BodySitRep
🔒

How We Protect Your Data

Health data is personal. BodySitRep is built with encryption, access controls, and infrastructure designed to keep your information secure and under your control.

We designed BodySitRep with the principle that your health data belongs to you. We encrypt sensitive fields, enforce strict access controls, and do not sell or share your data. You can export everything or delete your account at any time. Our revenue comes from the service itself, not from your personal information.

What we do and what we don't

What we protect

  • All health log entries encrypted at rest
  • Free-text fields (notes, medications) encrypted with AES-256-GCM
  • Authentication tokens stored in httpOnly cookies
  • All data transmitted over TLS encryption
  • Full data export available at any time
  • Permanent account deletion on request

What we do not do

  • Sell your data to anyone
  • Share your data with advertisers or data brokers
  • Use your health data for AI or machine learning training
  • Track your activity inside the logged-in app with analytics
  • Store passwords in plaintext
  • Access your encrypted health notes except as required to operate the service

Core security controls

Multiple layers of protection, from the database to the browser.

🔐

AES-256-GCM Field Encryption

Sensitive free-text fields (daily notes, medication notes, treatment notes) are encrypted with AES-256-GCM before being stored. Each account has a unique encryption key derived server-side. Encrypted data is unreadable without your account credentials.

🔑

Secure Authentication

Sign in with email/password or Google OAuth. Passwords are hashed using bcrypt and are never stored in plaintext. Sessions use JWT tokens in httpOnly cookies. Authentication is managed by Supabase Auth.

🛡️

Row-Level Security

Every database query is scoped to your user ID through Supabase row-level security policies. These policies are enforced at the database level, not the application level, and are designed to prevent cross-user data access.

🏗️

Secure Infrastructure

Hosted on Vercel with automatic SSL/TLS, DDoS protection, and HTTPS on every route. Database on Supabase (PostgreSQL) with encryption at rest in US-based data centers. Payments processed securely through Stripe.

Your responsibility

Security is a shared effort. Here is what we ask of you.

  • Keep your login credentials secure and do not share them
  • Use a strong, unique password for your BodySitRep account
  • Keep your device and browser up to date with security patches
  • Log out of shared or public devices after use
  • Protect exported files, which may contain unencrypted health data
  • Report suspected unauthorized access to support@bodysitrep.com immediately

Data lifecycle

Where your data lives, how long we keep it, and how you can remove it.

Storage

Your data is stored on Supabase infrastructure using AWS data centers in the United States. All data is encrypted in transit (TLS) and at rest. Free-text health fields are additionally encrypted with AES-256-GCM before being stored.

Retention

We retain your data for as long as your account is active. We do not retain health or personal data after account deletion. Stripe may retain billing transaction records independently per their policies and applicable financial regulations.

Deletion

You can delete your account at any time from Settings. All associated data is permanently removed from our production database immediately. Automated database backups may retain deleted data for up to 30 days before normal rotation removes them. See our Account Deletion page for full details.

Export

You can export your data in multiple formats (CSV, PDF, JSON) at any time. Encrypted fields are automatically decrypted during export. Once data is exported and downloaded to your device, it leaves our control. Exported files are not encrypted by default. You are solely responsible for the security of exported files.

Threat model

What our security controls are designed to address, and what falls outside our scope.

What we protect against

  • Unauthorized access to your account (authentication + RLS)
  • Data interception in transit (TLS encryption)
  • Cross-user data access (row-level security policies)
  • Plaintext exposure of sensitive notes (AES-256-GCM field encryption)
  • Brute-force password attacks (bcrypt hashing + rate limiting)

What we cannot guarantee

  • Security of your personal device (malware, keyloggers, screen capture)
  • Weak or reused passwords chosen by you
  • Breaches of third-party services outside our control
  • Physical access to your unlocked device
  • Data you have exported and stored outside BodySitRep

Compliance position

HIPAA

BodySitRep is not a covered entity or business associate under HIPAA. We are not HIPAA compliant and the Service is not intended for use as a system of record for Protected Health Information (PHI). BodySitRep is a personal health tracking tool for individual consumers. Healthcare providers should not use BodySitRep to store, process, or transmit patient data.

Encryption Standards

We use AES-256-GCM for field-level encryption of sensitive health data, TLS for data in transit, and database-level encryption at rest through Supabase. Encryption protects data at rest and in transit but does not protect data if your account credentials are compromised.

Subprocessors

We use Supabase (database and authentication), Vercel (application hosting), Stripe (payment processing), and Google Analytics (consent-based marketing website analytics). Each processes data only as necessary to provide their service. For details, see our Privacy Policy.

Not Affiliated

BodySitRep is not affiliated with the U.S. Department of Veterans Affairs or any other government agency.

Incident response

We monitor our infrastructure for suspicious activity and unauthorized access attempts. In the event of a security incident that affects your data, we will:

  • Investigate and contain the incident promptly.
  • Notify affected users as required by applicable law.
  • Take steps to prevent recurrence.
  • Cooperate with law enforcement if required.

If you discover a security vulnerability or suspect unauthorized access to your account, contact us immediately at support@bodysitrep.com.

Security limitations

No method of electronic transmission or storage is 100% secure. While we implement strong security controls, we cannot guarantee absolute security. Specifically:

  • If your account credentials are compromised, an attacker can access your decrypted data through normal app usage.
  • Encryption applies to free-text fields only. Structured data (dates, severity scales, checkbox selections) is not field-encrypted.
  • Data stored in your browser's local storage is not encrypted by BodySitRep and may be lost if you clear browser data.
  • Exported files contain decrypted data and are your responsibility to secure.
  • Automated database backups may retain deleted data for up to 30 days.

For full legal details, see our Terms of Service and Privacy Policy.

Security FAQ

Can BodySitRep staff see my health data?

Sensitive fields like daily notes and medication details are encrypted with keys derived from your account. We do not access your health data except as required to operate the service (for example, to process an account deletion request). Encrypted fields cannot be read without your account credentials.

What happens if I delete my account?

All your data is permanently removed from our production database, including log entries, settings, encryption keys, and profile information. Deletion is completed immediately. Encrypted backups may retain deleted data for up to 30 days before normal rotation removes them. See our Account Deletion page for full details.

Is BodySitRep HIPAA compliant?

No. BodySitRep is a personal health tracking tool for individual consumers. We are not a covered entity or business associate under HIPAA. While we implement strong security controls (encryption, access controls, audit logging), we do not claim HIPAA compliance and the Service should not be used for regulated healthcare storage.

Where is my data stored?

Your data is stored on Supabase infrastructure using AWS data centers in the United States. All data remains within US borders.

What happens to my data if I export it?

Exported files are decrypted and downloaded to your device. Once data leaves BodySitRep, you are solely responsible for its security, storage, and handling. Exported files are not encrypted by default.

Is my data safe if someone gets my password?

If someone gains access to your account credentials, they can view your data through normal app usage, including decrypted notes. This is why we strongly recommend using a unique, strong password. If you suspect unauthorized access, change your password immediately and contact us.

What analytics do you use?

We use Google Analytics on our public marketing website only, with your consent. We also use Vercel Analytics for anonymous server-side performance metrics. No analytics run inside the logged-in app. Your health data is never sent to any analytics provider.

Track with confidence

Your health data deserves real protection. Start tracking with a platform built on security from day one.

Create Free Account