Privacy Policy

• Identity: name, date of birth, phone, email, and mailing address you submit on the order form.
• Order details: panel selected, draw site preference, optional notes you provide.
• Payment: payment is processed by Stripe; card details never touch our servers. We retain only the Stripe payment intent ID and charge ID for accounting and refund purposes.
• Lab results: when results return from LabCorp or Quest, they are stored securely in your patient record at PracticeQ for provider review.

• To fulfill your lab order and send you the requisition.
• To provide your results to the licensed Regener8 provider for review.
• To send transactional emails (order confirmation, results-ready notification).
• To respond to support inquiries.
• We do not sell your information to third parties. We do not use your data to train AI models. We do not display targeted advertising based on your identity.

We share information with the following service providers, only as needed to operate the service:

• Stripe — payment processing. Stripe receives your name, email, and card details; their Privacy Policy applies to data they process.
• PracticeQ (IntakeQ) — patient record system. Receives your name, contact information, and order receipt for provider review. Operates under a signed Business Associate Agreement.
• LabCorp / Quest Diagnostics / partner laboratories — receive a lab requisition with your name, date of birth, and panel order to perform the specimen draw and analysis.
• Supabase — hosts our application database. Stores order details under encryption.
• Vercel — hosts the website itself. Receives request metadata (IP, user agent) for traffic and security.
• GoHighLevel — customer relationship management, used only with non-clinical contact details (name, email, phone) for follow-up communications.

We retain order records for the period required by law and applicable state healthcare-records regulations (typically 7 years). You may request deletion of non-mandatory records by emailing us; mandatory records are retained per regulation.

You may request: (a) a copy of the personal information we hold about you; (b) correction of inaccurate information; (c) deletion of information not required by law to retain. Email dt@regener8now.com to exercise these rights.

We protect your information with industry-standard practices: TLS encryption in transit, encryption at rest in our database, restricted-access systems with audit logging, and signed Business Associate Agreements with healthcare-handling subprocessors.

Regener8 Labs does not knowingly collect information from anyone under 18. If you believe we have inadvertently collected such information, contact us so we can delete it.

We may update this policy from time to time. Material changes will be communicated via email.

Questions? Email dt@regener8now.com.