security Rule. We do not sell, rent, or disclose your health information to third parties for marketing purposes.

Important clarification: Phi Longevity is a health data intelligence tool, not a covered entity providing direct healthcare services. Your relationship with us is that of a software user, not a patient-provider relationship. We strongly recommend maintaining your formal healthcare relationships with licensed providers.

Who Can Access Your Data

You: Full access to everything you’ve uploaded and all reports generated.

Phi Longevity: Technical staff with role-based access as described above. We access data only when necessary to provide support or investigate security incidents.

Your authorized third parties: If you choose to share a report with your doctor or a family member using our sharing features, that person can see what you’ve explicitly shared. You control this entirely.

Service providers: We use a limited number of third-party services: Google Cloud/Firebase (infrastructure), Stripe (payment processing), and transactional email providers. These providers are bound by data processing agreements and are not permitted to use your data for their own purposes.

Legal requirements: We may disclose information if required by law, court order, or governmental authority. We will notify you if legally permitted to do so before complying.

We will never:

  • • Sell your personal data or health information to advertisers, data brokers, or third parties
  • • Share your health data with your employer, insurance companies, or government agencies without a lawful order
  • • Use your health data for targeted advertising

Your Rights and Choices

Access: You can view all data we hold about you from your account settings, or by emailing privacy@philongevity.com.

Correction: If something is wrong, you can update it in your account or contact us.

Export: You can export your uploaded documents and generated reports at any time from your account dashboard.

Deletion: You can delete your account and all associated health data at any time. Go to Account Settings → Delete Account, or email privacy@philongevity.com. Deletion is permanent and completed within 30 days.

Opt-out of marketing: Use the unsubscribe link in any marketing email. Transactional emails cannot be disabled while your account is active.

California residents (CCPA): You have the right to know what personal information we collect, the right to delete it, and the right to opt out of its sale (we don’t sell it). Contact privacy@philongevity.com to exercise these rights.

EU/UK residents (GDPR): You have rights of access, rectification, erasure, portability, and objection. You have the right to lodge a complaint with your local supervisory authority.

Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn we’ve collected information from a child under 18, we will delete it immediately. If you believe we’ve done so, please contact us at privacy@philongevity.com.

Changes to This Policy

We may update this policy from time to time. When we do, we’ll update the “Last Updated” date at the top. For material changes, we’ll notify you by email at least 30 days before they take effect. Your continued use of the Service after the effective date means you accept the updated policy.

Contact Us

If you have questions, concerns, or requests related to your privacy:

Email: privacy@philongevity.com

Mailing address: Phi Longevity, LLC, United States

We aim to respond to all privacy inquiries within 5 business days.

This privacy policy was last reviewed by our team on March 20, 2026.