Privacy Policy
Last updated: 25 March 2026
Document version: 2026.03.26.1
TriageMethod Ltd, trading as TriageHealth, (“we”, “us”, “our”) is committed to protecting your privacy, especially given the sensitive nature of health data. This policy explains what data we collect, how we use it, and your rights under the EU General Data Protection Regulation (GDPR).
1. Data Controller
TriageMethod Ltd (trading as TriageHealth) is the data controller for the personal data processed through this platform. For data protection enquiries, contact our Data Protection Officer at info@triagemethod.com.
2. Data We Collect
2.1 Account Data
| Data | Purpose | Legal Basis |
|---|---|---|
| Email address | Account authentication, transactional emails | Contract performance |
| Name (optional) | Personalisation | Legitimate interest |
| OAuth provider data | Social login authentication | Contract performance |
2.2 Health Data (Special Category — Article 9)
| Data Category | Examples | Legal Basis |
|---|---|---|
| Blood work results | Cholesterol, glucose, vitamin D, ferritin, etc. | Explicit consent |
| Dietary data | Food frequency responses, food diary entries, nutrient intake | Explicit consent |
| Body measurements | Height, weight, waist circumference, body fat % | Explicit consent |
| Exercise data | Type, frequency, duration, intensity | Explicit consent |
| Sleep data | Hours, quality, consistency, disorders | Explicit consent |
| Stress data | PSS-10 scores, PHQ-2 scores, perceived stress levels | Explicit consent |
| Medical history | Conditions, family history, allergies | Explicit consent |
| Medications | Names, doses, frequencies | Explicit consent |
| Supplements | Names, doses, frequencies | Explicit consent |
All health data processing is based on your explicit consent (GDPR Article 9(2)(a)). You may withdraw consent at any time by deleting your data via Settings or contacting us.
2.3 Payment Data
Payment processing is handled entirely by Stripe. We do not store your credit card number. We receive: last 4 digits (for display), card brand, billing country, and transaction records.
2.4 Technical Data
IP address, browser type, device type, and page views — collected for security (rate limiting, abuse prevention) and service improvement. Legal basis: legitimate interest.
3. How We Use Your Data
- Assessment generation: Your health data is processed locally on our servers to generate personalised health reports.
- AI features: If you use AI chat features, relevant health context may be sent to Anthropic (Claude API) for response generation. See “AI Data Processing” below for full details.
- Cross-referencing: Your data across health domains (blood work, diet, exercise, etc.) is cross-referenced to identify connected patterns. This processing occurs entirely on our servers.
- Communication: We send transactional emails (password reset, assessment ready) to your registered email address.
4. Data Sharing
We do not sell your data. We share data only with:
| Sub-Processor | Purpose | Data Shared | Location |
|---|---|---|---|
| Database provider | Data storage | All user data (encrypted at rest) | EU/UK |
| Stripe | Payment processing | Payment details, email | US (SCCs in place) |
| Anthropic PBC (Claude API) | AI-powered health chat and lab report OCR | Health data sent as context for personalised responses. Anthropic’s commercial API terms state that data submitted via the paid API is not used to train Anthropic’s models. | US (SCCs in place) |
| Resend | Transactional email delivery | Email address, email content | US (SCCs in place) |
| Vercel | Application hosting | All requests pass through | US/EU (SCCs in place) |
| Google LLC (Google Analytics 4) | Website usage analytics (opt-in only) | Page views, session duration, device type, approximate location. No health data, blood work results, assessment findings, or personal health information is sent to Google Analytics. | US (SCCs in place) |
5. AI Data Processing
When you use AI chat features, summaries of your health assessment data are sent to Anthropic’s Claude API to generate personalised responses. This includes blood work interpretations, nutrient analysis, exercise and sleep summaries, and other assessment findings relevant to your query.
- This processing is covered by the AI_RECOMMENDATIONS consent purpose. You must grant this consent before using AI chat features, and you may withdraw it at any time via Settings.
- If you withdraw AI_RECOMMENDATIONS consent, AI chat will be disabled until you re-enable it.
- Anthropic’s commercial API terms state that data submitted via the paid API is not used to train Anthropic’s models. See Anthropic’s Commercial Terms of Service for details.
- No raw personal identifiers (name, email, date of birth) are included in the data sent to the API — only health metric summaries and assessment findings.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Active account data | Retained indefinitely while account is active |
| Deleted account data | All personal data hard-deleted within 24 hours of deletion request |
| AI chat conversations | Retained for 12 months, then auto-deleted |
| Email logs | Retained for 6 months |
| Payment records | 7 years (UK tax requirements) |
| Audit logs | Retained for 2 years (GDPR accountability) |
| Unverified accounts | Purged after 7 days |
7. Your Rights (UK/EU GDPR)
You have the right to:
- Access your personal data (Article 15) — available via Settings > Export Data.
- Rectification (Article 16) — edit any data via the dashboard forms.
- Erasure (Article 17) — delete all data via Settings > Delete Account.
- Data portability (Article 20) — export in JSON format via Settings.
- Withdraw consent (Article 7(3)) — at any time, without affecting prior processing.
- Lodge a complaint with the ICO (UK) at ico.org.uk or your local supervisory authority.
- Object to processing (Article 21) — for processing based on legitimate interest.
- Restrict processing (Article 18) — while accuracy is verified or objections are considered.
8. International Transfers
Some of our sub-processors are located in the United States. For these transfers, we rely on Standard Contractual Clauses (SCCs) as approved by the European Commission, supplemented by additional technical measures (encryption in transit and at rest, access controls, pseudonymisation where possible).
9. Security
We implement the following security measures:
- Encryption in transit (TLS 1.2+) and at rest (AES-256).
- Strict access controls — health data is only accessible by the data subject and, where applicable, their designated healthcare professional.
- Audit logging of all health data access.
- Rate limiting and brute-force protection on authentication endpoints.
- Security headers (CSP, HSTS, X-Frame-Options).
- Regular security assessments.
10. Cookies & Analytics
We use essential cookies for authentication and session management. With your explicit consent, we also use Google Analytics 4 to understand how people use our service. No health data is ever shared with Google Analytics. You can opt out at any time via the cookie preferences banner or by visiting our Cookie Policy for details.
11. Children
TriageHealth is not intended for use by anyone under 18 years of age. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact us immediately.
12. Changes to This Policy
We will notify registered users of material changes via email at least 30 days before they take effect. Minor clarifications may be made without notice.
13. Contact
Data Protection Officer: info@triagemethod.com
General enquiries: info@triagemethod.com