Privacy Policy

1. Introduction

DiRECT2 ("we," "us," or "our") operates the website at direct2.app and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, including downloading our free eating plan.

2. Information We Collect

Information You Provide Directly: When you sign up to receive our free 1-page eating plan, we collect your email address. This is the only personal information we require.

Automatically Collected Information: We use Vercel Analytics to collect anonymous usage data such as page views, referral sources, browser type, device type, and approximate geographic location. This data is aggregated and does not personally identify you.

Cookies: We may use essential cookies required for site functionality. We do not use third-party advertising cookies. If we implement Meta Pixel or Google Ads tracking in the future, this policy will be updated accordingly.

3. How We Use Your Information

We use the information we collect to: deliver the free 1-page eating plan to your email via our email provider (Resend); send you follow-up educational content related to evidence-based diabetes remission (you can opt out at any time); improve our website and services based on aggregated analytics data; and communicate important updates about our services or this policy.

4. Data Storage and Security

Your email address is stored securely in our database hosted on Supabase, which uses encryption at rest and in transit. We implement Row Level Security (RLS) policies and follow security best practices. While no method of electronic storage is 100% secure, we take reasonable measures to protect your personal information.

5. Third-Party Services

We share your information only with the following service providers who are necessary for operating our service: Supabase (database hosting), Resend (email delivery), Vercel (website hosting and analytics). These providers process your data only as necessary to perform their services and are bound by their own privacy policies. We do not sell, trade, or rent your personal information to third parties.

6. Your Rights

You have the right to: access the personal data we hold about you; request correction of inaccurate data; request deletion of your data; unsubscribe from marketing emails at any time using the unsubscribe link in any email; and withdraw consent for data processing. To exercise any of these rights, contact us at hello@contactdirect2.site.

7. Data Retention

We retain your email address for as long as you remain subscribed to our communications. If you request deletion, we will remove your data within 30 days of your request, except where retention is required by law.

8. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will take steps to delete such information.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a revised "Last updated" date. Your continued use of our services after any changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at hello@contactdirect2.site.