Privacy Policy
Effective Date: March 31, 2026 · Last Updated: March 31, 2026
Otto is designed with privacy as a foundational principle. We collect only what is necessary to provide the Service, we never sell your personal data, and you can delete everything at any time.
1. Who We Are
Otto ("Service") is operated by Kevin Ho ("Operator," "we," "us," "our") at ottolab.com. This Privacy Policy describes how we collect, use, store, share, and protect your personal information when you use the Otto web application, mobile application, and related services.
For privacy inquiries, contact: privacy@ottolab.com
2. Information We Collect
2.1 Information You Provide
| Data Type | Examples | Purpose |
|---|---|---|
| Account information | Email address, first name, display name | Authentication and personalization |
| Demographic data | Age, biological sex, height, weight | Required for biological age computation and metabolic scoring |
| Laboratory reports | PDF or CSV files containing blood work results | Biomarker extraction and analysis |
| Health stack | Supplements, medications, habits, devices you report taking | Stack tracking, community features, and personalized insights |
| Community content | Journey posts, captions, reactions, profile bio | Social features you opt into |
| Chat messages | Questions and conversations with the AI assistant | Providing AI-powered health insights |
2.2 Information Collected Automatically
| Data Type | Examples | Purpose |
|---|---|---|
| Device information | Device type, operating system, browser type | Service optimization and debugging |
| Usage data | Pages visited, features used, timestamps | Service improvement |
| Authentication tokens | JWT session tokens stored as httpOnly cookies | Secure session management |
2.3 Apple Health Data (Mobile App Only)
If you choose to connect Apple Health through the Otto iOS app, we collect:
- Daily step count
- Resting heart rate
- Sleep duration
- Body weight
This data is only collected with your explicit permission through the iOS HealthKit permission prompt. You can revoke this permission at any time in your iPhone Settings. We do not access any other Apple Health data categories beyond those listed above.
2.4 Information We Do NOT Collect
- We do not collect your Social Security number, insurance information, or financial data;
- We do not access your contacts, photos, location, microphone, or camera;
- We do not use tracking pixels, fingerprinting, or cross-site tracking;
- We do not purchase data about you from data brokers.
3. How We Use Your Information
We use your information solely for the following purposes:
- Providing the Service: Extracting biomarkers from your uploaded reports, computing biological age and metabolic scores, generating your personalized Biomap and dashboard;
- AI-Powered Insights: Sending your biomarker data and health context to AI model providers (Google Gemini, Anthropic Claude, OpenAI GPT) to generate personalized educational responses in the chat feature;
- Daily Digest: Generating personalized daily health insights based on your biomarker data, health stack, and wearable data;
- Community Features: Displaying information you voluntarily share (health stacks, delta cards, journey posts) to other users;
- Service Communications: Sending transactional emails (magic link sign-in, account notifications);
- Service Improvement: Analyzing aggregate, de-identified usage patterns to improve the product.
4. How We Share Your Information
4.1 Third-Party AI Model Providers
To generate AI-powered insights, we transmit portions of your health data (biomarker values, health stack, and conversation context) to:
- Google (Gemini) — Primary AI model for extraction and chat
- Anthropic (Claude) — Alternative AI model for chat
- OpenAI (GPT) — Alternative AI model for chat
These providers process your data according to their respective API data usage policies. We use their API services (not consumer products), which generally do not use your data for model training. However, we encourage you to review their policies directly.
4.2 Infrastructure Providers
| Provider | Purpose | Data Processed |
|---|---|---|
| Vercel | Web hosting | HTTP requests, static assets |
| Railway | API hosting, database, cache | All application data |
| Resend | Transactional email | Email addresses |
| Google Cloud | File storage (future) | Uploaded documents |
4.3 We Never
- Sell your personal data to third parties;
- Share your data with advertisers or data brokers;
- Use your health data for advertising targeting;
- Provide your data to insurance companies, employers, or government agencies (unless legally compelled).
4.4 Legal Requirements
We may disclose your information if required by law, subpoena, court order, or government regulation, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
5. Data Storage and Security
5.1 Where Your Data is Stored
Your data is stored on servers in the United States operated by Railway (PostgreSQL database) and Vercel (web application). Backups are encrypted at rest.
5.2 Security Measures
- All data transmitted between your browser/app and our servers is encrypted via TLS (HTTPS);
- Authentication tokens are stored as httpOnly, secure cookies (web) or in the iOS Keychain (mobile);
- Database access is restricted to authenticated API routes with row-level user scoping;
- Passwords are never stored — we use passwordless authentication (Google OAuth and magic links);
- API endpoints are rate-limited to prevent abuse.
5.3 What We Cannot Guarantee
No method of electronic storage or transmission is 100% secure. While we use commercially reasonable security measures, we cannot guarantee absolute security of your data. You use the Service at your own risk.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Until you delete your account |
| Biomarker data | Until you delete your account |
| Uploaded PDF/CSV files | Processed and discarded — raw files are not permanently stored |
| Chat conversations | Until you delete your account |
| Apple Health data | Until you delete your account or revoke access |
| Community posts | Until you delete the post or your account |
| Audit logs | 90 days, then automatically purged |
7. Your Rights
You have the following rights regarding your data:
- Access: You can view all your data through your dashboard and export it via Settings;
- Deletion: You can delete your entire account and all associated data at any time via Settings > Delete Account. This action is permanent and irreversible;
- Portability: You can export your health data in JSON format via Settings;
- Correction: You can update your profile information at any time;
- Withdrawal of Consent: You can stop using the Service and delete your account at any time. For Apple Health, you can revoke access in iPhone Settings > Privacy > Health.
California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact privacy@ottolab.com.
EU/EEA Residents (GDPR)
If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including the right to access, rectification, erasure, restriction of processing, data portability, and the right to object. Our legal basis for processing is your explicit consent (provided when you upload data) and legitimate interest (for service operation). To exercise your rights or lodge a complaint, contact privacy@ottolab.com.
8. Children's Privacy
The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will promptly delete that information.
9. Cookies
We use the following cookies:
| Cookie | Purpose | Duration |
|---|---|---|
otto_token | Authentication session (httpOnly, secure) | 24 hours |
preview_token | Beta access gate (httpOnly) | 30 days |
We do not use advertising cookies, analytics cookies, or third-party tracking cookies.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a new effective date. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.
11. Contact Us
For any privacy-related questions, concerns, or data requests:
Email: privacy@ottolab.com
Otto Lab
Operated by Kevin Ho
California, United States