Privacy Policy

Hakim Health (“we,” “us,” or “our”) is a health-coaching practice operated by Mo Hakim, providing personalized programming, nutrition guidance, and accountability coaching through this web application (the “Service”).

This Privacy Policy describes how we collect, use, share, and protect your information when you use the Service. If you have questions, contact us at privacy@hakimhealth.co.

We collect the information necessary to deliver coaching services and operate the Service.

Information you provide directly

• Account information: name, email address, phone number, password.
• Intake information: goals, training history, current routines, equipment access, available time, sleep and stress patterns.
• Health and fitness data: height, weight, body composition measurements, body fat percentage, progress photos, training logs, nutrition logs, hydration logs, journal entries, current clinical protocols you choose to share.
• Coaching communications: messages, voice notes, and form-check videos you exchange with your coach.
• Payment information: billing details processed by Stripe. We never store full card numbers.

Information collected automatically

• Usage data: pages viewed, features used, session duration, approximate location derived from IP address.
• Device information: browser type, operating system, device identifiers.
• Cookies: we use essential cookies for authentication and session management. We do not use advertising or third-party tracking cookies.

We use your information to:

• Provide the Service — generate personalized programming, calculate macro targets, track progress, and deliver coaching reviews.
• Communicate with you — send service-related emails, coaching responses, and product updates you have opted into.
• Process payments and manage subscriptions through Stripe.
• Improve the Service — analyze aggregate usage patterns and diagnose technical issues.
• Comply with legal obligations, prevent fraud, and protect the rights and safety of users and our team.

We do not sell your personal information. We do not use your data to train third-party AI models without explicit consent.

We share data only with the third-party service providers that operate the Service. Each is bound by contractual obligations to protect your information.

• Supabase— database and authentication.
• Stripe— subscription billing and payment processing.
• Resend— transactional email delivery.
• Anthropic— AI-assisted features (program scaffolding, photo food logging). Your inputs are sent to Anthropic’s API for processing. Anthropic does not retain or train on this data.
• Sentry— error monitoring.
• Cloudflare— bot protection and edge security.
• Vercel— application hosting.

We may disclose information when required by law, valid legal process, or to protect against fraud, threats, or misuse of the Service.

Depending on where you live, you may have the following rights regarding your information:

• Access— request a copy of the data we hold about you.
• Correction— correct inaccurate information.
• Deletion— delete your account and associated data. You can do this from Settings inside the Service, or by emailing us.
• Portability— receive your data in a structured, machine-readable format.
• Opt out— unsubscribe from non-essential emails at any time via the unsubscribe link in any message.
• Withdraw consent— where we rely on consent, you can withdraw it at any time without affecting prior processing.

To exercise any of these rights, contact us at privacy@hakimhealth.co. We respond within 30 days.

We retain your data while your account is active and for a reasonable period afterward to comply with legal, accounting, or reporting obligations. When you delete your account, we delete or anonymize your personal data within 90 days, except where retention is legally required (for example, billing records).

We use industry-standard technical and organizational safeguards: encrypted database connections, row-level security on user data, encrypted storage of secrets, HTTPS-only communication, signed-webhook validation for payment events, and bot protection on authentication endpoints. No system is perfectly secure, but we take breach response seriously and will notify affected users within the timeframes required by applicable law.

Hakim Health provides health coaching, not medical care. We do not diagnose, treat, cure, or prevent any disease. Information you provide through the Service is used to support your coaching, not to provide medical advice. Coaching should not replace consultation with your physician or clinical care team. For medical questions, consult a licensed healthcare provider.

The Service is intended for adults aged 18 and older. We do not knowingly collect information from anyone under 18. If you believe a minor has provided us with personal information, contact us and we will delete it.

We operate from the United States. If you access the Service from outside the U.S., your data will be transferred to and processed in the U.S. and other jurisdictions where our service providers operate. We rely on contractual safeguards required by applicable data protection law to make these transfers.

California residents have the right to know, delete, and opt out of the sale of personal information. We do not sell personal information.

EU/UK residents may lodge a complaint with a local data protection authority if you believe we have not handled your data lawfully.

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page and, for material changes, notify you by email or through the Service.

Questions, requests, or complaints? Email privacy@hakimhealth.co.