Gameday Health stores personal health data on behalf of the primary patient. The notes below describe how that data is handled today; they are not a substitute for the formal Privacy Policy that will be authored before any third party uses the app.

Where data lives

• Database: Supabase (managed Postgres). Every user-scoped table is gated by row-level security so only the row owner can read or write.
• File uploads (lab PDFs, medication-bottle photos): Supabase Storage, in private buckets keyed by user ID. Access requires short-lived signed URLs.
• No analytics, ad networks, or third-party trackers are loaded by the app.

AI extraction

• When you upload a lab report or medication photo, the file is sent to the Vercel AI Gateway, which routes the parse request to a third-party LLM provider.
• You confirm an extraction-consent prompt before any upload is sent to the model.
• The extracted fields and a small set of telemetry (model name, token counts, latency) are stored alongside your upload row for debugging.

Sharing

• Read-only share links you create are the only mechanism by which another person sees your data. Each link can be scoped (markers, date range) and revoked at any time from Settings.
• Share-link views are logged with a coarse user-agent family and referer host only — never IP or full referer.

Retention & deletion

• Account deletion is available from Settings. It removes your auth row, profile, lab reports, medications, uploads, and storage objects in a single cascading transaction.
• Orphaned upload files (started but never confirmed) are swept hourly by a server-side cron job.

Questions or concerns? Reach the operator directly — there is currently no support form.