Privacy Policy
We believe privacy is a right, not a feature. This policy explains exactly what data we collect, why we collect it, and how you can control it.
Overview
This Privacy Policy applies to Wellness Pure Life (“we”, “our”, or “us”), accessible at wellnesspurelife.com. It covers all services we offer, including AI-generated wellness plans, quizzes, 21-day challenges, the blog, and premium subscriptions.
1. Information We Collect
Information you provide directly
- Account data: Name and email address when you sign up or log in.
- Quiz responses: Answers you submit in wellness quizzes (fitness level, goals, dietary preferences, stress levels, etc.). These are used solely to generate your personalized plan.
- Payment data: Billing name and card details when you subscribe to Premium. Card numbers are processed by Stripe and never stored on our servers.
- Communications: Messages you send via the contact form or email.
- Newsletter sign-up: Email address and optional first name when you subscribe to wellness tips.
Information collected automatically
- Usage data: Pages visited, time on page, scroll depth, and clicks — collected via Google Analytics.
- Device data: Browser type, operating system, screen size, and referring URL.
- IP address: Used to derive approximate location (country/region level) for analytics and fraud prevention.
- Push notification tokens: Device tokens stored in Firebase if you opt in to browser push notifications.
- Session data: Temporary browser sessionStorage values (e.g. to track whether you have seen a specific prompt in a session). These are never transmitted to our servers.
2. How We Use Your Information
Your quiz answers are passed to Google Gemini to generate a personalized wellness plan. No raw answers are stored after plan generation.
We send account verification emails, password reset links, weekly wellness tips (if subscribed), and drip onboarding emails.
Payment data is used to process your Premium subscription via Stripe and manage billing events (renewals, cancellations).
Usage data helps us understand which content is most helpful and how to improve the platform — never used for individual profiling.
If you opt in, we send wellness reminders and new content alerts via Firebase Cloud Messaging. You can opt out at any time.
IP addresses and account activity are monitored to detect suspicious behavior, prevent abuse, and protect user accounts.
3. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), the UK, or Switzerland, we process your personal data under the following legal bases:
| Processing Activity | Legal Basis |
|---|---|
| Account creation and authentication | Contract performance |
| AI wellness plan generation | Contract performance |
| Payment processing | Contract performance |
| Transactional emails (verification, reset) | Contract performance |
| Marketing emails and newsletters | Consent (opt-in) |
| Analytics and usage tracking | Legitimate interest |
| Push notifications | Consent (opt-in) |
| Fraud prevention and security | Legitimate interest / Legal obligation |
4. Third-Party Services
We work with the following trusted third-party providers. Each has its own privacy policy and data processing terms:
Tracks page views, scroll depth, and user events. Data is anonymized and aggregated. We do not enable advertising features. Google Privacy Policy
Handles all Premium subscription billing. Card data is tokenized and stored by Stripe — we never see or store full card numbers. Stripe Privacy Policy
Generates personalized wellness plans from your quiz answers. Prompts are sent via API and not used to train Google models under our API agreement. Gemini API Terms
Stores device push tokens for web and mobile notifications if you opt in. You can revoke permission in your browser settings at any time. Firebase Privacy
Stores user accounts, wellness plans, quiz results, and blog content. Data is encrypted at rest and in transit. Hosted in secure cloud infrastructure.
Used to deliver transactional emails (verification, password reset) and newsletter emails. Email addresses are never shared with third parties for marketing.
6. Data Retention
- Account data: Retained for as long as your account is active. Deleted within 30 days of a verified deletion request.
- Wellness plans: Stored until you delete them or close your account.
- Quiz answers: Raw quiz answers are not stored after plan generation. Only the generated plan output is saved.
- Payment records: Billing history is retained for 7 years to comply with financial regulations, even after account deletion.
- Analytics data: Aggregated and anonymized; retained per Google Analytics default settings (up to 26 months).
- Email logs: Retained for up to 90 days for deliverability diagnostics, then purged.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
Request a copy of all personal data we hold about you.
Request that inaccurate or incomplete data be corrected.
Request erasure of your personal data (“right to be forgotten”).
Request that we limit processing of your data in certain circumstances.
Receive your data in a structured, machine-readable format.
Object to processing based on legitimate interest, including direct marketing.
To exercise any of these rights, email [email protected] with the subject line “Privacy Request”. We will respond within 30 days.
8. Children's Privacy
Wellness Pure Life is not directed at children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal data from minors. If you believe a child has provided us with personal information, please contact us immediately at [email protected] and we will delete the data promptly.
9. International Data Transfers
Your data may be processed in countries outside your own, including the United States, where our servers and third-party providers operate. When transferring data from the EEA or UK, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Adequacy decisions where applicable.
- Third-party providers who are certified under applicable data transfer frameworks.
10. Data Security
We implement industry-standard security measures to protect your data:
- All data is transmitted over TLS (HTTPS) encryption.
- Passwords are hashed using bcrypt before storage — we never store plain-text passwords.
- Database access is restricted to authenticated services only.
- Payment data is handled entirely by Stripe and never touches our servers.
- JWT tokens are signed with a secret key and validated on every protected request.
Despite these measures, no system is completely immune to breaches. In the event of a data breach that affects your personal data, we will notify affected users within 72 hours where required by law.
11. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will:
- Update the “Last updated” date at the top of this page.
- Send a notification email to registered users for material changes.
Continued use of Wellness Pure Life after changes are posted constitutes your acceptance of the updated policy.
12. Contact Us
For any privacy-related questions, data requests, or concerns, please reach out:
We aim to respond to all privacy requests within 30 days. For urgent matters, please indicate “URGENT” in your subject line.