Privacy Policy

Our Commitment

Your health data is deeply personal. We treat it with the respect it deserves. Zebby's World is built with privacy-first principles — we collect only what we need, we never sell your data, and you can delete everything at any time.

What We Collect

• Account info: Email address, display name (optional), selected conditions
• Health logs: Symptom entries, mood logs, activity logs, and associated metadata (severity, body parts, tags, weather, notes)
• Chat messages: Conversations with Zebby AI, stored to maintain conversation continuity
• Device data: If you connect Apple Health, Google Fit, or similar — heart rate, steps, sleep data as explicitly authorized
• Images: Photos you attach to logs or share in chat, stored securely
• Usage data: Basic analytics (pages visited, features used) to improve the App

What We Do NOT Collect

• Location data
• Contact lists
• Browsing history outside the App
• Biometric data (fingerprints, face scans)

How We Use Your Data

• To provide the Service: Your logs power insights, pattern detection, and AI chat personalization
• To improve the App: Anonymized, aggregated data helps us understand usage patterns
• To communicate: Service updates, streak reminders (if opted in), and account notifications
• Never for advertising: We do not serve ads or sell data to advertisers. Full stop.

AI & Your Data

When you chat with Zebby, your messages are sent to Anthropic's Claude AI for processing. Anthropic does not use your conversations to train their models (per their API terms). Your chat history is stored to maintain conversation context. You can delete your chat history at any time from Settings.

Data Storage & Security

• Data is stored on Supabase (PostgreSQL) with row-level security — you can only access your own data
• All data is encrypted in transit (TLS) and at rest
• Authentication is handled by Supabase Auth with secure session management
• Images are stored in private, authenticated storage buckets
• We use Stripe for payments — we never see or store your credit card number

Your Rights

• Access: Export all your data at any time from Profile > Export Data
• Delete: Request full account and data deletion by emailing privacy@zebbysworld.com
• Correct: Update your profile and health data at any time
• Portability: Export your data in structured format (JSON/PDF)
• Withdraw consent: Disconnect devices, delete data, or close your account at any time

Third-Party Services

• Supabase: Database and authentication (Privacy Policy)
• Anthropic (Claude): AI chat processing (Privacy Policy)
• Stripe: Payment processing (Privacy Policy)
• Vercel: Hosting (Privacy Policy)

Children's Privacy

Zebby's World is designed for users of all ages with chronic conditions. Users under 13 must have parental consent. We do not knowingly collect data from children under 13 without parental consent. If we learn we have, we will delete it promptly.

HIPAA Disclaimer

Zebby's World is a wellness application, not a covered entity under HIPAA. While we implement strong security practices, we are not HIPAA-certified. If you require HIPAA-compliant data storage, please consult your healthcare provider about appropriate tools.

Changes to This Policy

We may update this policy as the App evolves. Material changes will be communicated via email or in-app notice. Continued use after changes constitutes acceptance.

Contact

Privacy questions or data requests: privacy@zebbysworld.com
General support: support@zebbysworld.com