Privacy Policy

Last updated: March 2026

Data We Collect

When you create an account, we collect your name, email address, and age. During the assessment, we collect your tinnitus characteristics and hearing test results to provide personalised recommendations.

How We Use Your Data

Your data is used solely to provide you with tinnitus assessment results and personalised treatment recommendations. We do not sell, share, or monetise your personal or health data.

Data Storage & Security

Assessment data is encrypted using AES encryption before storage. Your password is hashed using bcrypt and is never stored in plain text. Data is stored in a secure PostgreSQL database hosted on Supabase with encryption at rest.

Cookies & Analytics

We use session cookies for authentication and Google Analytics to understand how visitors use our site. No advertising trackers are used.

Your Rights

You can request deletion of your account and all associated data at any time by contacting us. Under GDPR and similar regulations, you have the right to access, correct, and delete your personal data.

Contact

For privacy-related inquiries, contact us at privacy@tinnipax.com.