Privacy Policy

Pivotal exists for the people inside it. Your information is treated the same way your protocol is treated : privately, deliberately, and without leak.

I. What we collect.

Pivotal collects the minimum information required to operate a private, invitation-based intelligence layer. Nothing more.

• Email address, used solely as your sign-in identifier for magic-link authentication.
• Intake form fields, only if you choose to submit an intake (symptom map, history, goals). Fields you leave blank are not stored.
• IP address and User-Agent string, captured on sign-in and form submission for fraud prevention only.
• No analytics cookies. No advertising cookies. No cross-site trackers. No fingerprinting beacons.

II. How we store it.

All member data lives in a Cloudflare KV namespace, encrypted at rest by the underlying platform. Storage discipline is split by purpose.

• First-touch attribution records (initial visit metadata) are retained for 90 days, then purged automatically.
• Active member sign-in records persist while your membership is active and are removed on request or on membership end.
• Intake submissions are encrypted at rest and accessible only to Pivotal operators handling your protocol.
• No backups are written to third-party services outside Cloudflare's network.

II-A. Health and clinical data.

The intake form collects health information, including but not limited to: biometric values, laboratory results (HbA1c, fasting glucose, testosterone, IGF-1, creatinine), current medications, prior compound history, symptoms, and health goals. This information is sensitive by nature and is treated accordingly.

• Collection basis: Health data is collected only when you voluntarily submit an intake form. Submission is never required to access educational content on this site.
• Access: Health data is accessible only to Pivotal operators directly responsible for your protocol design. It is never shared with third parties, affiliates, or contractors outside that purpose.
• Retention: Active intake records are retained for the duration of your membership plus 24 months, to support continuity across protocol cycles. After that window, health records are deleted in full unless you request earlier deletion or request extension in writing.
• Deletion: You may request deletion of all health data at any time by writing to privacy@thepivotalprotocol.com. Deletion is completed within 30 days. We will confirm completion in writing.
• No secondary use: Health data submitted through intake is used solely for protocol design. It is never used for research, product development, marketing, or any purpose beyond the service you requested.

Pivotal does not currently operate as a HIPAA-covered entity or business associate. If your protocol engagement involves a licensed physician who operates under HIPAA, consult your physician regarding their own data handling obligations. Pivotal's obligations are defined in this policy.

III. What we do not do.

Pivotal is the most intensely private company in this space by design. Your information stays inside Pivotal.

• We do not sell your data. Not in aggregate, not de-identified, not ever.
• We do not run third-party advertising tracking on this site or in any communication we send you.
• We do not share your information with marketing partners, data brokers, list rentals, or affiliate networks.
• We do not run remarketing pixels, conversion APIs, or social platform tracking tags.

IV. How magic-link sign-in works.

Pivotal does not store passwords. Sign-in works through a single-use, time-bound link delivered to your registered email address.

• Each magic link expires 10 minutes after it is issued.
• Each link is single-use. Once consumed, it cannot be replayed.
• No password is ever stored on our servers, because no password is ever created.
• If a link is intercepted but not used within the window, it expires harmlessly.

V. Data deletion and contact.

Requests for data deletion, data export, or any privacy question can be sent to privacy@thepivotalprotocol.com. We respond within 7 business days. Deletion requests are honored in full within 30 days, excluding records we are legally required to retain.

VI. Children.

Pivotal is built for adults making decisions about their own physiology. We do not knowingly collect data from anyone under 18. If we learn that information from a minor has been submitted, we delete it.

VII. Changes to this policy.

Material changes to this policy are posted on this page with a revised effective date at the top. We do not rely on email notifications to inform members of policy changes; the canonical version is always the one you are reading right now.

Pivotal is an intelligence layer, not a prescriber. This privacy policy governs the handling of personal information collected through thepivotalprotocol.com and its associated member surfaces. For questions that fall outside the scope of this document, write to privacy@thepivotalprotocol.com.