Last updated · 2026-05-12

Privacy Policy

We built Agonist because we track our own protocols. The data you put into it is the most personal kind of data there is — what you inject, when, and how your body responds. This page lays out, in plain language, what we collect, why we collect it, and what we will never do with it.

Introduction

Agonist is a personal tracking and research tool. It is not a medical device. It does not provide medical advice. This Privacy Policy describes how Agonist (“we,” “us”) handles information when you use our iOS app or website at agonist.app.

By using Agonist you agree to the practices described here. If you do not agree with any part of this policy, do not use the app.

Information we collect

We collect only what we need to make the app work for you.

  • Account data. Email address, password hash, and authentication tokens from Apple Sign-In or Google Sign-In if you choose those methods. We never see your Apple or Google password.
  • Protocol data. Peptides you track, doses you log, vials you reconstitute, injection sites you record, symptoms and biomarkers you journal. Vial label photos if you choose to attach them.
  • Health metrics. Optional biomarkers you import — HRV, sleep, weight, lab results. Apple Health data only with your explicit permission.
  • Subscription data. Your plan, renewal date, and payment status. Payment card numbers are processed and stored by Stripe (web) or Apple (iOS via RevenueCat) — we never receive or store them.
  • Usage telemetry. Anonymous event data about which features you use, captured through PostHog. Used to fix bugs and decide what to build next. Does not include the contents of your protocols.
  • Device data. Operating system, app version, device model, and crash diagnostics. No advertising IDs.

How we use it

We use your information to:

  • Run the calculator, library, and dose dashboard.
  • Sync your data between your devices.
  • Send transactional emails — account confirmations, billing receipts, security alerts. No marketing unless you opt in.
  • Debug crashes and decide what to build next from aggregate usage patterns.
  • Comply with legal obligations and respond to valid legal process.

We do not sell your data. Ever. We do not share your protocol contents with advertisers, data brokers, insurers, or any third party for marketing purposes. Your dose logs and journal entries are yours.

Storage & encryption

Your data is encrypted at rest in our Supabase Postgres database and encrypted in transit over TLS 1.3. Row-level security policies enforce that only you can read your records.

On iOS, you can enable an optional biometric lock — Face ID or Touch ID — that gates app access locally. The lock is enforced on-device before any data leaves your phone.

Vial label photos and lab uploads are stored in Supabase Storage with the same row-level security model. They are not publicly addressable.

Apple Health integration

Apple Health integration is opt-in. When you grant permission, Agonist reads only the specific HealthKit types you authorize — heart rate variability, sleep, body weight, and any lab values you have manually entered into Health.

By default, Apple Health data stays on your device. If you turn on cloud sync, the values are uploaded to your Agonist account encrypted in transit and at rest. You can revoke HealthKit permission at any time from iOS Settings, and you can disable cloud sync from inside the app.

We never write to HealthKit. We only read what you grant us.

Third-party services

We use a small set of vendors to run the product. Each one handles a specific job and is bound by its own privacy terms.

  • Supabase. Hosts the database, authentication, and file storage. Data lives in US-East. Encrypted at rest, TLS in transit.
  • Stripe. Processes web subscription payments. PCI-DSS Level 1. We never receive your card number.
  • RevenueCat. Manages iOS subscriptions through Apple’s In-App Purchase system. Apple, not RevenueCat, holds your payment method.
  • PostHog. Self-hosted product analytics. We collect anonymous event names — never the contents of your protocols, doses, or journals.
  • Resend. Sends transactional emails — receipts, password resets, security alerts. Resend processes only your email address and the message body we generate.

A full list of subprocessors with their privacy policies is available on request.

Your rights

You own your data. Under GDPR (if you are in the EU/UK), CCPA (if you are a California resident), and as a matter of our own policy for everyone else, you have the right to:

  • Access. See every piece of data we hold about you.
  • Export. Download your full protocol history, dose log, and journal as a PDF or JSON file. Anytime, from inside the app.
  • Correct. Edit anything inaccurate.
  • Delete. Permanently delete your account and all associated records. Deletion is irreversible and completes within thirty days.
  • Object. Tell us to stop processing your data for a specific purpose, where the law gives you that right.
  • Withdraw consent. Where we rely on your consent (Apple Health, marketing emails), you can revoke it at any time.

To exercise any of these rights, email privacy@agonist.app. We respond within thirty days.

Children

Agonist is for adults only. You must be at least eighteen years old to create an account. We enforce an age gate at signup and do not knowingly collect data from anyone under eighteen. If we learn that we have, we will delete it.

Changes to this policy

We will update this policy from time to time. When we make a material change, we will notify you by email and through the app at least thirty days before it takes effect. The “Last updated” date at the top of this page always reflects the current version.

Contact

Privacy questions, data requests, or anything else related to this policy — write to us at privacy@agonist.app. We read every message.

← Back to Agonist