Privacy Policy

Last updated: April 10, 2026

1. Introduction

Panta ("we", "us", "our") is a personal health tracking platform that helps you monitor diet, exercise, supplements, and medical records. This privacy policy explains what data we collect, how we use it, and your rights regarding that data.

2. Data We Collect

Account information

When you create an account, we collect your name and email address. If you sign up with a password, we store a securely hashed version — we never store your password in plain text.

Health data you provide

You may choose to log meals, food items, workouts, exercises, supplements, medical conditions, medications, appointments, and lab results. This data is stored on your behalf and is only accessible to you.

AI chat conversations

If you use the AI health assistant, your messages and the assistant's responses are stored in your account to maintain conversation history.

Payment information

If you subscribe to a paid plan, payment processing is handled entirely by Stripe. We do not store your credit card number. We receive and store your Stripe customer ID and subscription status.

Usage data

We use PostHog to collect anonymous analytics such as page views and feature usage. This helps us improve the product. No health data is included in analytics events.

3. How We Use Your Data

  • To provide and maintain the Panta platform and your personal health dashboard
  • To power the AI health assistant with context from your logged data
  • To process payments and manage your subscription
  • To send essential account communications (e.g., password resets)
  • To improve the product based on aggregated, anonymous usage patterns

We do not sell, rent, or share your personal health data with advertisers or data brokers.

4. Third-Party Services

We use the following third-party services:

  • Stripe — payment processing. Subject to Stripe's Privacy Policy.
  • OpenRouter — AI model routing for the health assistant. Chat messages are sent to the AI provider to generate responses.
  • Strava — optional integration to import workouts. Only connected if you explicitly link your Strava account.
  • PostHog — product analytics. Collects anonymous usage data, not health data.

5. Cookies and Sessions

Panta uses session cookies to keep you logged in. We do not use advertising or tracking cookies. PostHog may set a cookie to distinguish unique visitors for analytics purposes.

6. Data Storage and Security

Your data is stored on servers secured with HTTPS encryption. All database queries are scoped to your user account, ensuring strict data isolation. We follow industry best practices to protect your information, but no method of transmission or storage is 100% secure.

7. Data Retention

Your data is retained as long as your account is active. If you delete your account, all associated data — including health records, chat history, and subscription information — is permanently deleted.

8. Your Rights

You have the right to:

  • Access all data stored in your account through the app interface
  • Correct inaccurate data by editing your records
  • Delete your account and all associated data from the Settings page
  • Request a copy of your data by contacting us at the email address below

9. Children's Privacy

Panta is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us so we can delete it.

10. Changes to This Policy

We may update this privacy policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

11. Contact Us

If you have any questions about this privacy policy or your data, contact us at hello@panta.my.