Privacy Policy
Last updated: May 30, 2026
Note: this document is a working draft for the pre-launch phase. Before public launch, it will be reviewed by counsel specializing in U.S. privacy law and health-tech. The current content reflects our intent, but it isn't a substitute for formal legal advice.
Wiser Years is built privacy-first. This policy explains what data we collect, what we deliberately do not collect, how the chat stays private, and the rights you have. Plain English, no jargon.
1. The short version
- We collect your email (to sign you in) and your Stripe subscription status (to know whether you have access).
- We do not store your conversations with the AI. Messages flow through our server in memory only. Nothing is written to disk.
- We do not sell or share your data for advertising. The chat page itself runs zero tracking scripts — Meta Pixel, Google Analytics, or anything else. We use Meta Pixel only on our marketing pages (homepage, pricing, about) and only after you accept analytics via the banner. See sections 3 and 11.
- We are not a HIPAA-covered entity, not a healthcare provider, and we do not provide medical advice.
2. Who we are
Wiser Years is operated by S.C. Metis IT&Software S.R.L., a company registered in Romania, EU. The full operator identification (tax registration, trade registry, registered office) is in section 15 below. For any data-related question: technical.med.dgc@gmail.com.
3. What we collect
- Account info — your email address. That's the entire account identity.
- Subscription info — your Stripe customer ID, subscription ID, status (active/past_due/canceled, etc.), and the current billing period end date.
- Session info — when you sign in, we set a session cookie. The session record stores the cookie value, your user ID, and an expiration date. Nothing about your activity.
- Free-trial identifier — to enforce the one-conversation-free rule (so the free conversation can't be reused by clearing cookies and trying again), we generate a random anonymous ID, store it together with first/last-message timestamps and a “free conversation used” flag, and place that ID in an httpOnly first-party cookie called wy_anon. No conversation content, no symptoms, no health data is stored alongside the identifier. The identifier is not linked to your identity unless and until you sign up; once you sign up, the same window and used-flag are also recorded against your account, so clearing the cookie after registration does not reset your free quota.
- Anonymous usage analytics — page views via Plausible (cookieless, no fingerprinting, no individual identification). The chat page is excluded.
- Marketing-page measurement (Meta Pixel) — on our public marketing pages only (homepage, pricing, about), and only if you accept analytics via the consent banner, we use Meta Pixel to measure ad performance. It fires three standard events: PageView, InitiateCheckout (when you start a Stripe checkout), and Purchase (sent server-side via Meta's Conversions API when a payment succeeds, with your email hashed before transmission so it isn't exposed in clear text). No conversation content, no symptoms, no health data is ever sent. The pixel is never loaded on the chat page or on your account page. Decline the banner and the pixel never loads at all.
4. What we deliberately don't collect
- Conversation content. Your messages and the AI's replies flow through our server in memory only and are never written to a database, log, or file. Refreshing the chat page discards the conversation client-side as well.
- Symptoms, diagnoses, history. We have no fields for any of that, anywhere in our database.
- Behavioral profiles. No advertising pixels, no conversion APIs that touch chat content, no third-party scripts on the chat page.
5. Who processes data on our behalf
- Supabase — Postgres database that holds the email + Stripe subscription row.
- Vercel — hosting that runs the website and the chat API server-side.
- Stripe — payment processing and subscription management. We never see your card.
- Anthropic — the AI provider for the chat. Your messages are sent to Anthropic to generate replies. Per Anthropic's commercial terms, API data is not used to train their models, and retention is short by default.
- Zepto Mail (ZeptoMail) — sends your magic-link sign-in emails.
- Plausible — cookieless analytics (page views, country at a coarse level). No personal identifiers.
- Meta (Facebook) — only when you accept the analytics banner, and only on our marketing pages. Receives three standard funnel events (PageView, InitiateCheckout, Purchase) with monetary value and a hashed email for matching. Never receives chat or health data. Not loaded on the chat or account surfaces.
6. Retention
- Your email + subscription record — kept as long as your account exists. Deleted within 30 days of account deletion (Stripe invoices retained as required by U.S. tax law).
- Sessions — expire on the timestamp Auth.js stores; you can sign out anytime to invalidate immediately.
- Conversation content — never stored, nothing to retain.
7. Your rights
You have the right to:
- Access — find out what data we have about you (which is short to read).
- Deletion — request that we erase your account. You can self-serve this from /account.
- Correction — change your email.
- Portability — export your data (essentially: your email + subscription status — we'll send a JSON file).
- Withdraw consent — at any time, by canceling.
To exercise any right, email technical.med.dgc@gmail.com. We respond within 30 days, usually much sooner.
8. California consumer rights (CCPA / CPRA)
California residents have all the rights above plus:
- Right to know what personal information we collect (covered in sections 3 and 4).
- Right to opt out of “sale” or “sharing” for cross-context behavioral advertising. We do not sell or share your personal information.
- Right to limit use of sensitive personal information — we don't collect sensitive personal info; symptom data is ephemeral and not retained.
- Right to non-discrimination — we will not discriminate against you for exercising any of these rights.
“Shine the Light” (Cal. Civil Code § 1798.83). We do not share personal information with third parties for those parties' direct marketing.
9. Health-data laws (Washington MHMDA, Nevada SB 370, Connecticut SB 3)
These laws regulate “consumer health data.” Wiser Years is intentionally designed so that we don't collect, store, or share consumer health data: conversation content stays ephemeral and the database holds no symptom or health fields. If you ever find a place where we do collect health data, please tell us and we will treat it as a bug.
10. Children (COPPA)
Wiser Years is intended for adults 18 and older. We do not knowingly collect personal information from children under 13. If we learn that we have, we delete it promptly.
11. Cookies
Two first-party cookies, always set:
- Sign-in / session cookie (Auth.js) — set after you sign in, lets us recognize your session on subsequent requests.
- wy_anon — a random anonymous identifier used to enforce the one-conversation-free rule before you sign up (see section 3).
Third-party cookies are set only on marketing pages and only if you accept the analytics banner:
- Meta Pixel (Facebook) — loads on the homepage, pricing, about, and similar public pages when analytics consent is granted. Used to measure ad performance. Never loaded on the chat page or your account page.
Plausible is cookieless. If you decline the analytics banner, no third-party cookies are set; if you accept and later change your mind, clearing your browser's site data for wiser-years.com resets the choice and the banner appears again.
12. Security
HTTPS site-wide. Data at rest is encrypted by our infrastructure providers. Access to the database is limited to the application's service role.
13. Changes to this policy
If we change this policy materially, we'll give notice on the site and by email. Changes take effect 30 days after publication, or immediately if required by law.
14. Health-care and FDA disclaimers
Wiser Years is an educational platform. We are not a HIPAA-covered entity, not a healthcare provider, and we do not provide medical advice. Information you share with us is not protected health information (PHI). For medical care, see a licensed clinician.
Wiser Years content is educational. Statements about products, conditions, or interventions have not been evaluated by the U.S. Food and Drug Administration. The content is not intended to diagnose, treat, cure, or prevent any disease. Always consult your clinician.
15. Data controller & contact
The data controller responsible for the personal data processed through Wiser Years is the company that operates the service:
- S.C. Metis IT&Software S.R.L. (registered in Romania, EU)
- Tax registration (CUI / VAT ID): RO46338515
- Trade Registry: J2022000382407
- Registered office: Str. Râmnicu Vâlcea nr. 8, cam. 1, et. 8, ap. 809, Sector 3, București, Romania
For any data-related question, to exercise your rights, or to contact the controller: technical.med.dgc@gmail.com. We respond within 30 days.