Privacy Policy
Effective June 18, 2026
This Privacy Policy explains how Caspia (“Caspia,” “we,” “us”) collects, uses, and shares information when you use the Caspia website and ask questions about lifestyle and health-behavior topics. Caspia provides general wellness information and is not a healthcare provider; we are not a HIPAA covered entity, and the service is not a substitute for professional medical care.
Information we collect
- Account information. When you create an account we collect your email address and your acknowledgement that you are 18 or older. If you sign in with Google, we receive your email address from Google.
- Your questions and inputs. The questions you ask, any health goals or health-summary details you choose to provide, and an optional profile image you upload.
- Conversation history. Your chats are stored so you can return to them. Guest chats are tied to a randomly generated session identifier stored in a cookie, and are linked to your account if you later sign in.
- Usage and device data. Basic analytics about how the service is used (for example, questions asked, sign-ins, return visits) and standard technical data such as your browser type.
- Cookies. We use cookies that are necessary for sign-in and session continuity (including a guest-session cookie), and analytics cookies.
How we use information
- To generate answers to your questions and operate the service.
- To maintain your account, conversation history, and saved plan items.
- To enforce usage limits and protect against abuse and automated traffic.
- To improve our evidence corpus and the quality of answers. Topics where our reviewed evidence is incomplete may be reviewed by Caspia staff so we can add or improve coverage.
- To understand product usage through aggregate analytics.
How your question text is processed by AI providers
To answer your question, the text you submit may be sent to third-party AI providers that act as our processors under enterprise terms that, to our knowledge, do not use your data to train their general models:
- Anthropic (Claude) — generates answers that supplement our reviewed evidence.
- Google (Gemini) — detects language and translates your question for search.
- OpenAI — generates text embeddings used to search our evidence corpus (as this feature rolls out).
Service providers
We rely on infrastructure and service providers to run Caspia, including Supabase (database and authentication), Amazon Web Services (hosting and email delivery), Cloudflare (bot protection), and PostHog (product analytics). These providers process information on our behalf.
Sharing
We do not sell your personal information. We share information only with the processors and service providers described above, when required by law, or in connection with a business transfer.
Retention and deletion
We keep your information for as long as your account is active. You can delete your account from your account settings; we use a soft-delete and then purge data on a later schedule. Backups and logs may persist for a limited period.
Your choices
You can access and update your email from your account settings, delete your account, and control cookies through your browser. Depending on where you live, you may have additional rights over your personal information; contact us to exercise them.
Children
Caspia is for adults 18 and older. We do not knowingly collect information from anyone under 18.
Changes
We may update this policy. We will revise the effective date above and, where appropriate, provide additional notice.
Contact
Questions about this policy? Email privacy@caspiahealth.com.