TwinSelf é uma plataforma de saúde digital que cria um gêmeo digital do seu corpo. Usando IA, analisa biomarcadores, nutrição, atividade física e mais 4 dimensões para otimizar sua saúde.

TwinSelf is a digital health platform that creates a digital twin of your body. Using AI, it analyzes biomarkers, nutrition, physical activity and 4 more dimensions to optimize your health.

O TwinSelf substitui um médico?

Não. O TwinSelf é uma ferramenta de acompanhamento e otimização de saúde. Não fornece diagnósticos médicos nem substitui a consulta com profissionais de saúde.

Meus dados de saúde são seguros?

Sim. Seguimos padrões LGPD e GDPR. Seus dados são criptografados, nunca vendidos, e você pode exportar ou deletar tudo a qualquer momento.

Privacy Policy

Last updated: April 2026

This Privacy Policy explains what personal data TwinSelf collects, why we collect it, how we process it, and what your rights are. We write in plain language because your privacy matters and you deserve to understand what happens to your data.

1. What We Collect

We collect different categories of data depending on which features you use. Here is the complete list:

Profile data -- name, email address, date of birth, gender, time zone. Collected when you create your account.
Biomarker data -- test results, blood count values, health scores. You enter them manually or upload lab reports.
Supplement and medication data -- what you take, dosage, frequency, schedule. You log this yourself.
Sleep data -- sleep duration, quality, timing. Entered manually or synced from wearables.
Nutrition data -- meals, macronutrients, food preferences. You log this yourself.
Exercise data -- workouts, activity type, duration, intensity. Entered manually or synced from wearables.
Voice data -- audio recordings when you use voice input. The audio is transcribed and then processed. See Section 4 for details.
Device data -- browser type, operating system, screen size, IP address. Collected automatically for security and compatibility.

We do not collect data from any source other than what you explicitly provide or what your browser sends automatically. We do not buy data from data brokers nor scrape data from other platforms.

2. Legal Basis for Processing (LGPD Art. 7 / Art. 11)

Brazilian law (LGPD) requires us to have a specific legal basis for processing each category of personal data. Health data is considered "sensitive" and requires explicit consent under Article 11. Here is the complete mapping:

Data Category	Legal Basis	Retention
Profile (name, email, date of birth)	Performance of a contract (LGPD Art. 7, V)	For as long as the account remains active
Biomarkers (lab tests, blood count)	Explicit consent (LGPD Art. 11, I)	For as long as the account remains active
Supplements and medications	Explicit consent (LGPD Art. 11, I)	For as long as the account remains active
Sleep data	Explicit consent (LGPD Art. 11, I)	For as long as the account remains active
Nutrition and diet records	Explicit consent (LGPD Art. 11, I)	For as long as the account remains active
Exercise and activity data	Explicit consent (LGPD Art. 11, I)	For as long as the account remains active
Voice recordings and transcripts	Explicit consent (LGPD Art. 11, I)	Audio deleted after transcription; transcripts retained for as long as the account remains active
Device and browser information	Legitimate interest (LGPD Art. 7, IX)	365 days
Usage analytics (anonymous)	Legitimate interest (LGPD Art. 7, IX)	365 days
Authentication data (JWT, sessions)	Performance of a contract (LGPD Art. 7, V)	Session duration + 30 days
Payment data (via Stripe)	Performance of a contract (LGPD Art. 7, V)	Per Stripe's data retention policy

3. Disclosure Regarding AI Processing

How AI processes your health data

TwinSelf uses Anthropic Claude, an AI model hosted in the United States, to generate health insights, run simulations, and power Twin chat conversations.

Before sending text data to the AI, we pseudonymize it: we remove your name, email and other direct identifiers. Exception: when you upload the image or PDF of a document (lab report, medical prescription), the file is transmitted as captured so the AI can extract the information — and it may contain visible identifiers (your name, the doctor’s name). This processing is carried out based on your specific consent, and you may choose to type the data manually instead of uploading the image.

Anthropic does not use your data to train its models. Your data is processed in real time and is not stored by Anthropic after the response is generated.

You can revoke your consent for AI processing at any time in Settings > Privacy. When you revoke consent, all AI-powered features (Twin chat, insights, simulations) are disabled immediately. Your raw health data remains in your account and is not affected.

Your health data (biomarkers, sleep, supplements, physical activity and wearable data) is processed by Artificial Intelligence (Anthropic Claude, with OpenAI and Google Gemini fallback) to generate personalized insights, predictive simulations and health optimization recommendations. For text data, direct identifiers (name, email, tax ID, phone) are removed; for uploaded document images (lab reports, prescriptions), the file is sent as captured and may contain visible identifiers. AI processing is authorized via specific consent collected during sign-up and may be revoked at any time in Settings → Privacy, without affecting processing already performed.

4. Voice Data

When you use voice input, your audio is sent to OpenAI Whisper or Deepgram for transcription. We do NOT send your name, email, user ID, or any other identifying information along with the audio. The audio is processed exclusively to convert speech to text.

The resulting text transcription is stored in your account and may be processed by the AI to generate insights. The original audio file is deleted from our servers after successful transcription.

You can disable voice features at any time. You can also delete individual transcriptions from your data history.

5. Data Sharing

We do NOT sell your data. Ever.

We do not sell, rent, trade, or share your personal data with third parties for advertising, marketing, or data brokerage purposes.

We use the following service providers (subprocessors) to operate TwinSelf. Each receives only the minimum data necessary for its function:

Vendor	Purpose	Location	Data Shared
Anthropic (Claude AI)	AI health insights, Twin chat, simulations	United States	Pseudonymized health data
OpenAI (GPT, Whisper)	Voice transcription and AI fallback	United States	Audio recordings (no user identifiers)
Google (Gemini)	AI fallback when other providers are unavailable	United States	Pseudonymized health data
Deepgram	Speech-to-text transcription (fallback)	United States	Audio recordings (no user identifiers)
Twilio	SMS/WhatsApp delivery for emergency alerts	United States	Contact phone number and notification content
Railway	Database and application hosting	United States	All platform data (encrypted at rest)
Resend	Transactional emails	United States	Email address, name
Stripe	Payment processing	United States	Payment method, billing address
Google Analytics 4	Aggregate website usage analytics (anonymized)	United States	Anonymized browsing events, masked IP
Plausible Analytics	Cookieless website usage analytics	European Union	Aggregate browsing events (no personal data)
Langfuse	AI model observability (latency, cost, quality)	European Union	AI call metadata (no user health data)

6. Your Rights (LGPD Art. 18)

Under the Brazilian General Data Protection Law, you have the following rights regarding your personal data:

Access -- Request a copy of all personal data we hold about you. Available under Settings > Export Data.
Correction -- Correct any inaccurate or incomplete data. You can edit your profile and health records directly in the app.
Deletion -- Request the permanent deletion of your data. Go to Settings > Account > Delete Account. We process deletions within 30 days.
Portability -- Export your data in a structured, machine-readable format (JSON/CSV). Available under Settings > Export Data.
Withdraw consent -- Withdraw consent for AI processing or any specific category of data at any time, without affecting the lawfulness of processing carried out beforehand.
Disable AI -- Disable all AI-powered features while keeping health tracking active. Go to Settings > Privacy.
Information -- Learn which entities we share data with (see the subprocessor table above) and the purpose of each disclosure.
Objection to processing -- Object to processing based on legitimate interest if you believe your situation warrants it.

To exercise any of these rights, use the app settings or send an email to [email protected]. We respond to all requests within 15 business days (the LGPD allows up to 15 days for simple requests, with a possible extension for complex cases upon notification).

If you believe we have not adequately addressed your request, you have the right to file a complaint with the Brazilian National Data Protection Authority (ANPD).

7. Data Retention

Health data -- Retained for as long as your account is active. Deleted within 30 days after account deletion.
Data exports -- Generated export files are automatically removed from our servers after 48 hours.
Usage analytics -- Anonymous analytics data is removed after 365 days.
Audit logs -- Access and security logs are retained for 6 years to comply with Brazilian recordkeeping requirements.
Voice recordings -- Deleted immediately after transcription. Only the text transcript is retained.
Payment records -- Retained by Stripe in accordance with its data retention policy and applicable financial regulations.

8. Security

We implement the following technical and organizational measures to protect your data:

Encryption in transit -- All connections use TLS 1.3. No unencrypted HTTP requests are accepted.
Encryption at rest -- The database and backups are encrypted with AES-256.
Row-Level Security (RLS) -- PostgreSQL RLS policies ensure that each user can access only their own data at the database level.
Access logging -- All data access is logged for audit purposes.
Authentication -- JWT tokens are stored in HttpOnly cookies, preventing JavaScript from accessing authentication tokens.
Secret detection -- Pre-commit hooks check for the accidental inclusion of secrets or credentials in source code.
Pseudonymization -- Health data in text form sent to AI providers has direct identifiers removed before transmission (except document images, which are sent as captured with consent).

9. Cookies

TwinSelf uses essential cookies and analytics cookies. Essential cookies (HttpOnly) securely store your session token and are strictly necessary for the platform to function.

For analytics, we use Google Analytics 4 (GA4) with IP anonymization (anonymize_ip) for aggregate analysis of site usage. No identifiable personal data is shared with Google. We also use Plausible Analytics, which does not use cookies and does not collect personal data. You can disable analytics cookies at any time in the cookie settings displayed in the consent banner.

10. Minors

TwinSelf is not designed, marketed, or intended for use by individuals under 18 years of age. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has provided personal data to us, please contact us at [email protected] and we will promptly delete it.

11. International Data Transfer

Your data is stored on servers in the United States (Railway) and processed by AI providers in the United States (Anthropic, OpenAI, Google Gemini, Deepgram). This constitutes an international data transfer under the LGPD.

This transfer is carried out under Art. 33, II(a) of the LGPD -- with your specific and informed consent, provided when creating your account. We are in the process of formalizing contractual clauses (Data Processing Agreements) with our subprocessors to reinforce the protection of your data at a level equivalent to the LGPD.

You can withdraw your consent for the international transfer of data at any time. Note that this will disable AI-powered features, as they require processing by our US-based AI providers.

To enable AI processing, health data is transferred to servers of Anthropic, PBC (and, when unavailable, OpenAI or Google), located in the United States. The international transfer is based on your specific and informed consent (Art. 33, II "a" of the LGPD), provided at sign-up. The Data Processing Agreements (DPA) with these providers are being formalized. The data is not used by these providers to train AI models. You may request detailed information about this transfer at any time via [email protected].

12. Data Protection Officer (DPO)

For any questions, requests, or complaints regarding your personal data, please contact our Data Protection Officer:

Email: [email protected]

TwinSelf Tecnologia Ltda.

Response time: up to 15 business days (LGPD Art. 18, paragraph 5)

13. Policy Version

This Privacy Policy was last updated in April 2026. Version 1.0.

When we make material changes to this policy, we will notify you by email and in-app notification at least 15 days before the changes take effect. You will be asked to review and accept the updated policy.

Read our Terms of Use →Back to home