Privacy Policy

1. Introduction

SomaFleur ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, services, and purchase our products.

2. Information We Collect

Personal Information

We collect information that you provide directly to us, including:

• Name, email address, phone number, and shipping address
• Payment information (processed securely through Stripe)
• Account credentials and profile information
• Communication preferences

Health Information

When you use our testing services, we collect:

• Biomarker test results (hormone levels, microbiome analysis)
• Health history and symptoms information
• Medical questionnaire responses
• Laboratory test data from GI-MAP and DUTCH tests

Note: Your health information is protected under HIPAA regulations and maintained with the highest level of security and confidentiality.

Usage Information

We automatically collect certain information about your device and how you interact with our services:

• Device information (browser type, operating system)
• IP address and location data
• Pages visited and features used
• Cookies and similar tracking technologies

3. How We Use Your Information

We use your information to:

• Process and fulfill your orders and testing services
• Provide personalized wellness recommendations based on your biomarker results
• Communicate with you about your account, orders, and test results
• Send you educational content and marketing communications (with your consent)
• Improve our services, website functionality, and customer experience
• Comply with legal obligations and protect our rights
• Conduct research and development (using de-identified data)

4. Information Sharing and Disclosure

We may share your information with:

Service Providers

• Laboratory Partners: Diagnostic Solutions Laboratory (GI-MAP) and Precision Analytical Inc. (DUTCH) for test processing
• Payment Processors: Stripe for secure payment processing
• Shipping Providers: For order fulfillment and delivery
• Email Services: Resend for transactional and marketing emails
• Cloud Hosting: Supabase and Vercel for secure data storage

Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal processes or government requests
• Protect the rights, property, or safety of SomaFleur, our users, or others
• Enforce our Terms of Service

We never sell your personal or health information to third parties.

5. Data Security

We implement industry-standard security measures to protect your information, including:

• SSL/TLS encryption for data transmission
• Secure database storage with encryption at rest
• Regular security audits and vulnerability assessments
• Access controls and authentication protocols
• HIPAA-compliant handling of health information

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Your Rights and Choices

You have the right to:

• Access: Request a copy of your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Opt-Out: Unsubscribe from marketing communications
• Data Portability: Request your data in a portable format
• Restriction: Request limits on how we process your information

To exercise these rights, contact us at privacy@somafleur.com

7. Cookies and Tracking

We use cookies and similar technologies to:

• Remember your preferences and settings
• Analyze site traffic and usage patterns
• Personalize your experience
• Measure marketing campaign effectiveness

You can control cookies through your browser settings, though some features may not function properly if cookies are disabled.

8. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Users

If you are accessing our services from outside the United States, please note that your information will be transferred to and processed in the United States, where our servers are located.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

For questions about this Privacy Policy or our data practices, contact us at: