Your Privacy is Sacred
GutCheck is designed for complete anonymity. We don't collect your name, we don't store your payment details, and we can't read your conversations. You are truly anonymous.
Our Privacy Principles
These principles guide everything we do to protect your privacy and keep your data secure.
Complete Anonymity
We do not collect or retain your real name, address, or any personally identifiable information. You remain completely anonymous.
- No name or address collection
- Anonymous account creation
- No identity verification required
- Payment details fully encrypted
Zero-Knowledge Architecture
We cannot access your conversations. All data is encrypted before it leaves your device and only you hold the decryption keys.
- End-to-end encryption (AES-256)
- Client-side encryption
- No server-side access to content
- Zero-knowledge proof system
Encrypted Payment Processing
Payment details are processed through PCI-DSS compliant providers. We never see or store your full payment information.
- Tokenized payment processing
- No storage of card details
- Anonymous transaction IDs only
- Stripe-level encryption
UK GDPR Compliant
Full compliance with UK GDPR and Data Protection Act 2018. Your rights are protected by law.
- Right to erasure (be forgotten)
- Data portability guaranteed
- Transparent data practices
- ICO registered
What Data We Collect
Transparency is key. Here's exactly what data we collect and why.
Anonymous Account Data
Purpose: To provide service access without knowing your identity
Data Collected:
- Encrypted email address (hashed)
- Anonymous user ID
- Subscription status
- Account preferences
Retention Period:
Until you delete your account (instant deletion available)
Payment Information
Purpose: To process payments and manage subscriptions securely
Data Collected:
- Anonymous transaction ID
- Payment status (active/cancelled)
- Subscription tier
Retention Period:
7 years (UK tax law requirement) - names and card details are NOT stored
Encrypted Conversation Data
Purpose: To provide analysis and safety insights - we cannot read this data
Data Collected:
- End-to-end encrypted messages
- Client-side pattern analysis
- Encrypted safety scores
Retention Period:
Stored locally on your device or encrypted on servers with your keys only
Conversation Content and Images (AI Chat & Guidance)
Purpose: To provide you with personalised guidance. This data is sent to Anthropic (Claude), a third-party AI service, solely to generate responses for you. We do not use your content to train AI models. We ask for your consent in the app before any of this data is sent.
Data Collected:
- Messages you send in chat or guidance
- Images or documents you attach when using these features
Retention Period:
Processed only to generate your response. Anthropic's handling of data is described in their privacy policy (see Third-Party AI Provider section below).
Anonymized Usage Analytics
Purpose: To improve service quality - all analytics are fully anonymized
Data Collected:
- App usage frequency (no content)
- Feature usage statistics
- Performance metrics
Retention Period:
2 years (completely anonymized, cannot be linked to you)
AI-Powered Features & Third-Party Provider
When you use our chat or guidance features, your data is handled as follows.
When you use GutCheck's chat or guidance features, we collect the messages you send and any images or documents you attach. This data is collected when you send messages or attach images in the app (for example in the chat, when starting a conversation from the home screen, or from a notification). This data is used to provide you with personalised guidance. To do this, we send your conversation content and any attached images to Anthropic (Claude), a third-party AI service, solely to generate responses for you. We do not use your content to train AI models. We ask for your consent in the app before any of your data is sent to this provider.
Anthropic's handling of data is described in their privacy policy: https://www.anthropic.com/privacy. For full details of what we collect, how we use it, and how we protect it, see the rest of this policy.
Security Measures
We use industry-leading security practices to protect your data.
Encryption
AES-256 encryption for all data at rest and in transit. Your conversations are unreadable to anyone but you.
Local Processing
Most analysis happens on your device. Your conversations never leave your phone unless you choose to share them.
Compliance
SOC 2 compliant infrastructure with regular security audits. We meet the highest industry standards for data protection.
Your Rights
You have complete control over your data. Here's what you can do.
Data Control
- Delete your account and all data
- Export your data in standard formats
- Revoke access to third-party services
- Opt out of analytics and marketing
Transparency
- Request a copy of all your data
- See exactly what data we have about you
- Understand how your data is used
- Contact us with privacy questions
Questions About Privacy?
We're committed to transparency and your anonymity. If you have any questions about our privacy practices or want to exercise your rights under UK GDPR, we're here to help.
Important: What We DON'T Collect
- ✓Your real name or identity - you remain completely anonymous
- ✓Your payment card details - processed securely by Stripe, we never see them
- ✓The content of your conversations for our own use — encrypted and unreadable to us. When you use our AI chat or guidance features, we only send that content to Anthropic (Claude) with your prior consent, solely to generate responses; we do not use it to train AI models (see AI-Powered Features & Third-Party Provider above).
- ✓Your location, device info, or browsing history beyond basic analytics
Last Updated: January 2025 | Compliant with UK GDPR, Data Protection Act 2018, and registered with the ICO