Most privacy policies are written to protect the company. This one is written to tell you what actually happens to your data — and what doesn't.
Effective June 8, 2026 · Last updated June 8, 2026 · Vithropic, Inc.
We will never sell your data. Ever.
We will not sell the company for what's underneath it.
We will not compromise what this is to grow faster.
These are not policy clauses — they are decisions made before the first customer joined. The privacy practices below are the architecture of those decisions.
This policy describes how Vithropic, Inc. ("Vithropic," "we," "us") collects, uses, stores, and protects information when you use vithropic.com, app.vithropic.com, the Vithropic mobile apps, and related services. It applies to all users — trial, paying, comped, and former.
This policy does not apply to third-party services we link to. Those services have their own privacy policies.
Vithropic is a United States-only service. This policy and your use of Vithropic are governed by the laws of the United States. If you access Vithropic from outside the United States, your data is transferred to and processed in the United States.
The first founding commitment — we will never sell your data — translates into four operational promises that govern everything below.
We don't sell. We have never sold your personal information, and we will never sell it. Not to advertisers, not to data brokers, not to insurers, not to research consortiums, not to anyone — for any consideration.
We don't share for ads. Vithropic has no advertising business. We do not share your personal information for cross-context behavioral advertising or any advertising purpose.
We don't monetize through second-order pathways. No "anonymized data" sale to third parties for their own use. No data partnerships with anyone whose business model touches user data.
No data brokers, period. We do not buy data about you from any source. The only information about you inside Vithropic is what you give us or what you authorize us to read from your device.
These are not aspirational — they are how the business is structured.
We collect only what is needed to build your life's intelligence layer.
We do not ask for, and do not store, your last name. We do not ask for your physical address, your phone number, your Social Security number, your full date of birth, your bank account numbers, or your routing numbers.
Cole asks for context over time — conversationally, not via forms. Profile fields stored against your account:
Specific notes:
The combination of ZIP code, full date of birth, and sex has been shown by privacy research to uniquely identify roughly 87% of the U.S. population. We deliberately do not collect your full date of birth — only birth year. We treat the ZIP / birth-year / sex combination as sensitive and protect it accordingly.
You upload financial documents — bank statements, paystubs, credit card statements, brokerage and retirement statements, mortgage statements, insurance declarations, tax returns, credit reports. We extract the structured line items the intelligence layer needs — transactions, balances, employer name, account types. Once extraction completes, the original document is discarded. The structured data extracted is the only persistent record.
You choose whether to connect health data. The Vithropic Android app is a read-only Health Connect client — it never writes data back. Integration paths:
| Health Connect group | Read-only data types requested |
|---|---|
| Activity and movement | Steps, distance, floors climbed, active calories burned, total calories burned, exercise sessions (type and duration only, not routes), speed, power output, elevation gained, wheelchair pushes |
| Cardiovascular and respiratory | Heart rate, resting heart rate, heart-rate variability, blood pressure, blood oxygen, VO₂ max, respiratory rate |
| Sleep | Sleep sessions and sleep stages |
| Body composition | Weight, body fat percentage, lean body mass, bone mass, body-water mass, basal metabolic rate, height |
| Vitals and metabolic | Body temperature, basal body temperature, blood glucose, skin temperature |
Raw health samples are kept in a rolling 60-day window, then dropped. From the raw samples, the intelligence layer derives baselines, variances, and patterns — the slow-moving signal Cole reasons against. Derived intelligence persists for the life of your account.
Cole carries context across your sessions and devices. Your conversation history is stored against your account. We do not sell this content, do not share it, and do not use it to train external AI models.
To keep the service running and to fix what breaks, our servers see an authentication token on every request, the data you're sending (health batches, document uploads, deletion confirmations), and standard transport-level data every HTTP request includes — your IP address and your device's HTTP User-Agent.
The Vithropic app contains no advertising or third-party tracking technology.
Documents are transmitted over an encrypted connection. They are processed only to extract the structured data the intelligence layer needs. Once extraction completes, the original document is discarded. Document text is never used to train, fine-tune, or improve any AI model — by us, or by any service provider. This is a contractual restriction, not a preference.
Cole reads your data and recommends moves with rationale. Cole is not a credentialed professional and does not give specific advice in four regulated areas:
A licensed adviser's lane.
A CPA's lane.
An attorney's lane.
A physician's lane.
When a question crosses one of these lines, Cole names the right professional and what to bring them. Cole does not substitute for credentialed counsel.
Every use of your data serves one purpose: building your life's intelligence layer for you.
| Purpose | Data used | Retention |
|---|---|---|
| Generating your Live Funded Score, Live Funded Date, and personalized observations | Profile, financial, health (raw and derived) | Life of account |
| Calibrating the intelligence layer to your specific patterns over time | Profile, conversation, derived patterns | Life of account |
| Delivering bi-weekly briefings and account communications | Email, briefing content | Life of account |
| Detecting and responding to security threats | IP address, User-Agent, session logs | As long as needed for security |
| Improving the product through aggregated, anonymized data | Aggregated, anonymized signals (never individual records) | Indefinite (anonymized) |
We do not use your data for advertising. We do not build advertising profiles. We do not sell, rent, lease, or trade your personal information to any third party, for any purpose, ever.
You can delete your account from any state — active, paused, or locked out for non-payment.
Permanent purge is permanent going forward. Standard operational backups age out under their normal lifecycle and are not used to restore deleted accounts.
Some accounts are granted access at no cost — for example, founding-member programs, internal testing groups, or specific community initiatives. Comped accounts collect, store, and handle data identically to paid accounts. The privacy practices in this policy apply uniformly. A comped account does not create a payment-processor customer record.
We use a small number of service providers to operate. Each receives only the data they need for their specific function. Each is contractually bound to use that data solely for the function we engage them for. None is paid for, or shares with us, your data for any purpose unrelated to operating Vithropic.
We do not share your data with data brokers, marketing platforms, analytics resellers, ad networks, or any party whose business model involves selling or monetizing data.
We may disclose information if required by law, court order, or lawful government request. We will notify you of such requests unless prohibited by law from doing so.
We encrypt your data in transit and at rest. We apply additional protections on the most sensitive fields. Access to user data is strictly limited to authorized personnel for operational purposes. We follow industry-standard security practices and continuously evaluate our posture.
A general overview of how Vithropic is architected for security — including how data is separated across our infrastructure to limit the impact of any single point of compromise — is available at vithropic.com/security.
No system is invulnerable. We invest in architectural limits so that any single compromise has the smallest possible blast radius.
Most rights can be exercised directly from your account settings without contacting us.
View every category of data Vithropic holds about you. No hidden categories.
Tell Cole what we got wrong; the intelligence layer updates. Or contact us — corrections are made promptly, within the timeframes required by law.
Request a complete, machine-readable export of all data we hold about you. Delivered to your registered email promptly, within the timeframes required by law.
From any state, with the confirmation flow above. Soft-delete is immediate; permanent purge follows after the 30-day grace window.
Stop uploading documents at any time. Disconnect health data from your device's health-platform settings to stop health data flow immediately. Previously stored data remains until you delete it.
Unsubscribe from non-essential communications using the unsubscribe link in any email. Transactional communications (account security, trial expiry, billing notices) cannot be opted out of while your account is active.
You have additional rights under the California Consumer Privacy Act (CCPA), as amended by the CPRA — including the rights to know, delete, correct, and obtain a portable copy of your information. See the California Privacy Addendum at the bottom of this policy.
Vithropic uses only the cookies required to operate the service:
We do not use advertising cookies, third-party tracking cookies, or cross-site tracking. No third-party analytics. No advertising pixels. No behavioral advertising technology. No browser fingerprinting.
You can disable cookies in your browser settings. Session and security cookies are required for the authenticated portal to function — disabling them will prevent sign-in.
Vithropic is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, contact us immediately and we will delete it.
For users aged 13 to 17, we recommend parental review of this policy before use.
When we make material changes to this policy, we will notify you by email at least 30 days before the changes take effect. Minor clarifications that do not affect your rights or our practices may be made without advance notice.
The effective date at the top of this page reflects when the current version took effect. Previous versions are available on request.
Questions about your data are handled personally and responded to promptly, within the timeframes required by law. Account-deletion requests follow the lifecycle described above.
Vithropic, Inc. · Contact form
This addendum supplements the rights above with disclosures and rights specific to California residents under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). If you are a California resident, the rights in this addendum apply to you.
In the preceding 12 months, Vithropic has collected the following categories of personal information from California residents:
| CCPA category | What Vithropic collects |
|---|---|
| Identifiers | First name, email address, IP address, account identifier |
| Customer records | Subscription billing data held by our payment processor |
| Protected classifications | Sex, birth year |
| Commercial information | Subscription status, payment history |
| Internet activity | Operational request logs, User-Agent string |
| Biometric and health information | Connected health-platform data — only if you grant permission |
| Inferences | Derived intelligence (baselines, patterns, projections) generated only for you, not used to characterize you for any third party |
We do not collect: precise geolocation, racial or ethnic origin, audio or visual recordings, professional or employment-related information beyond income source, education information, or biometric identifiers used for identification.
We collect personal information from (a) you directly — account information, profile fields, financial documents you upload, conversations with Cole; (b) your devices — health data you authorize, IP and User-Agent on requests; and (c) our service providers — subscription status from our payment processor.
Each category above is collected for the purposes described in the "How we use your information" section above. We do not use personal information for purposes beyond those described.
The CPRA designates certain categories as sensitive personal information. Vithropic collects the following sensitive categories:
We do not collect: precise geolocation, racial or ethnic origin, religious beliefs (except religious tradition as an optional profile field you can decline), sexual orientation, union membership, contents of mail or messages, citizenship or immigration status, or government identifiers.
Sensitive personal information is used only for the purposes for which you provided it — operating the intelligence layer for you. We do not use sensitive personal information to infer characteristics about you for any third party.
Vithropic has not sold personal information for monetary or other valuable consideration in the preceding 12 months.
Vithropic has not shared personal information for cross-context behavioral advertising in the preceding 12 months.
Vithropic does not anticipate selling or sharing personal information in the future. The "Our privacy promises" section above is a binding commitment, not a temporary state.
Most rights are exercisable directly from your account settings. For rights that require contact, submit a request through the contact form at vithropic.com/contact and identify the request as a "California Privacy Request."
Contact form at vithropic.com/contact. Mark your request as a "California Privacy Request."