Talk to Lea free — no sign-up needed. GLP-1 coaching & menopause wellness.Start chatting
lea
Talk to Lea
Legal

Privacy Policy

Last updated: May 1, 2026

Your data is yours.

Lea Health, Inc. ("Lea") respects your privacy. This policy describes — in plain language — what we collect, how we use it, and the choices you have.

1. Information We Collect

Information you provide directly:

  • Account information: Email, display name, and authentication credentials.
  • Health and wellness data: Information you share during conversations — symptoms, medications, weight, nutrition, mood, energy, sleep, side effects.
  • Chat messages: The content of your conversations with Lea.
  • Check-in data: Daily tracking shared through the conversational check-in flow.
  • Food photos: Meal images for nutritional analysis (processed in real-time, not permanently stored as images).
  • Form data: Information entered into tools like the pre-authorization letter generator.

Information collected automatically:

  • Usage data: Pages visited, features used, conversation frequency, session duration.
  • Device information: Browser type, operating system, screen size.
  • Approximate location: IP-based city/state level only — for the pharmacy and provider finder. We do not track precise GPS.

Guest mode:

If you use Lea without an account, your conversation lives only in your browser memory. We don't retain guest conversation data on our servers unless you create an account and explicitly carry it over.

2. How We Use Your Information

  • Provide the Service: Power AI coaching responses personalised to your health profile.
  • Track your progress: Display dashboards, streaks, weight trends, nutrition summaries, and other metrics you've reported.
  • Improve the Service: Analyse aggregate, de-identified usage patterns to improve coaching quality.
  • Communicate with you: Send account-related emails (confirmation, password reset) and optional coaching reminders.
  • Product recommendations: Suggest relevant products or providers based on your reported symptoms and goals (some include affiliate links — see our Terms of Service).

3. How We Store and Protect Your Data

Your data is stored using Supabase, a hosted PostgreSQL platform with enterprise-grade security:

  • Encryption in transit (TLS/SSL) and at rest (AES-256).
  • Row-level security policies ensuring users can only access their own data.
  • Regular security audits and infrastructure monitoring.

While we implement industry-standard security measures, no system is 100% secure. We cannot guarantee absolute security of your data.

4. Third-Party Services

  • Anthropic (Claude API): Powers Lea's AI responses. Your messages go to Anthropic for processing. We don't send your name or email — only the conversation content needed to generate a response.
  • Supabase: Database hosting, user authentication, and serverless functions.
  • Stripe: Payment processing for subscriptions. We don't store your card details — Stripe handles all payment data directly. See Stripe's Privacy Policy.
  • Affiliate partners: When you click product recommendation links, you may be redirected to third-party sites with their own privacy policies. We may share a referral identifier (not your personal information) to track affiliate conversions.

5. What We Do NOT Do

  • We do not sell your personal information or health data to third parties.
  • We do not use your health data for advertising targeting.
  • We do not share your individual health data with employers, insurers, or data brokers.
  • We do not use your conversation data to train AI models.

6. HIPAA Notice

Lea is a wellness coaching platform, not a covered entity under HIPAA. While we take the security and privacy of your health information seriously and implement strong safeguards, the Service is not HIPAA-compliant and does not create a doctor-patient relationship.

7. Cookies and Local Storage

  • Authentication tokens: Stored securely to keep you logged in.
  • Local preferences: Quiz answers and guest conversation data stored temporarily in your browser to enable conversation carry-over during registration.
  • Essential cookies: Required for the Service to function. We don't use advertising or third-party tracking cookies.

8. Your Rights and Choices

You have the right to:

  • Access your data: View your chat history, check-ins, and health profile inside the Service.
  • Delete your data: Email support@meetlea.ai. We process deletion requests within 30 days.
  • Export your data: Request a copy in a machine-readable format.
  • Opt out of emails: Unsubscribe from non-essential communications anytime.
  • Withdraw consent: Stop using the Service anytime. Cancelling a subscription doesn't auto-delete data — request deletion separately if desired.

9. Data Retention

  • Personal data is deleted within 30 days of an account deletion request.
  • Aggregated, de-identified data (which can't be linked to you) may be retained for analytics.
  • Data required for legal compliance (e.g., billing records) may be retained for up to 7 years.

10. Children's Privacy

The Service is not intended for individuals under 18. We do not knowingly collect data from children. If we learn we have, we delete it promptly.

11. California Privacy Rights

If you are a California resident, you may have additional rights under the CCPA — including the right to know what we collect, delete your data, and opt out of data sales. We don't sell personal information. To exercise rights, contact support@meetlea.ai.

12. International Users

The Service is operated from the United States. By using it from outside the US, you consent to your information being transferred to, stored, and processed in the United States.

13. Changes to This Policy

Material changes are communicated via email or in-app notice at least 30 days before they take effect.

14. Contact

For privacy questions, data requests, or concerns:
Lea Health, Inc.
Email: privacy@meetlea.ai

See also our Terms of Service and Medical Disclaimer.