Back

Privacy

Privacy Policy

Last updated: April 2026

Who we are

unfucg (the “Service”) is operated by VerbiteAI. Contact: hi@unfucg.com. Data controller for EU users under Art. 4(7) GDPR.

What we collect

  • Account data: email, password (hashed by Supabase Auth), display name.
  • Health data (you enter or upload): blood work, body metrics (weight, body fat %), training logs, sleep/HRV from connected wearables (Oura, WHOOP).
  • Usage data: pages visited, features used, timestamps — aggregated, no third-party ad pixels.
  • Cookies: an auth session cookie (required) and a locale preference cookie. No tracking/advertising cookies.

Why we process it

  • To provide the Service (Art. 6(1)(b) GDPR — contract performance).
  • To improve the Service (Art. 6(1)(f) — legitimate interest; aggregated analytics only).
  • Health data processing is based on your explicit consent (Art. 9(2)(a) GDPR), which you can withdraw at any time.

Who we share it with

We use Supabase (PostgreSQL hosting & auth, EU region), Resend (transactional email), Hetzner (app hosting, EU), and OpenRouter / Anthropic (AI reasoning for the chat feature — message text only, no identifying metadata, not used to train models).

When you connect Oura or WHOOP, we fetch your wearable data on your behalf using OAuth; their privacy policies also apply.

We never sell personal data. We never share with advertisers.

How long we keep it

For the life of your account. When you delete your account via Settings → Delete account, all personal data is erased within 30 days. Exception: anonymized aggregate metrics may persist in backups for up to 90 days before being overwritten.

Your rights (EU/UK)

  • Access: download all your data from Settings → Export my data.
  • Erasure: delete your account from Settings.
  • Rectification, portability, restriction, objection: email hi@unfucg.com.
  • Complaint: lodge with your local data protection authority. In Poland: UODO.

Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Passwords are salted and hashed. Row-level security (RLS) enforces that you can only read your own data. We do not have access to your password.

Not medical advice

unfucg is a software tool. It is not a medical device and does not provide medical advice, diagnosis, or treatment. Always consult a qualified healthcare professional before acting on information from the Service.

Changes

Material changes to this policy are announced in-app and by email at least 14 days before taking effect. Continued use constitutes acceptance.