Back to home

Privacy Policy

Last updated: April 5, 2026

What we collect

When you use OutLast, we collect:

  • Account information: email address and display name when you sign up.
  • Health and wellness data: meal times, fasting windows, mood ratings, sleep logs, workout logs, cold plunge entries, supplement logs, and any notes you add.
  • Goals and protocols: any goals or protocols you configure.
  • Usage data: basic analytics such as timestamps and device type to keep the app working smoothly.

How we use it

Your data is used solely to provide and improve the OutLast service — displaying your patterns, streaks, and insights back to you, and sending transactional emails (account verification, password resets). We do not sell, rent, or share your personal information with third parties for marketing or advertising purposes. Aggregated, anonymized statistics may be used to improve the product.

Health data

OutLast collects health and wellness information that you voluntarily provide. This data is treated as sensitive information with the following protections:

  • Health data is stored with row-level security — only you can access your own data.
  • Data is encrypted in transit (TLS) and at rest.
  • We do not share health data with third parties.
  • We comply with the FTC Health Breach Notification Rule. In the unlikely event of a data breach involving your health information, we will notify affected users within 60 days.

Data storage & retention

Your data is stored securely on Supabase infrastructure with encryption at rest and in transit. We retain your data for as long as your account is active. If you delete your account, your data is permanently removed from our systems within 30 days.

Third-party services

We use the following third-party services to operate OutLast:

  • Supabase — database and authentication.
  • Vercel — hosting and deployment.
  • Google — OAuth sign-in (if you choose to sign in with Google).

These services have their own privacy policies and may process data as described in their terms.

Your rights

You have the right to:

  • Access — request a copy of your personal and health data at any time.
  • Delete — delete your account and all associated data.
  • Export — export your logs in a standard format.
  • Opt out — opt out of any non-essential data collection or communications.

To exercise any of these rights, contact us at the email below.

Cookies & analytics

OutLast uses only essential cookies required for authentication and session management. We do not use third-party advertising cookies or cross-site tracking.

Children

OutLast is not intended for use by anyone under the age of 13. We do not knowingly collect data from children under 13.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated through the app or via email. Continued use of OutLast after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this policy or your data, reach out at support@outlast.app.