Privacy Policy

Last updated: May 29, 2026

1. Who We Are

DoseCurve is operated by BlackGlass Consulting LLC. This Privacy Policy explains how we collect, use, and protect your information when you use our service at dosecurve.com.

2. Information We Collect

Account Information

Email address, password (hashed), and authentication provider data (if using social login via Google or Apple).

Health Tracking Data

Medication type, injection dates and doses, injection sites, weight entries, and side effect logs. This data is entered voluntarily by you.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card number. Stripe may share your email and subscription status with us. Charges on your statement will appear as "BlackGlass Consulting LLC" or "BLACKGLASS CONSULTING".

Automatically Collected

Basic analytics (page views, device type) via privacy-respecting analytics. We do not use third-party advertising trackers.

3. How We Use Your Data

  • To provide the Service (display your tracking data, send reminders)
  • To generate anonymized, aggregate community benchmarks (no individual data is ever exposed)
  • To process payments and manage subscriptions
  • To send transactional emails (injection reminders, account notifications)
  • To improve the Service

4. Community Benchmarks & Anonymization

DoseCurve offers community benchmark features showing aggregate statistics (e.g., "average weight loss for users on X medication at Y dose"). This data is:

  • Fully anonymized — no individual user can be identified
  • Only displayed when 5+ users share the same protocol (to prevent re-identification)
  • Never sold to third parties

5. Data Sharing

We do NOT sell your personal data. We share data only with:

  • Supabase — database hosting (your data is stored here)
  • Stripe — payment processing
  • Resend — transactional email delivery
  • Vercel — application hosting

These providers process data on our behalf under their respective privacy policies and data processing agreements.

6. Data Security

Your data is stored in Supabase with row-level security (RLS) enabled — meaning only you can access your own records. Data is encrypted in transit (TLS) and at rest. Passwords are hashed and never stored in plaintext.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data is permanently deleted within 30 days. Anonymized aggregate data (already contributed to benchmarks) is retained.

8. Your Rights

You have the right to:

  • Access all data we hold about you
  • Export your data (JSON/CSV)
  • Correct inaccurate data
  • Delete your account and all associated data
  • Opt out of non-essential emails

To exercise these rights, contact support@dosecurve.com.

9. Cookies

We use essential cookies only (authentication session). We do not use advertising or third-party tracking cookies.

10. Children

DoseCurve is not intended for use by anyone under 18 years of age. We do not knowingly collect data from minors.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email.

12. Contact

For privacy-related questions or requests, contact us at support@dosecurve.com.

BlackGlass Consulting LLC
support@dosecurve.com