← Back to GutGuard

Privacy Policy

Effective May 24, 2026. This policy describes how IG International / GutGuard (“GutGuard,” “we,” “us,” “our”) collects, uses, shares, and protects information when you use the GutGuard Patient Portal, our website, and related services (the “Service”).

1. Who we are

GutGuard is a Philippine wellness-monitoring service operated by IG International. Our medical director is Dr. Shane Animas, MD (PRC Lic. 0098732, Internal Medicine, General Santos City). We are committed to handling personal and sensitive personal information in accordance with the Philippine Data Privacy Act of 2012 (RA 10173), its implementing rules and regulations, and the issuances of the National Privacy Commission.

2. Information we collect

We collect the following categories of information:

  • Account information. Email address, password (stored as a salted hash by Supabase, never in plaintext), full name, mobile number, age, and sex when you create an account.
  • Social login information. If you sign in with Google, Facebook, GitHub, or TikTok, we receive your provider user ID, display name, avatar URL, and (where the provider supports it) email address. For TikTok we request only the user.info.basic scope and never post on your behalf.
  • Health information. Blood-panel files (PDFs or photos) you upload, extracted laboratory values (e.g., hs-CRP, NLR, ferritin, glucose, HDL, ALT, uric acid, lymphocyte %), and the GLIS wellness score we calculate from them.
  • Order and protocol information. Delivery address, payment method selected, protocol tier, confirmation codes, and physician review notes.
  • Technical information. Device type, browser, IP address, session cookies, and basic page-view analytics.

3. How we use your information

  • To authenticate you and maintain your signed-in session.
  • To deliver the BioScan service: extract markers from your uploaded labs, calculate your GLIS score, route your case to a licensed physician for review, and assign a matched supplement protocol.
  • To process orders and arrange physical delivery of supplements.
  • To communicate with you about your account, scan results, protocol status, and important service updates.
  • To improve the Service, debug technical issues, and prevent fraud or abuse.
  • To comply with legal obligations under Philippine law, including FDA-PH, BIR, and applicable health regulations.

4. Who we share information with

We share information only with the following categories of recipients:

  • Supabase, Inc.— our database and authentication provider. Your account data, lab data, and order data are stored on Supabase infrastructure. Supabase processes data on our instructions under its data processing agreement.
  • Identity providers (Google, Facebook, GitHub, TikTok). When you choose to sign in via a social provider, that provider receives standard OAuth metadata (the fact that you are signing in to GutGuard). We receive your profile information from the provider, as described above.
  • Enrolled GutGuard Protocol Center physicians. Your BioScan markers and GLIS score are reviewed by a licensed Philippine physician who has signed a confidentiality agreement with GutGuard.
  • Logistics and payment partners. When you place an order, your delivery address and contact details are shared with the courier we use to ship your protocol. Payments are processed by third-party payment processors that meet PCI-DSS requirements.
  • Government and regulatory bodies when required by Philippine law (e.g., NPC, FDA-PH, BIR).

We do not sell your personal information, and we do not share your health data with advertisers.

5. Cookies and similar technologies

We use strictly-necessary cookies to keep you signed in (Supabase session cookies, marked HttpOnly and Secure in production). We may use anonymous analytics cookies to understand aggregate usage. We do not currently run advertising trackers.

6. Data retention

We keep your account and health information for as long as your account is active. If you request deletion (see Section 7), we delete your account data within 30 days, except where we are required by law to retain certain records (e.g., tax records for orders).

7. Your rights

Under RA 10173 you have the right to be informed, to access, to object, to erasure or blocking, to damages, to data portability, and to file a complaint with the National Privacy Commission. To exercise any of these, email us at the address below.

8. Security

We protect your information using TLS in transit, encryption at rest (Supabase managed), salted password hashing, row-level security on our database tables, and least-privilege access for the small team that operates the Service. No system is perfectly secure, but we take reasonable steps appropriate to the sensitivity of health data.

9. Children

The Service is intended for adults aged 18 and over. We do not knowingly collect information from anyone under 18. If you believe a child has provided information to us, please contact us so we can delete it.

10. International transfers

Our service providers (including Supabase) may process data on servers located outside the Philippines. We rely on contractual safeguards with these providers to ensure your information remains protected at a standard consistent with Philippine law.

11. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email or by a prominent notice in the Service. The “Effective” date at the top reflects the latest version.

12. Contact us

Questions, deletion requests, or complaints:
Data Protection Officer, GutGuard Protocol Center
Email: privacy@gutguard.ph
General Santos City, Philippines

DEMO