Zovera Inc. ("Zovera", "we", "us") is committed to protecting your privacy and handling your personal information responsibly, in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable Canadian laws. This Privacy Policy describes how we collect, use, disclose, and protect your information when you use our website and Services.
By using our Services, you expressly consent to the collection and use of your personal information as described in this Policy. Because we collect health-related information, we treat all personal data as sensitive and apply heightened safeguards accordingly.
Sensitive Data: Health and lifestyle information collected through our intake form is treated as sensitive personal information and is subject to heightened protection under PIPEDA.
We use your information to:
By completing our intake assessment and using our Services, you provide express, informed consent to the collection, use, and disclosure of your personal information — including health information — for the purposes described in this Policy.
You may withdraw your consent at any time by contacting us at clientsupport@zovera.ai. Withdrawal of consent may affect our ability to provide the Services to you. We will process withdrawal requests within 30 days.
We do not sell your personal data.
We may share your data with trusted third-party service providers for operational purposes, including:
All third-party providers are required to maintain appropriate confidentiality, security, and data protection obligations consistent with PIPEDA requirements. We do not authorize third parties to use your personal data for their own purposes.
We may also disclose your information if required by law, court order, or regulatory authority.
Transparency Notice: Your supplement protocol report is generated through automated AI processing of your intake data, without individual human clinical review of each output. You have the right to request human review or to ask questions about how your report was generated by contacting us at clientsupport@zovera.ai.
Zovera's AI tools are not approved as regulated medical devices or clinical decision-support systems under Health Canada or any other regulatory framework. Automated outputs are intended for informational purposes only.
We implement industry-standard technical and organizational safeguards to protect your personal information, including:
However, no system is 100% secure. We cannot guarantee absolute security of information transmitted over the internet.
We retain your personal information only as long as necessary to fulfill the purposes for which it was collected:
When personal information is no longer required, we securely destroy or anonymize it.
Under PIPEDA, you have the right to:
To submit a request, contact us at: clientsupport@zovera.ai
We will acknowledge your request and respond within 30 days, subject to any applicable legal obligations.
In the event of a breach of security safeguards involving your personal information that poses a real risk of significant harm, we will:
We use cookies, web beacons, server-side tracking, and similar technologies to operate our Services, measure performance, and deliver relevant advertising. The specific tools we use include:
Meta Pixel and Meta Conversions API. We use the Meta Pixel (operated by Meta Platforms, Inc.) and its server-side counterpart, the Meta Conversions API, to measure the effectiveness of our advertising on Facebook, Instagram, and the Meta audience network, and to deliver personalized advertising. These tools collect information such as pages viewed, button clicks, form submissions, purchases, IP address, browser user agent, and Facebook click identifiers (fbclid, fbp, fbc). We also transmit hashed (one-way SHA-256 encrypted) versions of your email address and other identifiers to Meta solely for the purpose of matching your interactions to your Meta account for advertising measurement. We do not share unhashed personal information with Meta.
You can manage your Meta ad preferences at facebook.com/adpreferences and learn more in Meta's Privacy Policy at facebook.com/privacy/policy.
Google Analytics and Google Ads. We use Google Analytics 4 to measure usage of our Services and Google Ads to deliver and measure advertising. These services may set cookies that collect your IP address, device information, and behavioural data. You can opt out at tools.google.com/dlpage/gaoptout and manage your Google ad personalization at adssettings.google.com.
Service providers. We use Cloudflare for hosting and security, Stripe for payment processing, GoHighLevel for email and CRM, and Google Tag Manager for tag deployment. These providers may process limited data on our behalf under contractual confidentiality and data protection obligations.
Marketing identifiers. We collect UTM parameters, click identifiers (fbclid, gclid), and campaign tags passed in URLs to measure the source and effectiveness of our marketing campaigns.
Your choices. Most browsers let you refuse or delete cookies via browser settings. You can also opt out via the Network Advertising Initiative or the Digital Advertising Alliance. Disabling cookies may limit your ability to use parts of the Services. We honour Global Privacy Control (GPC) signals where applicable.
Sensitive health information. Health and lifestyle information you provide in your intake assessment is never transmitted to advertising platforms. Only event-level data (page visited, button clicked, purchase completed) and hashed identifiers are shared for advertising measurement.
Our platform may contain links to third-party websites and retailers (such as supplement marketplaces or product pages). We are not responsible for the privacy practices, content, or data handling of those third-party sites. We encourage you to review the privacy policies of any external sites you visit.
Zovera is operated from Ontario, Canada. If you access the Services from outside Canada, your personal information — including health intake data — may be transferred to and processed in Canada or by third-party service providers in other jurisdictions (such as the United States), where data protection laws may differ from those in your country.
By using the Services, you consent to this transfer and processing. We take reasonable steps to ensure that third-party processors in other jurisdictions maintain privacy protections consistent with PIPEDA.
Zovera is not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected information from a person under 18, we will promptly delete that information. If you believe a minor has submitted information through our Services, please contact us at clientsupport@zovera.ai.
We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. For material changes, we will provide reasonable advance notice by email or by posting a notice on our website, with the updated effective date. Continued use of the Services after the effective date constitutes acceptance of the updated Policy.
Zovera Inc. has designated a Privacy Officer responsible for overseeing compliance with this Policy and applicable privacy legislation.
For privacy-related inquiries, access requests, or complaints:
Privacy Officer, Zovera Inc.
legal@zovera.ai
For client support requests:
If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada:
www.priv.gc.ca · 1-800-282-1376