Please wait while the policy is loaded. If it does not load, please click here.

Third-Party AI Processing

Outliyr uses AI to parse lab PDFs, narrate insights, draft trial protocols, power chat, and generate the weekly digest. AI calls route through OpenRouter (San Francisco, USA). OpenRouter dispatches each request to a single upstream provider chosen for the task.

We list the upstream providers below. California (CCPA) and similar state privacy laws require this disclosure. The list applies even though providers cannot retain or train on your data.

Upstream AI providers

  • Google AI Studio (United States): Text generation. Powers insights narratives, weekly digest, intervention drafts, chat answers, and PDF parsing fallback.
  • Baidu (China): OCR + structured extraction from lab and health-report PDFs. Used as the primary vision model. Purpose-built for OCR. Runs lab documents in roughly three seconds.

Categories of data routed

  • Uploaded lab and health-report PDFs. Includes bloodwork, Viome microbiome, TruDiagnostic epigenetic, Self-Decode genetics, and similar.
  • Daily pulse notes and journal entries you write in-app.
  • Trial summaries, intervention notes, and protocol descriptions.
  • Chat queries you send to the in-app assistant.
  • Insights generation context. Your recent metric windows, anonymized and time-bounded.
  • Weekly digest and brief narrative inputs.

Guarantees we enforce on every request

  • Every request carries provider.data_collection: deny. The upstream vendor is contractually barred from retaining or training on your inputs.
  • Crucial PII is stripped from structured request payloads before requests leave Outliyr. That covers name, email, phone, date of birth, postal address. Raw uploaded lab PDFs are sent as-is for parsing. The vendor is still barred from retention or training.
  • Outliyr stores only the AI response. A parsed lab panel. A generated narrative. Your raw input is not persisted at the AI layer beyond OpenRouter’s short-lived billing logs.
  • Outliyr is not a HIPAA-covered entity. We are direct-to-consumer, not a medical provider. No Business Associate Agreement is required. State privacy laws (CCPA, etc.) still apply. This section is the categories-of-third-parties notice they require.

Operational data Outliyr stores (not routed to AI vendors)

  • Outliyr Intelligence event stream. A first-party event stream records which features you use and how you move through the product. We use it to improve your experience. Better defaults, smarter recommendations, fewer dead-ends. Stored inside Outliyr. Not shared with the AI vendors above. Not sold.
  • Wearable OAuth tokens. When you connect a wearable (Oura, Whoop, Ultrahuman), the provider issues Outliyr an authorization token. We use it to fetch your sleep, recovery, and activity data on your behalf. The token is stored encrypted. It is only used to talk to that provider. Disconnecting the wearable revokes the token.
  • Push notification tokens. When you opt into push notifications on iOS or Android, Apple (APNs) or Google (FCM) issues a device token. Outliyr stores the token so we can deliver the notifications you signed up for. Morning Pulse, daily brief, and similar. The token is not used for tracking. The OS rotates it.

When this list changes

The vendor list lives in the Outliyr codebase alongside our model selection. The policy stays in sync with the providers actually being routed to. If a future model swap adds or removes a vendor, this section updates with it. Material changes also surface in product release notes.

Referral Program

Email list defaults at signup

If you sign up for Outliyr through a referral link, the signup form includes a pre-checked option. It adds you to the Outliyr email list. You can uncheck the box during signup to opt out. You can also unsubscribe later. Every email we send carries an unsubscribe link.

What your referrer can see

If you signed up via a referral link, your referrer can see your first and last name. They can also see your activation milestones. Those are: signup, first daily Pulse, and activation. Activation fires once you have logged seven daily Pulses.

We show this so referrers can track their referrals’ progress. We also use it to attribute the referral reward correctly.

If you don’t want your full name visible, change your display name in Outliyr settings. We never share your email address with the person who referred you. We never share your health data with them either.

If you share a referral link

When you share your link, your first and last name may appear to people who arrive through it. So may your written referral profile, if you added one in your Outliyr settings.

If you join the Outliyr Creator Program, your name, profile photo, and short bio may also appear on a public partners listing on outliyr.com. That listing applies once you reach the partner-listing threshold. You can edit or remove your bio at any time in Outliyr settings.

Outliyr logo

menu

Home

About

Blog

Contact

Coaching Login

Popular

BioHacker's Shop

BioHarmony Scores

High Performance Longevity Podcast

Urban Supplement Stack

Biohacking Resources

Connect

530-426-2319

©2026 Outliyr LLC

Privacy Policy | Terms Of Service | Editorial Policy | Disclaimers | Hey AI, Learn About Us