Last Updated:

Privacy Notice

We believe in transparency. Here's exactly how we operate and protect your data.

One Body Project Privacy Policy & Data Protection Framework

1. Preamble and Commitment to Privacy

The One Body Project (hereinafter referred to as “the Company,” “we,” “us,” or “our”) recognizes that in the modern digital ecosystem, the privacy and integrity of personal data are of paramount importance. We are fundamentally committed to the principle of “Privacy by Design,” ensuring that our educational platform, longevity tools, and associated services are architected to minimize data collection and maximize user anonymity.

Unlike conventional digital health platforms that monetize user behavior through aggressive surveillance capitalism, the One Body Project operates under a strict ethical framework. We serve as a neutral, educational sanctuary for longevity research. Consequently, our operational protocols are designed to preclude the unauthorized harvesting, brokering, or commercialization of your biological or behavioral data. This Privacy Policy serves as a comprehensive disclosure of our data processing practices, pursuant to applicable international data protection standards.

2. The Principle of Data Minimization

The Company strictly adheres to the principle of Data Minimization. We have systematically engineered our digital infrastructure to collect only the absolute minimum amount of information strictly necessary to facilitate the functionality of our website. We do not engage in the indiscriminate collection of data (“data hoarding”) for speculative future purposes.

2.1. Unregistered Visitors For users who access our platform without voluntarily establishing a registered account (“Visitors”), our data collection is virtually nonexistent.

  • Zero-Knowledge Interactions: Interactions with our public-facing tools, including but not limited to the TDEE Calculator, BMI Calculator, and Ingredient Decoder, are processed locally within your browser session or via ephemeral server-side requests that are not logged against a persistent user profile.
  • No Persistent Identifiers: We do not utilize “fingerprinting” technologies or persistent tracking cookies to monitor Visitors across third-party websites.

2.2. Voluntary Account Registration Should you affirmatively choose to establish a user account (“Registered Member”) for the express purpose of utilizing our advanced personalization features, we collect only the following information:

  • Authentication Credentials: A valid email address and password hash, utilized solely for the purpose of verifying your identity and securing your account access.
  • User-Generated Preferences: Data points you voluntarily input, such as ingredient exclusions, saved research queries, or calculated biomarkers, are stored within our secure, encrypted database. This data is retained exclusively to provide you with a continuous and personalized experience across multiple sessions.

3. Comprehensive Data Usage Protocols

Our utilization of any data you provide is strictly limited to the operational delivery of our services. We unequivocally disclaim any right to sell, rent, lease, or otherwise commercialize your personal information.

  • Service Optimization: We may analyze aggregated, non-personally identifiable datasets to identify trends in user engagement (e.g., “Most Searched Ingredients”) to refine our content strategy.
  • Transactional Communication: For Registered Members, we utilize contact information solely for essential service notifications, such as security alerts, changes to this Policy, or requested account recovery procedures. Marketing communications are sent only upon your explicit, opt-in consent.
  • Legal Compliance: We reserve the right to disclose information if strictly required by a valid court order, subpoena, or other legal process, provided that we will make every reasonable effort to notify you of such a request prior to disclosure, unless prohibited by law.

4. Technical Security Measures

We employ industry-leading technical and organizational measures to protect the confidentiality, integrity, and availability of your data.

  • End-to-End Encryption: All data transmitted between your device and our servers is encrypted using Transport Layer Security (TLS) 1.3 protocols. Data at rest within our databases is encrypted using advanced encryption standards (AES-256).
  • Access Controls: Internal access to user data is strictly compartmented on a “need-to-know” basis. Only authorized engineering personnel with specific security clearances are permitted access to backend systems for maintenance purposes.
  • Vulnerability Assessments: We conduct regular security audits and vulnerability assessments to identify and remediate potential threats to our infrastructure.

5. Third-Party Data Processors

The Company does not share your data with third-party advertisers or data brokers. However, to maintain the functionality of our platform, we may utilize trusted service providers for specific infrastructure needs (e.g., cloud hosting, email delivery).

  • Strict Utilization Clauses: All third-party vendors are bound by rigorous Data Processing Agreements (DPAs) that strictly prohibit them from utilizing your data for any independent purpose other than the specific service they are contracted to provide.
  • No Cross-Context Behavioral Advertising: We do not participate in advertising networks that track your browsing history across the web to serve targeted advertisements.

6. User Rights and Sovereignty

You retain full sovereignty over your digital footprint. Irrespective of your geographical jurisdiction, we extend the following rights to all users:

  • Right to Access: You may request a comprehensive export of all personal data held associated with your account.
  • Right to Rectification: You have the ability to modify or correct any inaccurate personal data directly through your Account Settings.
  • Right to Erasure (“Right to be Forgotten”): You may unilaterally terminate your account and request the permanent deletion of all associated data. Upon such a request, our systems will systematically purge your information from our active databases and backup archives within a commercially reasonable timeframe.

7. International Data Transfers

Our servers and infrastructure are located in secure data centers. By accessing our services, you acknowledge that your data may be transferred to and processed in jurisdictions that may have different data protection laws than your country of residence. However, we ensure that all such transfers are protected by appropriate safeguards, including Standard Contractual Clauses (SCCs) where applicable.

8. Policy Modifications

The Company reserves the right to amend this Privacy Policy at its sole discretion to reflect changes in our practices, technology, or legal obligations. Significant modifications will be communicated through a prominent notice on our platform or via direct email notification to Registered Members. Your continued use of the Service following such changes constitutes your acceptance of the revised Policy.

9. Contact Information

For any inquiries regarding this Privacy Policy, or to exercise your data protection rights, please contact our Data Protection Officer via our dedicated support channel.

One Body Project Compliance Team Contact Specialist Support

This document constitutes the entire agreement between you and the One Body Project regarding the processing of your personal data.