Legal
Effective Date: April 2026 · ImmuneSpan Inc.
ImmuneSpan collects the minimum information necessary to provide you with a personalized wellness education experience. We collect information in three categories:
We use your information for three purposes only:
Your identified data is NEVER sold. De-identified research data is only shared with partners if you explicitly opt in to the Research Network. ImmuneSpan does not sell, license, rent, or share your personal information or identified biomarker data with any third party for any commercial purpose. The Research Network program is described in full in Section 8 below.
Your lab report file, if you upload it to use the ImmuneSpan display tool, is processed exclusively on your device and is never transmitted to ImmuneSpan servers. The PDF display feature uses client-side JavaScript only. No file upload endpoint exists on our servers. We structurally cannot receive or store your lab document.
This architectural design decision was made deliberately to eliminate the risk of ImmuneSpan being classified as an IVD accessory under FDA regulations (IS-REG-002 compliance). It also means your original lab report remains 100% private on your device.
For the assessment form itself, you manually type selected values into our web form. You choose which values to enter. You are not required to enter any value, and partial panels are fully supported.
Your data is stored in Supabase PostgreSQL, a SOC 2 Type II compliant database platform. We have implemented the following security measures:
ImmuneSpan uses a small number of trusted third-party services to operate the platform. Each service is governed by a data processing agreement and handles data only as necessary to fulfill its specific function:
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Stripe | Payment processing | Email, payment card data (Stripe only — never reaches ImmuneSpan servers) | stripe.com/privacy |
| Klaviyo | Email communications | Email address, first name, tier, report delivery | klaviyo.com/legal/privacy-notice |
| PostHog | Product analytics | Anonymized usage events (UUID only — no name, email, or biomarker values) | posthog.com/privacy |
| Supabase | Database and authentication | All account and assessment data (encrypted, RLS protected) | supabase.com/privacy |
| AWS S3 | Compute, static file hosting, and encrypted Research Network data store | Report HTML files (by UUID); de-identified Research Network records (opt-in only, encrypted) | aws.amazon.com/privacy |
You have the following rights with respect to your personal information. To exercise any of these rights, contact us at privacy@immunespan.com.
Request a complete export of all personal information and biomarker data we hold associated with your account.
Request correction of inaccurate personal information. You can update most account information directly in your account settings.
Request complete deletion of your account and all associated data. Deletion is permanent and irreversible. We will confirm within 30 days.
We will respond to all privacy rights requests within 30 days. We do not charge a fee to exercise your rights.
ImmuneSpan operates a two-tier data handling system. The tier that applies to you depends on what you choose at the time your report is delivered.
| Tier | What Happens to Your Data | Default? |
|---|---|---|
| Standard | Your biomarker values and report are used solely to generate and deliver your report. All identified session data is destroyed immediately after delivery. Nothing is retained on ImmuneSpan servers beyond what is necessary to serve your report to you. | Yes — default for all users |
| Research Network | You explicitly opt in at report delivery. Your data is immediately de-identified (one-way hash, PII stripped) and the de-identified record is stored encrypted on AWS S3. Details in Section 8. | Opt-in only |
Account information (email, subscription tier, payment confirmation) is retained for as long as your account is active and for 7 years afterward as required for tax compliance. If you request account deletion, we will delete all personal information and biomarker data within 30 days. Anonymized, aggregated analytics data (with no personal identifiers) may be retained indefinitely for product improvement purposes.
Participation in the Research Network is entirely voluntary. You will receive your full wellness report regardless of whether you choose to participate. You will never be asked to contribute data as a condition of using any tier of the service.
The Research Network is an opt-in program that allows ImmuneSpan users to contribute de-identified wellness data to a curated research dataset. This dataset may be used for internal research, licensed to pharmaceutical companies, or shared with academic institutions under IRB-approved research protocols.
If you opt in, your data contributes to population-level scientific understanding of immune aging, inflammaging, and biomarker patterns — while your identity remains permanently and irreversibly disconnected from that contribution.
At the time your report is delivered, you will be presented with a clear, plain-language opt-in screen. The opt-in requires an affirmative action (checking a box or clicking a confirmation button). There is no pre-checked default. If you take no action, you are in the Standard tier and no data is retained.
You may also opt out of a previous opt-in at any time by contacting privacy@immunespan.com. See Section 8.6 for the limits of what opting out can accomplish.
If you opt in, the following de-identified data elements are retained and stored in the Research Network dataset:
Before the de-identified record is written to the Research Network dataset, the following fields are permanently and irreversibly deleted:
De-identification is performed using the HIPAA Safe Harbor method (45 CFR §164.514(b)). The user_id hash uses a one-way cryptographic function (SHA-256 with a secure salt). This means ImmuneSpan cannot reverse the hash to recover your identity. No lookup table or reverse mapping is maintained. Once de-identified, the record is mathematically disconnected from you permanently.
De-identified Research Network data may be used for the following purposes only:
De-identified Research Network data will never be sold to data brokers, used for advertising targeting, shared with insurance companies, or used for any purpose that could result in a determination about a specific individual's insurability, employment, or creditworthiness.
If you opt into the Research Network and later wish to withdraw, you may contact us at privacy@immunespan.com at any time. Withdrawal will immediately stop any future use of your record for new research activities or new licensing arrangements.
However, please understand an important technical limitation: because de-identification is one-way and irreversible, and because no link between your identity and your de-identified record is maintained, ImmuneSpan cannot retrieve, locate, or delete a specific de-identified record on your behalf after it has been written to the Research Network dataset. The de-identified record is not linked to you — which is precisely what makes the program privacy-protective.
If your de-identified record has already been included in a research publication or licensed dataset, withdrawal cannot remove it from those uses. Withdrawal prevents all future uses from the point of your withdrawal request.
ImmuneSpan commits that no de-identified Research Network data will be shared with any external partner — pharmaceutical, academic, or otherwise — without a documented IRB (Institutional Review Board) approval covering the specific research protocol under which the data will be used. ImmuneSpan will maintain records of all IRB approvals and external data sharing agreements and will make summary information about active research uses of the dataset available upon written request to privacy@immunespan.com.
ImmuneSpan is intended for adults 18 years of age and older. We do not knowingly collect personal information from individuals under the age of 18. If we learn that we have collected personal information from a minor, we will delete it promptly. If you believe a minor has provided us with personal information, please contact us at privacy@immunespan.com.
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email and update the effective date at the top of this page. Your continued use of ImmuneSpan after a material change constitutes acceptance of the updated policy.
Privacy inquiries: privacy@immunespan.com
Research Network questions: research@immunespan.com
General support: support@immunespan.com
Mailing address: ImmuneSpan Inc., Florida, United States
We respond to all privacy inquiries within 5 business days.