Privacy Policy

1. Who We Are

ChemYou (chemyou.ai) is operated by Timur Dzhaksybekov, Lima, Peru. Contact: [email protected]

2. Data We Collect

• Blood test values — provided by you to generate your report. We do not link these to your identity.
• Optional context — country, age, sex (if you choose to provide them). Used only to personalise the report.
• Payment data — processed entirely by Paddle. We receive only a transaction confirmation; we never see your card details.
• Server logs — standard logs (IP address, timestamp, request path) retained for up to 30 days for security purposes.

3. How We Use Your Data

Blood test values and optional context are used solely to generate your nutrition report. They are not stored after the report is delivered, not used for advertising, and not sold or shared with third parties, except where required by law.

4. Legal Basis (GDPR)

Where the GDPR applies, we process health-related data under Art. 6(1)(b) (contract performance) and Art. 9(2)(a) (explicit consent). You provide explicit consent by ticking the consent checkbox before submitting your data.

5. Data Retention

Blood test data is processed in memory and is not written to persistent storage. Once your report is generated, no copy of your values remains on our servers.

6. Third-Party Services

• Paddle — payment processing (Merchant of Record). See Paddle Privacy Policy.
• OpenAI — AI model used to generate the report. Data is sent under OpenAI's data processing agreement; OpenAI does not use API inputs to train its models.
• Vercel — hosting provider. See Vercel Privacy Policy.

7. Your Rights

Under GDPR you have the right to access, rectify, erase, or object to the processing of your personal data. Because we do not store blood test data after report generation, erasure requests apply only to server logs. To exercise any right, email [email protected].

8. Cookies

ChemYou does not use tracking or advertising cookies. No cookie consent banner is required.