Privacy — plain English

Health data is sensitive and you should be able to understand what's going on without a law degree. So this page is written to roughly an eleven-year-old reading age. If anything below isn't clear, send us an email at support@thier.app and we'll fix the wording.

What Thier is

Thier is a longevity app. You give it some information about your body — your steps, your heart rate, your sleep, your weight, sometimes a lab result, sometimes how you've been feeling — and it gives you a "biological age" estimate plus suggestions for the next thing you could try. There's an AI Longevity Coach you can chat with. There's a Care Circle you can use to share progress with one trusted person. And there are protocols and lessons that walk you through habits known to help with healthspan.

Thier is not a doctor. It can't diagnose you. It can't write you a prescription. It's a tool you use alongside your real healthcare. If something feels wrong with your body, please go and see a real clinician — Thier is not a substitute for that.

Who runs Thier

Thier is owned and operated by Steven Kippax, working alone (this is a "sole proprietor" set-up — one person making all the decisions). The legal name on the company filings is the same name that appears in the App Store. If you have a complaint, a question, or a request to access your data, write to support@thier.app and Steven will be the person who reads it.

For users in the EU and UK, Steven is also the data controller. There's a plan to appoint an external Data Protection Officer before Thier scales beyond a small beta — we'll publish their contact details here when that happens.

What data Thier collects

We've grouped this into three buckets so you can see what's normal-app stuff and what's the sensitive health stuff.

Bucket 1: who you are

Your email or your Apple Sign-In identifier (so we can let you back into your account)
Your display name and a profile picture (these can be made-up; we don't check)
Your chronological age (we need this to do the bio-age math)
Your country
Whether you smoke, drink, and roughly what your diet looks like (you choose during onboarding)

Bucket 2: what you do in the app

Which screens you open, what you tap, which lessons you complete
How long your streak is, what protocols you've started, what supplements you've added
Notifications you've received and tapped
Errors and crashes (so we can fix them)

Bucket 3: your health data (the sensitive stuff)

Your activity and sleep from Apple Health (heart rate, HRV, sleep stages, steps, VO₂ max, weight, body fat, blood pressure, etc. — depends on what your phone has)
Your activity from any wearable you connect (Strava, Oura, Garmin, Fitbit, Withings, Polar)
Anything you type into the AI Coach
Lab results, if you upload a PDF (the values get parsed; we keep the values, the PDF gets deleted after 90 days unless you delete it sooner)
Genetic data, if you upload a 23andMe / Ancestry / VCF file (the file is processed and discarded; we keep only the specific findings about you)
Your family's health history, if you tell us
Your supplement and medication stack, if you log it
Mental-health questionnaires (PHQ-9, GAD-7) if you fill them out

You're in control of every one of those. Most of them are optional. The basic app works without genetic data, without lab uploads, without family history, and without questionnaires.

Where the data lives

There are two places your data lives:

On your phone

Apple Health data stays on your phone unless you turn on cross-device sync. Your supplement notes, manual entries, and most settings live on your phone too. Apple's HealthKit framework handles the storage; we can read but we never write to your Health app.

On our servers

We use a service called Supabase to run our database. Supabase keeps the data encrypted both while it's moving (TLS) and while it's stored at rest (AES-256). Our database lives in EU-West-2 (London). Our daily backups are kept for 7 days then deleted automatically.

If you turn on cross-device sync, your daily Apple Health roll-up gets sent to our database so the app on your iPad shows the same numbers as the app on your iPhone. If you don't turn it on, your Apple Health data stays on your phone.

Who else can see it

The honest answer is: a few specific tools that we use to run the service. We don't sell your data. We don't trade it. We don't show it to advertisers (Thier doesn't have ads).

Here's the list — anyone listed here is bound by a Data Processing Addendum that says they can only use your data to run the service for us:

Supabase runs our database and our cron jobs. Their AWS sub-processor handles the underlying servers.
OpenAI answers your AI Coach questions. We send the conversation + a summary of your latest health context (your goals, your recent metrics, anything you've told the Coach to remember). OpenAI keeps your messages for 30 days for abuse monitoring. They don't train new models on your data because we've turned off that option in our account.
PostHog records which buttons you tap inside the app so we can see what's working. They don't get your name or email — they get a random user-id our app generated.
Sentry records crashes and errors. We strip names, emails, and other personal info from the crash report before it leaves your phone.
Vercel hosts the bits of the app that show up on the web (lessons.thier.app, share cards, the marketing site).
Apple handles push notifications via the Apple Push Notification Service.
Giphy serves the animated GIFs you can pick when posting in the Social tab.

That's the whole list. If we ever add a new service, we'll add them here and tell you in the app.

How long we keep it

Data	We keep it for
Your account	Until you delete it. After that we delete everything within 30 days.
Your bio-age and wearable rollups	Same as your account
AI Coach chat	Until you delete the conversation, or your account
Lab PDFs	90 days from upload (the parsed values stay; the PDF auto-deletes)
Raw genetic file	We never store it. It's processed in memory and discarded. We keep only the specific findings about you.
Crash reports	30 to 90 days, depending on the provider
App-usage analytics	12 months, then deleted automatically
Care Circle invites	14 days from creation (you can revoke any time)

What you can do with your data

You have the right to do all of these any time. You don't need a reason.

See what we have

You can ask us to send you a copy of everything we hold about you. There's an "Export my data" button in your profile — Settings → Export my data. We'll prepare a JSON file with everything in our database and send you a download link by email. It usually takes under five minutes.

Take it somewhere else

The export is in JSON, which is the format that other apps can read too. So if you want to move to a different longevity tracker, the data goes with you.

Delete it

There's a "Delete account" button in your profile too. When you tap it, we ask you to confirm twice (it's permanent). Then we delete everything we have about you within 30 days. Some sub-processors may take a few days to catch up; we ask all of them to honour the deletion.

Stop one thing without stopping the rest

The app has a "Privacy Settings" page that lets you turn off:

Cross-device sync (your data stays on this phone, doesn't go to our database)
AI Coach context (the Coach still works but doesn't see your health metrics — it just sees what you type)
Lab uploads to OpenAI (we won't send your lab values to OpenAI)
Genetic uploads to OpenAI (we won't send your genetic findings to OpenAI)
App-usage analytics (we won't track which buttons you tap)

You can turn any of these on or off at any time. If you turn one off, anything we've already sent isn't recallable, but nothing further goes through.

Ask us to fix something

If we have something wrong about you (wrong birthday, wrong age, an old supplement you don't take any more), you can edit it in the app. If you can't edit it yourself, email support@thier.app and we'll fix it.

Complain

If you're not happy with how we've handled your data, you can complain to:

The UK Information Commissioner's Office (ICO): ico.org.uk/concerns
Your local EU Data Protection Authority (the country you live in)
The California Office of the Attorney General (if you're a California resident under CCPA)
The relevant state privacy enforcement office in your US state

We'd rather you talked to us first so we can fix it — but you don't have to.

Security

Data on its way between your phone and our servers is encrypted (TLS 1.3). Data sitting on our servers is encrypted (AES-256). We use row-level security so only you can read your own rows in the database. We've put usage caps on the AI Coach to limit any prompt-injection abuse. We have crash reporting so we know about problems quickly. We rotate our database service-role key on a 90-day schedule.

We're not a fortress. Bad things happen on the internet. If we ever have a data breach, we'll tell you within 72 hours of finding out, and we'll tell the regulator too — that's the GDPR rule and we'll honour it.

You can help us help you by using a strong password, turning on two-factor authentication, and not sharing your phone unlocked.

Children

Thier is for adults. The minimum age for an account is 18. The age slider during onboarding locks at 18. If we ever find out a child is using Thier despite the age gate, we'll close the account and delete the data. If you're a parent or guardian and you think your child has signed up, email support@thier.app and we'll handle it.

We don't market Thier to children. The content (bio-age, supplements, longevity protocols) is not really aimed at people under 18 anyway.

Cookies and tracking

We don't run any third-party advertising trackers. We don't use cookies on our marketing site for tracking; we use one cookie ("thier_session") to remember if you're signed in to the admin SPA, and we don't use any cookies at all on the public lessons or share-card pages.

A note about the AI Coach

The AI Longevity Coach uses OpenAI's models. Here are the things to know:

The Coach does not know who you are by name. We send your display name (which can be a nickname), your age, your goals, your recent metrics, and any notes you've told the Coach to remember.
Your messages go to OpenAI over a TLS-encrypted connection. OpenAI keeps them for 30 days for abuse monitoring, then deletes them. They do not train new models on your data because we've turned that off in our account.
The Coach is informational only. It is not your doctor. It is not a clinician. It cannot prescribe. It cannot diagnose. It can talk through what your numbers mean and what evidence says about a topic, and it can route you to crisis services if you mention self-harm.
If you want the Coach to forget something it knows about you, ask it to forget. Or open Profile → "What your AI knows" and tap delete on the fact you want gone.

Changes to this policy

If we change anything important, we'll:

Update the "Last updated" date at the top.
Send you an in-app notice the next time you open Thier.
Send you an email if the change affects how we use your data.

We won't sneakily change the rules without telling you.

Quick contacts

If you want to…	Where to go
Export your data	App → Profile → Export my data
Delete your account	App → Profile → Delete account
Change a privacy setting	App → Profile → Privacy Settings
Ask a question	support@thier.app
Report a problem with another user	App → tap "…" on a post → Report
Complain about data handling	support@thier.app first; UK ICO or your local DPA second

Quick promises

We will never sell your data to anyone.
We will never share your data with advertisers.
We will never share what you tell the Coach with anyone outside the OpenAI processing chain (which is documented above).
We will tell you about a breach within 72 hours.
We will keep this policy in plain English. If we change it, we'll keep it in plain English.

How Thier handles your data