Data Protection

Privacy
Policy

At NovaGLP1, your trust is our most valuable asset. We are committed to transparency in how we handle your data.

Last updated

June 5, 2026

Information We Collect

We collect information you provide directly to us, including your name, email address, date of birth, and health information when you create an account, complete a health questionnaire, or communicate with our care team. We also collect certain information automatically, such as your IP address, browser type, and usage data.

Apple HealthKit Integration

NovaGLP1 uses Apple HealthKit only with your permission. The iOS app can read body weight data from Apple Health to update your progress chart. NovaGLP1 does not use Apple Health data for advertising or tracking, and you can control this access at any time in the Health app settings.

How We Use Your Information

We use the information we collect to provide, maintain, and improve our services; process transactions; connect you with licensed healthcare providers; send you technical notices and support messages; and comply with legal obligations. We do not sell your personal information to third parties.

HIPAA Compliance

NovaGLP1 takes your health information seriously. We comply with the Health Insurance Portability and Accountability Act (HIPAA) and maintain administrative, physical, and technical safeguards to protect your Protected Health Information (PHI). Your health data is encrypted in transit and at rest.

Information Sharing & Medical Review

When you complete a health assessment, the information you provide is securely transmitted to our independent, licensed medical services partner for clinical review by a US-licensed physician. This transfer is necessary to provide you with telehealth services. We may also share information with third-party vendors who assist in our operations (under strict confidentiality agreements), and as required by law or to protect the rights and safety of our users. We do not sell your personal information.

Data Storage

Your information, including health questionnaire responses, is stored on secure, encrypted cloud infrastructure (Supabase) located in the United States. Data is encrypted in transit (TLS) and at rest (AES-256). Access is restricted to authorized personnel and our medical services partner on a need-to-know basis.

Data Security

We implement industry-standard security measures including SSL/TLS encryption, encrypted databases, regular security audits, and strict access controls. While we strive to protect your information, no method of transmission over the Internet is 100% secure.

Your Rights

You have the right to access, update, or delete your personal information at any time through your account settings. You may also request a copy of your data or opt out of certain communications by contacting us at privacy@novaglp1.org.

Cookies

We use cookies and similar technologies to keep you signed in, remember preferences, protect the service, and understand product performance. We do not sell personal information or use health information to track you across apps or websites for advertising. You can control cookie preferences through your browser settings. Disabling cookies may affect some features of our service.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on our website. Your continued use of our services after such changes constitutes your acceptance of the updated policy.

Contact Privacy Team

If you have questions about this Privacy Policy or our privacy practices, please reach out to our dedicated team.

Email privacy@novaglp1.org

Medical Disclaimer: NovaGLP1 connects patients with independent licensed physicians. Content is educational and does not constitute medical advice. In case of emergency, call 911 or go to your nearest emergency room.