GutDecode

Legal

Privacy Policy

Last updated: April 10, 2026

GutDecode is operated by Ashkan Hatef ("we," "us," or "our") at gutdecode.ashketing.com. This Privacy Policy explains what personal data we collect, why we collect it, and how we use, store, and protect it. By using GutDecode, you agree to the practices described here.

1. Information We Collect

Account information

When you sign up, we collect your email address and, if you choose Google OAuth, your Google profile name and avatar. We never receive or store your Google password.

Gut health test data

When you upload a test result — whether a PDF from Viome, Thryve, Biomesight, a hospital lab, or any other provider — we process the content to identify your biomarkers, bacterial diversity scores, short-chain fatty acid levels, and other markers present in the report. This is the core health data we use to generate your interpretation and meal plan.

Meal preferences and dietary restrictions

You may optionally provide dietary preferences (e.g., vegan, gluten-free, nut allergy) so we can tailor your meal plan. This information is stored alongside your account.

Payment information

We use Stripe to process all payments. We never see or store your full credit card number, CVV, or bank details. Stripe provides us with a tokenized reference, your billing email, and your subscription status. Stripe's own privacy policy governs their handling of payment data.

Usage data

We collect standard web analytics: pages visited, features used, session duration, and browser/device type. We use this to improve the product, not to profile you for advertising.

2. How We Use Your Information

  • Biomarker analysis: We parse your uploaded test data to identify which markers are outside optimal range and calculate their clinical significance relative to your full panel.
  • Meal plan generation: Your biomarker results and dietary preferences are used to generate a personalized meal plan — naming specific foods, portion guidance, and a grocery list tailored to your microbiome profile.
  • Account management: Your email address is used to send account confirmations, subscription receipts, and important service updates. We do not use it for marketing without your explicit consent.
  • Customer support: When you contact us, we use your account information and the details you provide to resolve your issue.
  • Product improvement: Aggregated, anonymized usage patterns help us improve interpretation accuracy and add new features. No individual's health data is included in these aggregates without explicit consent.

3. Data Storage and Security

Your data is stored on servers located in the United States. We use industry-standard encryption in transit (TLS 1.2+) and at rest. Access to production databases is restricted to authorized personnel only.

Uploaded test PDFs are stored in encrypted object storage and associated exclusively with your user account. No one at GutDecode reads your raw health documents except in the rare event of a verified technical support issue, and only with your permission.

If you cancel your account, your data is retained for 90 days to allow export. After that window, all uploaded test files, biomarker records, and meal plans associated with your account are permanently deleted. Email addresses stored for transactional communications are removed within 30 days of account deletion.

4. Third-Party Services

We integrate with the following third parties to operate GutDecode:

Stripe: Payment processing for Single Report purchases and Pro/Premium subscriptions. Stripe is PCI-DSS Level 1 certified. Privacy policy
Google OAuth: Optional sign-in via your Google account. We receive only your email address, name, and avatar — nothing else from your Google profile. Privacy policy
OpenAI / AI inference providers: Your biomarker data may be sent to an AI inference API to generate interpretations and meal plans. Data sent for inference is not used to train third-party models under our API agreements.
Analytics: We use privacy-respecting analytics to understand product usage. No cross-site tracking. No advertising networks.

We do not sell, rent, or trade your personal information or health data to any third party, ever.

5. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access a copy of the personal data we hold about you
  • Correct inaccurate information in your account
  • Request deletion of your account and all associated data
  • Export your uploaded test results and generated meal plans
  • Withdraw consent for non-essential data processing
  • Lodge a complaint with your local data protection authority

To exercise any of these rights, contact us at the address below. We will respond within 30 days.

6. Cookies

We use strictly necessary cookies to maintain your authenticated session and remember your preferences. We do not use advertising cookies or third-party tracking cookies. You can clear cookies at any time through your browser settings, though this will log you out.

7. Contact Us

If you have questions about this Privacy Policy, want to exercise your data rights, or need to report a concern, please reach out:

GutDecode (operated by Ashkan Hatef)

Email: support@gutdecode.ashketing.com

Website: gutdecode.ashketing.com

© 2026 GutDecode. All rights reserved.
Terms of ServiceContact