LabGPTLabGPT
UploadBiomarkersGuidesPricingBlogSign in

Privacy Policy

Last updated: April 2, 2026

Your privacy matters to us. This Privacy Policy explains how LabGPT ("we," "us," or "our") collects, uses, stores, and protects your information when you use our website and services at labgpt.ai.

1. Information We Collect

We collect the following types of information when you use LabGPT:

  • Uploaded Lab Reports: When you upload a PDF, image, or photo of your lab results, we process the file to extract biomarker data for analysis. Your uploaded files are stored temporarily for processing and are automatically deleted.
  • Account Information: If you create an account, we collect your email address, name (if provided), and profile photo (if you sign in via Google).
  • Usage Data: We collect anonymous usage data such as pages visited, features used, device type, browser type, and general location (country/region level). This helps us improve the product.
  • Payment Data: If you subscribe to a paid plan, payment information is collected and processed securely by Stripe. We never store your credit card details on our servers.

2. How We Use Your Information

  • Lab Report Analysis: Your uploaded lab results are sent to OpenAI's API for AI-powered analysis. OpenAI processes the data to generate plain-English explanations of your biomarkers. OpenAI does not use your data to train their models under our API agreement.
  • Account Management: Your email and account details are used to manage your account, send transactional emails, and provide customer support.
  • Product Improvement: Anonymous usage data helps us understand how people use LabGPT so we can make the experience better. We do not use your personal health data for product development or marketing.
  • Subscription Billing: Payment information is used solely to process your subscription payments through Stripe.

3. Data Storage and Security

We take the security of your data seriously:

  • Encryption: All data is encrypted in transit (TLS/SSL) and at rest (AES-256).
  • Database: User account data and analysis results are stored in Supabase, a secure, enterprise-grade database platform with row-level security.
  • Auto-Deletion: Uploaded lab report files are automatically deleted after processing. We retain your analysis results so you can access them in your dashboard, but you can request deletion at any time.
  • Access Controls: We use strict access controls to ensure only authorized systems and personnel can access your data.

4. Third-Party Services

We use the following third-party services to operate LabGPT:

  • OpenAI (Analysis): Powers our AI lab result analysis. Your lab data is sent to OpenAI's API for processing. Under our API agreement, OpenAI does not use your data to train their models.
  • Stripe (Payments): Handles all payment processing for Pro subscriptions. Stripe is PCI-DSS Level 1 compliant.
  • Google (Authentication): If you choose to sign in with Google, we receive your basic profile information (name, email, profile photo) from Google.
  • Supabase (Database): Stores user accounts and analysis results with enterprise-grade security.
  • Vercel (Hosting): Hosts the LabGPT website and handles server-side processing.

5. Important HIPAA Notice

LabGPT is NOT a HIPAA-covered entity and is NOT HIPAA certified. We are an educational tool that helps you understand your lab results in plain English. We do not provide medical advice, diagnoses, or treatment recommendations.

While we implement strong security measures to protect your data, you should not upload lab results containing sensitive health information if HIPAA compliance is a requirement for your use case. Always consult your healthcare provider for medical decisions.

6. Cookies and Analytics

We use cookies and similar technologies for the following purposes:

  • Essential Cookies: Required for authentication, session management, and core functionality. These cannot be disabled.
  • Analytics Cookies: We use Google Analytics to understand how visitors use our site. This data is aggregated and anonymous. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

7. Your Rights

You have the following rights regarding your data:

  • Access Your Data: You can view all your stored analysis results through your LabGPT dashboard at any time.
  • Delete Your Data: You can request complete deletion of your account and all associated data by emailing us at support@labgpt.ai. We will process deletion requests within 30 days.
  • Export Your Data: You can request a copy of your stored data by contacting us.
  • Correct Your Data: If any of your account information is inaccurate, you can update it through your account settings or by contacting us.

8. Children's Privacy

LabGPT is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify registered users by email and update the "Last updated" date at the top of this page. Your continued use of LabGPT after changes are posted constitutes your acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Email: support@labgpt.ai

LabGPTLabGPT

AI-powered lab results explained in plain English. Understand your health, take action.

Product

  • Upload Results
  • Biomarker Library
  • Normal Ranges
  • Pricing

Resources

  • Lab Test Guides
  • Blog
  • About LabGPT
  • Contact

Legal

  • Privacy Policy
  • Terms of Service
  • HIPAA Notice

© 2026 LabGPT. All rights reserved.

LabGPT is not a medical device and does not provide medical advice. Always consult your healthcare provider.