TATSERRUN

Legal

Privacy Policy

Last updated: March 23, 2026

1. Who We Are

This Privacy Policy applies to the TATSERRUN platform and experiment, operated by PSS Digital & RE ("we," "us").

2. Data We Collect

Personal Information

  • Name and email address (provided during eligibility application)
  • Age, biological sex, height, weight (eligibility questionnaire)
  • Payment information (processed and stored by Stripe; we do not store card numbers)
  • Phone number (if provided for WhatsApp communication)

Experiment Data (Clinical Study)

  • Daily weight measurements
  • Craving intensity scores (1–10)
  • Mental clarity / cognitive efficiency scores (1–10)
  • Movement compliance (Yes/No)
  • Trigger avoidance — junk food and alcohol (Yes/No)
  • Meal photographs (uploaded voluntarily)
  • Optional: sleep duration, sleep quality, screen time

Technical Data

  • Browser type, device information, IP address
  • Page views and interaction events (Google Analytics, Meta Pixel)
  • Session recording data (Microsoft Clarity, production only)

3. How We Use Your Data

  • Clinical Research: Your experiment data is used to validate our hypothesis that identity-based behavioral interventions produce sustainable weight loss. Data is anonymized before any public reporting.
  • Service Delivery: To provide personalized coaching, daily accountability, and protocol guidance during the 30-day experiment.
  • Compliance Monitoring: To track daily logging compliance as part of the behavioral contract agreement.
  • Communication: To send protocol reminders, daily briefs, and compliance notifications.

4. Data Storage & Security

Your data is stored in encrypted databases hosted on Supabase (cloud infrastructure with row-level security). Payment data is processed and stored exclusively by Stripe (PCI DSS Level 1 certified). We implement industry-standard security measures including HTTPS encryption, access controls, and regular security reviews.

5. Data Sharing

  • We never sell your personal data to third parties
  • Anonymized, aggregate research data may be published in experiment results
  • Service providers (Stripe, Supabase, Vercel) process data on our behalf under strict data processing agreements
  • Analytics providers (Google, Meta) receive anonymized usage data for marketing optimization

6. Your Rights

Depending on your jurisdiction (GDPR, CCPA, or equivalent), you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to data processing for marketing purposes
  • Request data portability
  • Withdraw consent at any time

To exercise any of these rights, contact us via email. We will respond within 30 days.

Note: Withdrawing from the experiment may trigger the behavioral contract penalty if done after the 30-day commitment begins. Data deletion requests will be honored after any contractual obligations are resolved.

7. Cookies & Tracking

We use cookies and tracking technologies for analytics (Google Analytics), advertising measurement (Meta Pixel), and session recording (Microsoft Clarity). You can manage cookie preferences through your browser settings.

8. Data Retention

Personal data is retained for the duration of your participation plus 24 months for research purposes. Anonymized experiment data may be retained indefinitely for scientific research. Payment records are retained as required by financial regulations.

9. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email to active participants.

10. Contact

PSS Digital & RE
For privacy inquiries, data requests, or complaints, contact us via the platform.