PepStarLLC PepStarLLC
PepBear

Privacy Policy

Last updated: June 10, 2026 — Version 1

1. What We Collect

PepBear collects only what the app needs to work:

  • Account info — your email address and display name, used for sign-in and account management.
  • What you log — protocols, dose logs, inventory, weight and body metrics, symptoms, notes, and messages you send to the AI Assistant.
  • Health data you choose to connect — with your explicit permission, data from Apple Health (HealthKit) and from wearables you link via their official sign-in (WHOOP, Oura, Withings): sleep, heart rate variability, resting heart rate, activity, and related recovery metrics.

We collect no advertising identifiers, no location data, and we use no third-party analytics or tracking SDKs.

2. Apple Health (HealthKit)

HealthKit data is read only with your permission, used solely to show your recovery and protocol-effectiveness metrics inside the app, and stored encrypted on our servers so it can sync across your sessions. We never use HealthKit data for advertising or marketing, never share it with third parties for their own purposes, and never sell it. You can revoke access at any time in iOS Settings → Privacy → Health.

3. Wearable Connections

When you connect WHOOP, Oura, or Withings, you authorize through that provider’s own sign-in page. We store an access token and pull your recovery, sleep, and activity data on a schedule. Disconnecting in Settings stops all future syncing; deleting your account removes the stored tokens and data.

4. The AI Assistant

Messages you send to the Assistant, along with relevant context from your logged data (such as your active protocols and recent recovery metrics), are processed by large-language-model providers to generate responses. These providers process the data to serve your request; we do not permit them to train models on it. We never train AI models on your data ourselves.

5. Coach Sharing

If you join PepBear through a coach invite (or accept one later), your coach can see the data relevant to coaching you: your protocols, dose history, and recovery metrics. This sharing exists only while the coach link is active. You can ask your coach or support@pepstarllc.com to unlink at any time. Solo users share nothing with anyone.

6. Where Your Data Lives

Data is stored on Supabase infrastructure in the United States, encrypted in transit and at rest. Access is restricted by row-level security so your data is only readable by you (and your linked coach, per Section 5).

7. What We Never Do

  • We never sell your data.
  • We never show ads or share data with ad networks.
  • We never use your health data for marketing.
  • We never train AI models on your data.

8. Affiliate Links

Some product links in the app are affiliate links — if you buy through them, PepBear may earn a commission. Clicks are recorded for attribution. No health data is ever shared with vendors.

9. Data Deletion

You can permanently delete your account and all associated data directly in the app: Settings → Legal & Account → Delete Account. Deletion is immediate and irreversible. You can also email support@pepstarllc.com and we will delete all associated data within 30 days.

10. Age Requirement

PepBear is for adults. You must be 18 years of age or older to use it.

11. Changes to This Policy

We may update this policy as the app evolves. Material changes will be dated at the top of this page and surfaced in-app.

Contact

PepStar LLC
Wyoming, United States
support@pepstarllc.com