Privacy Policy
& Data Ethics

The short version

Antiaging Labs is a health optimization coaching platform. We collect biomarker data, lifestyle questionnaire responses, and wearable device data to build and adjust your personalized health protocol. We re-test after 90 days to measure outcomes.

• You own your data. You can export or delete it at any time, for any reason, with no penalty.
• Health data is never identifiable in research. Any use of your data in aggregate analysis is anonymized and aggregated, your name, email, and contact details are never attached.
• No affiliate economics on your data. We earn from program fees. Not from monetizing what we learn about you.
• Bloodwork results belong to you. Lab reports are issued to you by the laboratory. We receive a copy with your consent. You can revoke that consent.

What we actually collect

We collect only what is necessary to build and run your protocol. Here is a complete list, no surprises.

Identity & contact

• Name and email address, to identify your account and communicate with you
• Phone number, for WhatsApp check-ins, shared with your program lead only
• City and pin code, to coordinate at-home blood draws and lab logistics
• Date of birth, required to calculate your biological age score accurately
• Biological sex, used to apply sex-appropriate reference ranges and protocol adjustments

Health & biomarker data

• Blood panel results, 40–60 markers depending on program tier, received from our lab partner with your written consent
• Biological age score, calculated from your blood panel using the PhenoAge model (Levine, 2018)
• Lifestyle questionnaire, sleep hours, stress levels, exercise history, dietary patterns, alcohol and supplement use
• Medical history (self-reported), current medications, prior diagnoses, family history of cardiovascular disease or metabolic conditions
• Wearable data, HRV, resting heart rate, sleep stages, activity data from Apple Health, Oura, Whoop, or Fitbit. Shared via export or manual entry, we do not request API-level access to your device accounts

Communication data

• WhatsApp messages, with your program lead. WhatsApp is a third-party platform subject to Meta's privacy policy. Do not send documents with your full name + bloodwork together in WhatsApp messages.
• Video call recordings, recorded only with your explicit verbal consent at the start of each call, for internal quality review only
• Email correspondence, stored on our email provider (Google Workspace)

Technical data

• Website analytics, page views, session duration, traffic source via Google Tag Manager. No health data passes through analytics tools.
• Calendar booking data, name, email, and meeting time via Calendly

What we do with your data

Our ethics commitments

Privacy law sets a floor. We've set our own ceiling. Here are commitments we hold ourselves to that go beyond legal requirements.

No data monetization, ever

Our business model is program fees. We do not have a data business, a data partnership, or a data licensing arm. If we ever change this, which we do not intend to, we will notify every client in writing, offer full data deletion before the change takes effect, and not retroactively apply any new terms to existing data.

Health data is never identifiable in any shared output

Case studies published on our website or social channels use anonymized data with explicit written consent obtained before publishing. We do not post biomarker data alongside photos, names, employers, or any detail that could make a person identifiable to their social circle. Consent is revocable, if you change your mind after publication, we remove the case study.

No insurance or employer disclosures

We will never share your health data with your employer (including as part of a corporate wellness program), with any insurance company, or with any financial institution. If we receive a formal legal request for your data, we will notify you before complying unless we are legally prohibited from doing so.

Aggregate research ethics

We use anonymized, aggregated cohort data to improve our protocols, for example, "clients with baseline fasting insulin above 12 who followed a restricted eating window saw insulin drop by X% on average." This data cannot be reverse-engineered to identify any individual. You can opt out of this aggregate analysis entirely while still completing your program, email us to request this.

AI & automated decision-making

We use AI tools to assist protocol design and data analysis. No automated system makes unreviewed decisions about your protocol. Every protocol recommendation is reviewed by a human program lead and, at the Performance and Continuum tiers, by our medical advisor before it reaches you. You have the right to request a human review of any recommendation.

Who we share data with

We share the minimum necessary data with a small number of service providers needed to operate the program. We do not sell data to any third party.

We do not use Facebook Pixel, LinkedIn Insight Tag, or any advertising tracking pixel on pages that handle health or account data.

Our laboratory partners

All bloodwork is processed through NABL-accredited laboratories, the National Accreditation Board for Testing and Calibration Laboratories, the Indian standard equivalent to CAP accreditation in the US. Results are issued directly to you by the laboratory; we receive a copy with your written consent.

How blood draw logistics work

• You schedule a fasted morning blood draw (ideally before 9am) after your intake call
• A licensed phlebotomist arrives at your home or office, you do not visit a clinic
• Samples are sealed and labelled at collection and go directly to the lab's cold chain
• You receive results via the lab's secure patient portal within 5–7 working days
• You share results with your Antiaging Labs program lead by forwarding the lab report, this is your choice, not automatic
• Currently available in Hyderabad. Bangalore and Pune expansion: Q3 2026

How long we keep your data

What you can ask us to do

Under the Digital Personal Data Protection Act 2023 (India) and our own commitments, you have the following rights. All requests are honored within 15 working days.

• Access, Request a complete export of all personal data we hold about you, in a machine-readable format (JSON or CSV).
• Correction, Request correction of any inaccurate personal data.
• Deletion, Request deletion of all personal data. We will delete within 15 days and confirm in writing. Anonymized aggregated data cannot be deleted as it is not identifiable.
• Withdrawal of consent, Withdraw consent for any specific data use at any time. Withdrawal does not affect the legality of processing before withdrawal.
• Opt out of aggregate research, Request exclusion from anonymized cohort analysis while continuing your program.
• Grievance redressal, Raise a complaint about how we have handled your data. We will respond within 10 working days and escalate to the Data Protection Board if unresolved.

How we protect your data

• Access control, Only your program lead and, where required, our medical advisor can access your health data. No one else at Antiaging Labs has access.
• No public cloud storage of health documents, We do not upload bloodwork PDFs to shared drives, public cloud folders, or any tool without access controls.
• Encryption in transit, All web traffic is encrypted via TLS 1.3. Email uses TLS where supported by recipient servers.
• No third-party health data tools, We do not pipe your health data through SaaS analytics platforms, CRMs with undefined data policies, or AI tools with training-data retention.
• Incident notification, If we ever experience a data breach affecting your personal health data, we will notify you within 72 hours of becoming aware of it.