Legal, privacy and data protection
Public-facing documents for NutriScope's MVP posture: privacy, terms, DPA, DPIA summary, cookies, subprocessors, security and retention. These pages reflect the PRD and compliance guidance, and still need formal legal review before production launch.
Privacy Notice
How NutriScope handles account, client, health-related, booking, payment, message, file and AI-assisted review data.
Terms of Service
The expected terms for practitioner, clinic and client use of NutriScope, including product boundaries, secure use, bookings, payments and AI-assisted review.
Data Processing Agreement
Expected processor commitments for practitioner and clinic customers using NutriScope with client records.
Data Protection Impact Assessment
A DPIA summary for NutriScope's special category data, relationship-based access, messaging, files, payments and optional AI-assisted review workflows.
Cookie, Email And Push Policy
How NutriScope uses essential cookies, local storage, service notifications, push controls and non-essential analytics boundaries.
Subprocessor List
Current and expected vendors that may process personal data for NutriScope, including items requiring confirmation before production launch.
Security And Technical Measures
A plain-language summary of NutriScope security controls, including access control, RLS, server-only secrets, files, payments, AI and operational safeguards.
Retention And Deletion
The draft retention schedule for account records, client records, health data, messages, files, bookings, payment metadata, AI context and logs.