Privacy policy

The controller of your personal data is the entity operating the RealHealers platform (see Impressum for company details). Send privacy enquiries to info@realhealers.com.

We have not formally appointed a Data Protection Officer (DPO). GDPR requires one only when systematically processing special-category data at scale, which our current operations don't yet reach; we monitor the threshold.

Account data: email, password (hashed via Supabase), full name, country, language, role (client / healer), optionally tax ID.

Healer data (when applicable): bio, service categories, base city, languages, profile photo, website / YouTube links, phone, in-person address.

Booking data: scheduled time, service, price, session type (online / in-person), optionally reason for visit (treated as Article 9 sensitive health data).

Payment data: we do NOT process card numbers. Card details go directly to Stripe; we keep only the transaction (PaymentIntent) ID and amount.

Technical data: IP address (hashed for rate-limiting), user-agent, Supabase session cookie (httpOnly).

Contact form submissions and AI Concierge dialogue (forwarded to Anthropic — see section 5).

Providing the platform service (registration, profile, booking, payment) — Art. 6(1)(b) GDPR (contract).

Invoicing and bookkeeping — Art. 6(1)(c) GDPR (legal obligation — PL Accounting Act art. 74, KSeF from Feb 2026).

Platform security, fraud prevention — Art. 6(1)(f) GDPR (legitimate interest).

Marketing of our own services to registered users — Art. 6(1)(f); consent for non-customers — Art. 6(1)(a).

Reason for visit (health category) — Art. 9(2)(a) GDPR (explicit consent); the field is optional.

Supabase (Frankfurt, EU) — database, auth, storage. Standard DPA.

Vercel (Frankfurt + global edge) — application hosting.

Stripe (Ireland + USA, SCC) — payment processing and Stripe Connect Express payouts.

Resend (USA, SCC) — transactional email (confirmations, reminders).

Cloudflare (Frankfurt + global) — CDN, DDoS protection, Email Routing for @realhealers.com.

Anthropic (USA, SCC) — AI model (Claude) powering Concierge. We send only your prompts (no other users' data). Anthropic does not train models on API customer data; API data is automatically deleted after 7 days (since 14 Sep 2025). The DPA is auto-accepted with the Commercial Terms — no separate signing required.

Mapbox (USA, SCC) — map tiles on the practitioners search page. Mapbox receives your IP and browser headers when tiles load.

PostHog (EU region, eu.posthog.com) — product analytics, loaded only after consent in the cookie banner.

Sentry (EU region) — application error monitoring, loaded only after consent in the cookie banner.

All processors are bound by DPAs. US transfers rely on Standard Contractual Clauses (SCC) per EU Decision 2021/914.

Account data: until you delete the account.

Paid bookings: 5 years from end of fiscal year (PL Accounting Act art. 74). Anonymized after that.

Technical logs: up to 90 days.

AI Concierge transcripts: 30 days for debugging / guardrail tuning, then deleted.

On erasure request (Art. 17) data is anonymized immediately — booking ledger entries stay in anonymized form for tax retention.

Right of access (Art. 15) — email info@realhealers.com, response within 30 days.

Right to rectification (Art. 16) — most fields editable in /dashboard.

Right to erasure (Art. 17) — button in account or POST /api/account/delete.

Right to restrict processing (Art. 18) — email info@realhealers.com.

Right to data portability (Art. 20) — GET /api/data/export returns a complete JSON.

Right to object to direct marketing (Art. 21) — unsubscribe link in every marketing email.

Right to lodge a complaint with the supervisory authority — the operator (HealersTeam Witkowski) is established in Switzerland, so the lead authority is the Federal Data Protection and Information Commissioner (EDÖB / FDPIC, edoeb.admin.ch). EU residents may also file with their national authority — PL: UODO, DE: BfDI, AT: DSB.

Strictly necessary cookies (Supabase session, locale preference, cookie banner state) — Art. 6(1)(f).

Analytics and marketing cookies (PostHog, Sentry session replay) — load ONLY after explicit consent in the banner. Withdraw any time via the footer's "Cookie settings".

Some processors (Stripe, Resend, Anthropic) operate US infrastructure. Transfers rely on Standard Contractual Clauses (SCC) per EU Decision 2021/914 plus supplementary measures (encryption at rest, SOC-2 audits).

Stripe Ireland Ltd. is the EU controller; intra-group DPAs regulate transfers to Stripe USA Inc.

Data at rest encrypted (Postgres TDE in Supabase). Transport via HTTPS only (TLS 1.2+).

Passwords hashed with bcrypt by Supabase Auth — we never see plaintext passwords.

Row Level Security (RLS) on all public tables — healers see only their bookings, clients only theirs.

Security disclosures: security@realhealers.com.

The platform is not directed at people under 16. We do not knowingly create accounts for minors. If a parent / guardian discovers such an account, contact us — we'll delete it immediately.

We notify registered users by email at least 14 days before any material change. The current version is always at this URL with the "Last updated" date in the header.