Privacy Policy
Last updated: February 2026 | Effective date: February 1, 2026
Dr. Grey AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website drgrey.ai (the "Site").
Contents
1. Information We Collect
1.1 Information Automatically Collected
When you visit our Site, we may automatically collect certain information about your device and usage, including:
- Device Information: Browser type and version, operating system, device type (desktop, mobile, tablet), screen resolution
- Usage Data: Pages visited, time spent on pages, click patterns, search queries entered on our Site
- Network Information: IP address (which may be anonymized), approximate geographic location (country/region level), referring website or source
- Technical Data: Time zone setting, browser plug-in types and versions, language preferences
1.2 Information You Provide
Dr. Grey AI is primarily an informational resource that does not require user registration. However, you may voluntarily provide information when you:
- Contact us via email or feedback forms
- Subscribe to newsletters or updates (if offered)
- Report errors or suggest improvements
- Participate in surveys or research (if offered)
1.3 Information We Do Not Collect
We do not intentionally collect:
- Personal health information or medical records
- Financial or payment information
- Government identification numbers
- Biometric data
- Precise geolocation data
2. How We Use Your Information
We use the information we collect for the following purposes:
2.1 Site Operations and Improvement
- Provide, maintain, and improve the Site's functionality
- Monitor and analyze usage patterns to enhance user experience
- Identify and fix technical issues or errors
- Optimize Site performance and load times
- Develop new features based on user behavior
2.2 Communication
- Respond to your inquiries, comments, or feedback
- Send administrative notices about the Site
- Provide updates or newsletters (only if you have opted in)
2.3 Security and Legal Compliance
- Detect, prevent, and address fraud or abuse
- Protect the rights, property, and safety of Dr. Grey AI and our users
- Comply with legal obligations and enforce our terms
2.4 Analytics and Research
- Understand how users interact with our content
- Identify popular supplements, conditions, and search patterns
- Generate aggregated, anonymized statistics about Site usage
4. Third-Party Services
We may use third-party services that collect, monitor, and analyze information to help us improve the Site:
4.1 Analytics Providers
We may use analytics services such as Google Analytics, Plausible, or similar tools to understand Site usage. These services may collect information sent by your browser, including your IP address (which may be anonymized) and pages visited.
4.2 Hosting and Infrastructure
Our Site is hosted on third-party infrastructure providers (such as Vercel, AWS, or similar services) that may process technical data necessary for delivering the Site to you.
4.3 External Links
Our Site contains links to external websites, including:
- PubMed: Links to original research citations
- Other scientific databases: References to peer-reviewed literature
These external sites have their own privacy policies, and we are not responsible for their content or privacy practices. We encourage you to review their policies before providing any personal information.
5. Data Security
We implement appropriate technical and organizational measures to protect the information we collect, including:
- Encryption: Use of HTTPS/TLS encryption for all data transmitted between your browser and our servers
- Access Controls: Limiting access to personal information to authorized personnel only
- Secure Infrastructure: Hosting on reputable cloud platforms with industry-standard security measures
- Regular Updates: Keeping software and dependencies up to date with security patches
- Monitoring: Regular monitoring for security vulnerabilities and suspicious activities
While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
6. Data Retention
We retain information for as long as necessary to fulfill the purposes outlined in this Privacy Policy:
- Analytics Data: Typically retained for 14-26 months, then automatically deleted or anonymized
- Server Logs: Retained for 30-90 days for security and debugging purposes
- Contact Information: Retained until the purpose for which it was collected is fulfilled, or upon your request for deletion
- Aggregated/Anonymized Data: May be retained indefinitely as it cannot be used to identify individuals
7. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information:
7.1 General Rights
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate personal information
- Deletion: Request deletion of your personal information
- Opt-Out: Opt out of certain data collection practices
- Data Portability: Request your data in a portable format
7.2 For European Economic Area (EEA) Residents
Under the General Data Protection Regulation (GDPR), you have additional rights including:
- Right to restrict processing of your personal data
- Right to object to processing based on legitimate interests
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
7.3 For California Residents
Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), you have the right to:
- Know what personal information is collected and how it is used
- Request deletion of personal information
- Opt-out of the sale or sharing of personal information (note: we do not sell personal information)
- Non-discrimination for exercising your privacy rights
7.4 Exercising Your Rights
To exercise any of these rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within the timeframe required by applicable law.
8. Children's Privacy
Our Site is not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will take steps to delete such information.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we take appropriate safeguards to ensure your information remains protected, including:
- Using service providers that comply with applicable data protection frameworks
- Implementing standard contractual clauses where required
- Ensuring adequate security measures are in place
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:
- We will update the "Last updated" date at the top of this policy
- For material changes, we may provide additional notice (such as a banner on the Site)
- Your continued use of the Site after changes constitutes acceptance of the updated policy
We encourage you to periodically review this page for the latest information on our privacy practices.
11. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Dr. Grey AI
Email: privacy@drgrey.ai
Website: drgrey.ai
We aim to respond to all privacy-related inquiries within 30 days.