Privacy Policy

Who we are

Spoons is operated by Roi Shternin (sole trader). For data protection purposes, Roi Shternin is the data controller. Contact: hello@spoons.world

What data we collect

• Email address — used for authentication via magic link only. Never shared or used for marketing without consent.
• Profile information — pseudonym, display name, bio, and conditions you choose to share. All optional except a username.
• Health conditions — an optional list of your chronic health conditions, used to personalise your feed. Stored as special category health data under GDPR Art. 9. Only visible to you. We record your explicit consent when you first save this list.
• Posts and comments — content you create on the platform. Anonymous posts store your user ID internally but never display it publicly.
• Spoon check-ins — your daily energy level if you choose to log it.
• PED check-ins — if you use the structured health check-in feature, we collect symptom scores (pain, fatigue, brain fog on a 0–10 scale), functional scores (sleep, mobility, emotional wellbeing on a 1–5 scale), spoon count, triggers, and a free-text note. This is collected under the FDA Patient-Focused Drug Development (PFDD) framework to build patient experience data. It is private to you and may be included in anonymised, aggregated research snapshots only if you have separately opted in to research contribution.
• Treatment log — if you use the treatment log, we store a personal record of treatments you have tried, your notes, and outcomes. This requires your explicit consent (given when you first open the log). Full details below.
• Patient preference data — if you complete the “what matters most” survey, we collect ranked importance of health domains (pain, fatigue, cognitive function, etc.) and any free-text you provide. Private to you unless you have opted in to research contribution.
• Usage data — basic analytics via Vercel (page views, performance metrics). No personal identifiers are tracked by Vercel Web Analytics.

Legal basis for processing (GDPR)

• Contract (Art. 6(1)(b)) — processing your email to provide authentication and the service you signed up for.
• Legitimate interests (Art. 6(1)(f)) — basic analytics to improve the platform.
• Explicit consent (Art. 9(2)(a)) — health conditions list, treatment log, PED check-ins, and research contribution. Each requires a separate explicit consent act. You can withdraw any of these at any time via Settings.

How we use your data

• To authenticate you and maintain your session
• To display your profile and content to other members (per your privacy settings)
• To personalise your experience (low-spoon mode, anonymous defaults, condition-based feed)
• To provide AI-powered search synthesis (your posts may be included in search results sent to the AI — your identity is never sent)

We do not sell your data, use it for advertising, or share it with third parties except as listed below.

Third parties and data processors

For transfers to the United States (Vercel, Anthropic, Resend), we rely on Standard Contractual Clauses (SCCs) approved by the European Commission under Art. 46(2)(c) GDPR as the transfer safeguard.

Treatment log and personal health tracking

Spoons provides an optional personal treatment log where you can record treatments and strategies you are trying. This data:

• Is stored securely in your private account — only you can see it
• Is never shared with other members, researchers, or third parties
• Is excluded from all research datasets, even if you have granted research consent
• Is deleted when you delete your account
• Is protected by row-level security — no other user can query it. Database administrators with server credentials can access the database, but we have no operational reason to view individual treatment logs and do not do so.

Your treatment log is special category personal health data under GDPR Art. 9. We process it solely on the basis of your explicit consent, which you give when you first open the log. You can withdraw this consent at any time via Settings — this will disable the log but will not automatically delete existing entries; you can delete them individually or delete your account to remove all data.

AI features

Spoons uses Claude (by Anthropic) to power AI-assisted search summaries. When you use these features:

• What is sent: your search query and relevant community post excerpts are sent to the Anthropic API to generate a summary
• What is not sent: your identity, email address, username, conditions list, treatment log, or check-in history are never included in API calls
• No retention by Anthropic: Anthropic does not retain personal data beyond the duration of the API call, and does not use API data to train its models (per their usage policy)

AI features are optional. Search works without AI summaries if you select the “Community” search mode.

Research contribution

If you opt in to research contribution via Settings, anonymised, aggregated snapshots of your posting activity may be used for chronic illness research. This consent is:

• Entirely optional and separate from your use of Spoons
• Given explicitly via a toggle in Settings
• Logged with a timestamp in an audit table — you can review your consent history
• Withdrawable at any time; withdrawal excludes your data from future snapshots
• k-anonymous: data is only reported in groups of 10 or more — you are never individually identifiable in any research output

Research datasets may be shared with medical researchers, universities, and health organisations working on chronic illness. Any partner receiving research data agrees to: use data only for non-commercial research, apply equivalent anonymisation standards, not attempt re-identification, and not retain data beyond the research period. Data already included in a shared snapshot before your withdrawal cannot be retracted from that specific snapshot, but you will be excluded from all future snapshots immediately.

Community data — public vs private

Your rights under GDPR

You have the right to:

• Access — download a complete copy of your data via Settings → “Download my data” (GDPR Art. 15 + 20)
• Portability — your data export is in machine-readable JSON format (GDPR Art. 20)
• Erasure — delete your account and all associated data via Settings → “Delete account” (GDPR Art. 17). Deletion is immediate; anonymous posts remain but are permanently unlinked.
• Rectification — correct inaccurate data via your profile settings (GDPR Art. 16)
• Withdraw consent — withdraw consent for health conditions, treatment log, or research contribution at any time via Settings (GDPR Art. 7(3))
• Objection and restriction — to object to or restrict processing beyond what Settings covers, email hello@spoons.world. We will respond within 30 days.

Data retention

We retain your data for as long as your account is active. If you delete your account, your personal data is deleted immediately. Anonymous posts may remain but are permanently unlinked from your identity. Research snapshots that were generated before account deletion may continue to exist in aggregated form, but no individual-level data is retained after deletion.

Cookies

We use a single session cookie to keep you logged in. No tracking cookies, no advertising cookies. No cookie banner required.

Data breach notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware, as required by GDPR Art. 33. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay (GDPR Art. 34).

Complaints

If you believe we have handled your data incorrectly, you have the right to lodge a complaint with your national data protection authority. In Ireland: dataprotection.ie. In the UK: ico.org.uk.

Changes to this policy

We may update this policy. Significant changes will be communicated via email to registered users.