Last updated: 21 June 2026 — added diagnostic data collection, disclosed Apple and RevenueCat as payment/subscription processors for iOS purchases, and updated the Apple Health / Google Health Connect data we read to the complete list: body fat percentage, cardio fitness (VO2 max), heart rate, heart rate variability, height, sleep, waist circumference (iOS only), weight, and workouts
100 Great Years Ltd ("we," "our," or "us") operates the 100 Great Years health and wealth platform, including the app at app.100greatyears.com and the marketing site at www.100greatyears.com. This Privacy Policy explains how we collect, use, and protect your personal information across both.
We take your privacy seriously and are committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018.
If you submit a message via the "Contact Us" form on the marketing site, we collect:
This information is forwarded to us by email via Resend and used solely to respond to your message. It is not added to any marketing list without your explicit consent.
If you submit a Teams enquiry via the "Talk to us" form on the marketing site, we collect:
This information is sent to us by email via Resend and used solely to respond to your enquiry. It is not added to any marketing list without your explicit consent.
We use your information to:
We do not sell your personal data to third parties. We do not use your data for advertising purposes.
Assessment responses are stored in your browser's local storage only — they are not sent to our servers. They remain there until you create an account (at which point they are migrated to Supabase) or until you clear your browser's local storage.
When you create an account, your data is stored securely using:
When you log a mood check-in, your rating (1–5) is seen by the AI coach as a weekly average to inform its suggestions. Any personal notes you add are not shared with the AI coach by default. You can choose to share them by enabling the "Share mood notes with my AI Coach" toggle in the Mental Health tracker's Privacy Settings section. You can turn this off again at any time and your notes will immediately be excluded from future coach conversations.
If you connect Apple Health or Google Health Connect in our iOS or Android app, the body fat percentage, cardio fitness (VO2 max), heart rate, heart rate variability, height, sleep, waist circumference (iOS only), weight, and workouts data we read is stored in the same secure Supabase database as your other tracker data, with the same encryption and access controls described above. We do not write data back to Apple Health or Google Health Connect.
This data is used solely to provide and improve the 100 Great Years service for you. We do not sell it, and we do not use it for advertising, marketing, or any purpose unrelated to your health and wealth tracking. You can disconnect at any time via Profile → Devices & Apps → Health Connections in the app, or by revoking permission in the iOS Health app or Android Health Connect settings.
We use the following third-party services to operate 100 Great Years:
Location: United States
Purpose: Host and serve both the app and marketing website
Data: IP addresses and request logs for security and performance
Analytics: Vercel Analytics runs on both the app (app.100greatyears.com) and the marketing site (www.100greatyears.com). It captures cookieless, anonymous pageview statistics (page path, referrer, country). No personal identification, no cookies set, no device storage used on either surface.
Privacy Policy →Location: United States
Purpose: Account authentication
Data: Name, email address, unique identifier. US-based; Standard Contractual Clauses in place.
Privacy Policy →Location: United States
Purpose: Account authentication, and — for iOS app users — processing subscription and report purchases made through the App Store
Data: For Sign in with Apple: name, email address (or relay address), unique identifier. For App Store purchases: your purchase and subscription status; Apple handles your payment card details directly and we never see or store them. US-based; Standard Contractual Clauses in place.
Privacy Policy →Location: United States
Purpose: Manage and sync App Store subscription and purchase entitlements for iOS app users, keeping your subscription status consistent between Apple and our servers
Data: A unique account identifier and your subscription/purchase status. RevenueCat does not process payments or handle card details — that is done directly by Apple.
Privacy Policy →Location: United States
Purpose: Power the AI coach for account holders. Assessment scores are calculated by a scoring algorithm in your browser — Anthropic is only called when you actively use the AI coach after creating an account.
Data: Your assessment responses and tracker data (processed to generate coach replies)
Important: Anthropic processes inputs only to generate coach replies. Under Anthropic's commercial API terms your data is not used to train AI models, and inputs/outputs are retained only briefly for operational and abuse-screening purposes.
Privacy Policy →Location: European Union
Purpose: Store user accounts, assessment history, and tracker data
Privacy Policy →Location: European Union (EU Cloud)
Purpose: Product analytics for the app — understanding which features are used, how people navigate the platform, and where drop-off occurs in the sign-up funnel. Used solely to improve the product.
Data: Authenticated users are identified by account ID only (never by email or name). Events capture non-sensitive metadata only — for example, which tracker was opened or whether an assessment question was answered. Health values, financial figures, mood notes, AI coach message content, and exact scores are never sent.
Storage: Cookieless — PostHog stores a session identifier in your browser's local storage only. No cookies are set. No cross-site tracking.
Session recording: Disabled. No screen or session recordings are made. App only — PostHog is not present on the marketing site.
Privacy Policy →Location: United States (PCI DSS compliant)
Purpose: Process subscription payments and manage billing
Data: Billing contact and payment status. Card details are handled directly by Stripe; we never see or store full card numbers.
Privacy Policy →Location: United States
Purpose: Send operational and account emails (sign-in, payment receipts, service notices) and route contact form submissions (both general enquiries and Teams enquiries) from www.100greatyears.com to our inbox.
Data: Email address, name, and message content submitted via contact forms. Transactional email data (recipient address, send timestamps) for account emails.
Privacy Policy →Your data may be transferred to and processed in the United States (Anthropic for AI processing, Vercel for hosting, Stripe and Apple for payments, RevenueCat for iOS subscription management, Resend for email, and Google and/or Apple if you choose to sign in with one of those providers). We ensure appropriate safeguards are in place:
Assessment data is stored only in your browser's local storage and is not held on our servers. It is cleared when you create an account (at which point it is migrated to Supabase) or when you clear your browser's local storage. Anonymous analytics data (if collected) is retained for up to 24 months.
Your data is stored as long as your account remains active. If you delete your account, your data will be permanently deleted within 30 days, except where we are required to retain it for legal or regulatory purposes.
Submissions from both the general contact form and the Teams enquiry form are forwarded by email and retained in our email inbox for as long as necessary to respond and for our legitimate business records. Contact us at privacy@100greatyears.com to request deletion.
Under UK data protection law, you have the following rights:
Request a copy of the personal data we hold about you.
Correct inaccurate or incomplete personal data.
Request deletion of your personal data in certain circumstances.
Receive your data in a structured, machine-readable format.
Object to processing of your personal data for certain purposes.
Request limitation on how we use your data.
Withdraw consent for processing where we rely on consent as our legal basis.
To exercise any of these rights, contact us at: privacy@100greatyears.com
We set no cookies — not for authentication, analytics, or advertising. All device storage we use is browser local storage, which stays on your device and is under your control.
Vercel Analytics is cookieless and anonymous on both the app and the marketing site — it sets no cookies and uses no device storage. PostHog, our product analytics tool, uses browser local storage (not cookies) as described above; it is present on the app only and is not used for advertising.
No consent banner is required — we set no cookies at all, and our first-party analytics local storage is disclosed here and used solely for product improvement.
Our service is intended for adults aged 18 and over. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@100greatyears.com.
We implement appropriate technical and organisational measures to protect your personal data:
No system is completely secure. We cannot guarantee absolute security of your data.
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
If you have concerns about how we handle your personal data, please contact us first at privacy@100greatyears.com. We will investigate and respond within 30 days.
You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
ICO Website: ico.org.uk
Helpline: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Email: privacy@100greatyears.com
Data Controller: 100 Great Years Ltd
Registered in: England and Wales
This Privacy Policy was last reviewed on 21 June 2026. By using 100 Great Years, you acknowledge that you have read and understood this Privacy Policy.