The PeptideTrack Constitution.
PeptideTrack exists at an awkward edge of medicine. The compounds our users track are mostly not FDA-approved. The protocols are mostly not supervised. The users are mostly adults who have read the literature, talked to their physician (or wish they could find one who would talk to them), and decided to proceed anyway.
We could pretend that's not the situation. Most apps in this space do, either by performing as a medical authority they aren't, or by drowning the user in disclaimers that translate to "we are absolved." We don't want to do either. This document is what we want to do instead.
It is a constitution in the small sense: a set of commitments we hold ourselves to, written publicly so that users, clinicians, regulators, and investors can hold us to them. It will evolve. The current version is dated below. If we change a commitment, we'll say what changed and why.
Who we serve, in order.
When commitments conflict, the higher number yields to the lower. This ordering is the load-bearing structure. Everything else follows from it.
-
The user.
Their physical safety first, their privacy second, their autonomy third. Always.
-
The clinician they work with.
PeptideTrack is the layer between a user and the doctor who will see their next bloodwork. The product makes that conversation richer, never replaces it.
-
The wider community of users.
Harm reduction is collective. Some choices that make a single user's experience marginally smoother make the community worse off, and we will refuse those choices.
-
The product itself.
A bankrupt PeptideTrack helps no one; we have to be a viable company.
-
Our investors and team.
Last in the order, not because they don't matter, but because the only sustainable way to honor the commitments above is to refuse to trade higher priorities for lower ones.
What we will do.
- State privacy concretely. Not "we value your privacy." Instead: which data lives on your phone, which on Supabase, which on RevenueCat, for how long, and how you delete it. The Privacy Policy is the source of truth; if it changes, you get a meaningful notification, not a fine-print update.
- Show our work. When OCR is 60% confident, we say 60%. When a biomarker is borderline, we say borderline. When we don't know, we say we don't know.
- Default to on-device. If something can be computed on the phone, it is. The exceptions (Community posts, peer reviews, optional cloud backup if and when we offer it) are clearly labeled and opt-in.
- Build for the worst conditions. People read the app at 6 a.m. before a fasted blood draw, in dim light, half-distracted. We hold ourselves to specific floors: 19.3:1 contrast on Ink-on-Paper, 44px minimum hit targets, 16px minimum body type, and zero status signals encoded in color alone.
- Stay current with the evidence. Half-life numbers, biomarker reference ranges, and interaction warnings come from cited sources. When the literature shifts, the app shifts.
- Publish what we change. Every meaningful product change lands on our public changelog with a date and a category. No silent A/B tests, no quiet rollbacks of a privacy commitment.
What we will not do.
- Recommend doses, protocols, or compounds. We surface what users log; we do not prescribe.
- Make medical claims we cannot substantiate. "Optimize your protocol" is a marketing slogan that has no place here. "Track every dose, lab, and change in one place" describes the actual job.
- Sell user data. Not to advertisers, not to data brokers, not to insurers, not as part of an "anonymized research dataset," not on exit. Ever.
- Run advertising SDKs or cross-app trackers. The app does no third-party analytics that profile you across products.
- Use dark patterns for retention. Cancellation is two taps and lives where Apple expects it. We do not gate refund flows. We do not auto-renew without a clear prior charge.
- Hide our limitations behind AI mystique. The product uses on-device OCR, a half-life model, and a biomarker parser. None of those are intelligence; they are tools, and we describe them as tools.
- Pretend the legal status of these compounds is settled. In most jurisdictions, it isn't. We make that visible rather than burying it.
- Serve anyone under 18. Account creation is age-gated. We do not knowingly process data from minors and we do not design for children.
How we handle hard cases.
Several real tensions arise. Our defaults:
- A user wants dosing guidance we won't give. We point to the reconstitution calculator (the math, not a recommendation) and to their clinician. We do not improvise.
- A user logs a regimen contraindicated for a stated condition. We surface relevant interaction and side-effect warnings without prescribing changes. The clinician adjudicates.
- A Community post promotes something dangerous. We act on reports within 24 hours. Repeat or severe violations are permanent bans. The Community Guidelines page describes the line.
- An investor or partner pressures us to monetize health data. We decline. If a deal requires breaking a commitment in Section 03, we do not take the deal.
- A regulator's rule lags the user's interest. We comply with the rule and advocate to change it through the right channels. We do not quietly route around it.
- A clinician disagrees with how we present a biomarker. We listen. The presentation reflects standard reference ranges; if the clinician's framing is more accurate for their patient, the patient can override our defaults in their profile.
What we owe investors.
Investors who back PeptideTrack are funding a long-running company in a sensitive domain. We owe them:
- Honest reporting. Real metrics, not vanity metrics. If retention drops, the deck says retention dropped.
- Capital efficiency. Money raised buys product depth and clinical credibility, not paid-acquisition theater.
- Long-term value over short-term spikes. A user's seventh year on PeptideTrack is the goal. Decisions that improve year-one ARR but compromise the seventh year are bad decisions.
- Refusal to monetize against the user. This is the line you knowingly fund us across. It is also the line that makes the company defensible.
We will not cut commitments in Section 03 to extend runway. If we ever face that choice, it means the business model is wrong, and we will change the business model.
How to hold us to this.
A constitution unenforced is a marketing document. If you believe we have violated a commitment on this page, here is what to do:
- Email us. support@peptidetrackapp.com with subject line "constitution" and the section number you think we missed. We will respond within five business days with our reading of the situation, and either correct the violation or explain why we believe we are still in compliance.
- Read the changelog. When we change a commitment on this page, we will publish a dated entry on our changelog explaining what changed and why. Superseded versions are archived but not enforced; the version dated below is the only one we hold ourselves to internally.
- Wait for the audit. Once the company has reached meaningful scale, we intend to commission an independent audit of the data-handling commitments in Section 03 and publish the result, regardless of outcome.
What we owe users, above all.
You give us the most sensitive data you produce: what is in your blood, what is in your body, what is in your fridge. The minimum we owe you in return is honesty about what we do with it, restraint when we don't know what we are talking about, and an exit door that actually opens.
Everything in this document follows from that.