Privacy Policy

Last Updated: November 2025

At MitoChat, we understand that few things are more personal than your health data. We are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your information. This Privacy Policy explains our practices regarding your data when you use our website, mobile application, and related services (collectively, the “Service”).

MitoChat is operated by MitoChat, LLC, a Delaware limited liability company with its principal place of business at 2810 N Church St, Wilmington, DE 19802.

1. Information We Collect

1.1 Information You Provide Voluntarily

You are in control of what information you share with MitoChat. All health information you provide is voluntary, similar to information you might share with ChatGPT or other AI assistants. This may include:

  • Account Information: Email address, name, password, and profile details
  • Health Information: Health goals, symptoms, conditions, medications, supplements, diet, hydration, sleep patterns, and other wellness data you choose to share
  • Toxicity Assessments: Responses to health assessment questionnaires
  • Chat Conversations: Messages and interactions with our AI Health Coach
  • Check-In Data: Daily or periodic wellness check-ins and habit tracking
  • Uploaded Documents: Health records, lab results, PDFs, and images you choose to upload
  • Journey and Milestone Data: Progress through educational courses, lessons completed, and Gems earned
  • Payment Information: Billing details for subscriptions and purchases (processed securely through our payment processor)

1.2 Automatically Collected Information

When you use the Service, we automatically collect certain technical information:

  • Usage Data: Pages viewed, features used, time spent on the Service, interaction patterns, milestones completed, and Gems earned
  • Device Information: Device type, operating system, browser type, IP address, and mobile device identifiers
  • Log Data: Server logs, error reports, and performance data
  • Cookies and Similar Technologies: Data collected through cookies, pixels, and local storage (see Section 8 for more details)

1.3 Information from Third Parties

We may receive information from third-party services you choose to connect with MitoChat:

  • Authentication Services: If you sign up using Google or other OAuth providers
  • Payment Processors: Transaction information from Stripe or other payment services
  • Supplement Vendors: Order and fulfillment information for supplement purchases from Fullscript and other partners
  • AI Service Providers: Processing of content through third-party AI service providers for health coaching and document analysis

2. How We Use Your Information

We use your information for the following purposes:

2.1 To Provide and Personalize the Service

  • Create and manage your account
  • Provide personalized AI health coaching and recommendations
  • Generate health assessments and toxicity reports
  • Track your wellness progress and goals
  • Remember your conversations and create “memories” for continuity
  • Send notifications and reminders based on your preferences

2.2 To Facilitate Third-Party Services

  • Facilitate connections with supplement vendors and laboratory testing services
  • Provide discount codes and promotional offers
  • Support third-party transactions and order fulfillment

2.3 To Improve and Develop the Service

  • Analyze usage patterns to improve features and user experience
  • Train and improve our AI models (using anonymized data)
  • Develop new features and educational content
  • Conduct research and analytics
  • Fix bugs and technical issues

2.4 To Communicate with You

  • Send service-related announcements and updates
  • Respond to your inquiries and support requests
  • Send educational content and wellness tips (with your consent)
  • Notify you of changes to our Terms or Privacy Policy

2.5 For Legal and Security Purposes

  • Comply with legal obligations and enforce our Terms of Service
  • Protect against fraud, abuse, and security threats
  • Resolve disputes and enforce our agreements
  • Protect the rights, property, and safety of MitoChat, our users, and the public

3. How We Share Your Information

Your Privacy Matters

We do not sell your personal information. We do not share your health information with third parties for their marketing purposes.

3.1 Service Providers

We share information with trusted third-party service providers who help us operate the Service, including:

  • Cloud hosting and storage providers (e.g., Supabase, Vercel)
  • AI and machine learning service providers
  • Email and notification services
  • Analytics providers
  • Supplement vendors for order fulfillment (e.g., Fullscript)
  • Laboratory testing services for blood work and DNA analysis

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

3.2 Business Transfers

If MitoChat is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

3.3 Legal Requirements and Government Requests

We may disclose your information if required by law, legal process, court order, or governmental request. This includes responding to lawful requests from public authorities, including to meet national security or law enforcement requirements. We may disclose information when we believe it is necessary to:

  • Comply with applicable laws, regulations, legal process, or governmental requests
  • Enforce our Terms of Service and other applicable agreements
  • Detect, prevent, or address fraud, security, or technical issues
  • Protect the rights, property, or safety of MitoChat, our users, or the public as required or permitted by law
  • Respond to claims that content violates the rights of third parties

Where appropriate and legally permissible, we will notify you of such requests unless prohibited by law or court order, or if providing notice could create a risk of harm or obstruction of justice.

3.4 With Your Consent

We may share your information with other third parties when you explicitly consent to such sharing.

3.5 Aggregated, De-Identified, and Anonymized Data

We may de-identify, anonymize, and aggregate your information for any lawful business purpose without restriction. Once information is de-identified such that it cannot reasonably be used to identify you, we may:

  • Use it for research, analytics, and product development
  • Share it with business partners, researchers, and third parties
  • Publish aggregate statistics and trend analyses
  • License or sell de-identified datasets

De-identified information is not considered personal information and is not subject to this Privacy Policy or your data subject rights. For example, we might share aggregated wellness trends, anonymized supplement usage patterns, or de-identified health assessment statistics with researchers or partners.

4. Your Privacy Rights and Controls

We believe you should have control over your personal information. You have the following rights:

4.1 Access and Portability

You can access your personal information and health data through your account settings. You can request a copy of your data by contacting us at support@mitochat.com.

4.2 Correction and Update

You can update your account information and health data at any time through the Service. If you need assistance, contact us at support@mitochat.com.

4.3 Deletion

You can delete specific health information, chat memories, or your entire account through your profile settings. You may also request deletion by emailing support@mitochat.com. Please note that some information may be retained in backup systems for a limited period or as required by law.

4.4 Communication Preferences

You can control notification settings and email preferences through your account settings or by following unsubscribe links in emails. Note that we may still send you essential service-related communications.

4.5 Cookie Preferences

You can manage cookie preferences through your browser settings. However, disabling certain cookies may limit your ability to use some features of the Service.

4.6 State-Specific Rights

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, or Washington, you may have additional rights under state privacy laws, including:

  • Right to know what personal information we collect and how we use it
  • Right to access and obtain a copy of your personal information
  • Right to delete your personal information (subject to certain exceptions)
  • Right to correct inaccurate personal information
  • Right to opt-out of “sales” of personal information (note: we do not sell personal information)
  • Right to opt-out of targeted advertising
  • Right to data portability
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at support@mitochat.com. We will respond to your request within 30 days of receipt.

5. Data Security

We take the security of your information seriously and implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (using TLS/SSL) and at rest
  • Secure cloud infrastructure with regular security updates
  • Access controls and authentication mechanisms
  • Regular security audits and monitoring
  • Employee training on data privacy and security
  • Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

6. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy. Specifically:

  • Account Data: Retained while your account is active and for a reasonable period afterward (typically 90 days) unless you request deletion
  • Health Information: Retained while your account is active or until you delete it
  • Chat Memories: Retained until you delete them or your account is deleted
  • Transaction Records: Retained for accounting and legal compliance purposes (typically 7 years)
  • Usage and Log Data: Retained for a limited period for analytics and security purposes (typically 12-24 months)

After the retention period, we will delete or anonymize your information. Some data may remain in backup systems for a limited additional period.

7. Children's Privacy

MitoChat is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete such information. If you believe we have collected information from a child under 18, please contact us at support@mitochat.com.

8. Cookies and Tracking Technologies

We use cookies, pixels, local storage, and similar tracking technologies to collect information and improve the Service. Cookies are small data files stored on your device.

Types of Cookies We Use:

  • Essential Cookies: Required for the Service to function properly (e.g., authentication, security)
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how users interact with the Service
  • Performance Cookies: Monitor and improve Service performance

You can control cookies through your browser settings. Note that disabling cookies may affect your ability to use certain features of the Service.

9. Third-Party Services and Links

The Service may contain links to third-party websites, services, or supplement vendors. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit. This Privacy Policy applies only to information collected by MitoChat.

10. International Users

MitoChat is based in the United States. If you are accessing the Service from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States and other countries where our service providers operate. By using the Service, you consent to the transfer of your information to the United States and other countries that may have different data protection laws than your country of residence.

11. HIPAA and Health Information

Important: Not a HIPAA-Covered Entity

MitoChat is not a HIPAA-covered entity. We are not a healthcare provider, health plan, or healthcare clearinghouse, and the Health Insurance Portability and Accountability Act (HIPAA) does not apply to our Service.

The health information you share with MitoChat is voluntarily provided by you, similar to information you might share with a fitness tracker, wellness app, or AI assistant like ChatGPT. This information is not Protected Health Information (PHI) as defined under HIPAA.

We do not receive health information from your healthcare providers, and we do not create, maintain, or transmit health information on behalf of covered entities. While we take your privacy seriously and implement strong security measures, the specific protections of HIPAA do not apply to our Service.

If you have concerns about sharing health information, please consult with your healthcare provider about what information is appropriate to share with wellness and educational tools like MitoChat.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you by email or through a prominent notice in the Service. We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

MitoChat, LLC

Privacy Team

2810 N Church St

Wilmington, DE 19802

United States

Email: support@mitochat.com

We will respond to your inquiry within a reasonable timeframe, typically within 30 days.

By using MitoChat, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and sharing of your information as described herein.