Privacy Policy.

Last updated May 18th, 2026

01 — Our position on your data

REGEN tracks the most sensitive data a person can record about themselves — dose logs, biomarkers, photos of their own body. We treat it accordingly. This page explains, in plain language, what we collect and what we do not. If anything here is unclear, write to us.

The short version: we collect the minimum needed to run the app, we encrypt it end-to-end, we never sell it, and you can delete it at any time.

02 — What we collect

To operate REGEN we collect:

  • Account data — email, password hash, sign-up date.
  • Protocol data — the peptides you've added, doses you've logged, schedules you've set.
  • Biomarker data — values you enter manually (testosterone, lipids, glucose, etc.) or import from a connected lab.
  • App telemetry — anonymized crash reports and feature-usage counts. No identifiers, no tracking pixels.

We do not collect contacts, location, advertising IDs, or third-party social graphs.

03 — How we use it

Your data is used to make REGEN function: render your dashboard, fire your reminders, run the AI assistant, generate trends. That's it. We do not use your data to train shared models. We do not use your data for advertising. We do not sell or rent your data to anyone.

04 — Sharing

We share data only when you ask us to (e.g. exporting a read-only protocol link for your coach) or when required by law. Where we use vendors (cloud hosting, email delivery) they are bound by data-processing agreements and have access only to the minimum required to perform their function.

05 — Storage & security

Protocol and biomarker data is encrypted at rest with AES-256 and in transit with TLS 1.3. Cloud sync uses zero-knowledge envelope encryption — the keys live on your device, not on our servers. We could not decrypt your data even if compelled.

Photos and notes never leave your device unless you explicitly opt into cloud backup.

06 — Your rights

You can, at any time, from inside the app:

  • Export your full data set as JSON or CSV.
  • Delete your account and erase every record we hold.
  • Withdraw consent for telemetry.
  • Request a copy of any data tied to your account.

Residents of the EU, UK, California, and other jurisdictions with applicable privacy laws have the rights granted under those laws (GDPR, UK-GDPR, CCPA, etc.). Email privacy@regen.app and we will respond within 30 days.

07 — Children

REGEN is for adults. We do not knowingly collect data from anyone under 18. If you believe a minor has registered for an account, write to us and we will remove it.

08 — Changes

If we materially change this policy we will notify you in-app and by email at least 30 days before the change takes effect. The current version date is at the top of this page.

09 — Contact

Questions, deletion requests, or anything else — write to privacy@regen.app. We read every message.