Privacy Policy

Overview

Bigger Than Pain is a personalised recovery platform for people living with persistent pain. To deliver that experience, we collect and process health-related information about you.

Here is the short version:

• Your data is encrypted on your device and in transit between your device and our servers.
• Our servers process your data in readable form to deliver the service — including AI-guided support, personalised movement plans, and recovery tracking.
• We never sell your data, share it with advertisers, or use it for any purpose other than your care.
• You can export or delete all of your data at any time.

The rest of this document explains the details.

Who we are

Bigger Than Pain is operated by BiggerThanPain Limited, based in Ireland. For the purposes of EU data protection law (GDPR), we are the data controller.

If you are also a patient at David McGettigan Clinic (Dublin or Monaghan) and your BTP account is linked to your clinic record, the same data controller operates both systems. The clinic and BTP are first-party related services under the same controller — your data is not shared with any third party as part of that link.

If you have questions about how your data is handled, you can reach us at support@biggerthanpain.com.

What we collect

We collect different types of information depending on how you use the platform:

Account information

Your email address, a hashed version of your password (we never store your actual password), and basic profile data. This is needed to create and secure your account.

Onboarding assessment

When you first use Bigger Than Pain, you complete a structured assessment covering your pain history, affected body areas, sleep, stress, movement tolerance, and recovery goals. This generates your personalised Clarity Report and shapes every part of the system.

Chat conversations

Messages you exchange with Biggie, your AI guide. These conversations are stored so that Biggie can learn your context over time and provide more relevant guidance. Conversations include your messages, Biggie's responses, and analytical metadata used to improve the quality of support.

Pain tracking

Pain levels, body locations, triggers, activities, mood, sleep quality, stress levels, weather conditions, and any notes you add. This data powers your pattern insights and feeds into your recovery direction.

Movement and exercise data

Your movement plans, session completions, confidence and tolerance ratings, pain before and after exercise, and progression history. This shapes how your movement plan adapts over time.

Flare-up records

When you log a flare, we store its intensity, duration, triggers, body area, and any regulation or management actions you took. This helps the system adapt during difficult periods.

Recovery tracking

The Functional Recovery Engine computes weekly snapshots of your recovery direction across multiple domains. These snapshots are stored to show you how your recovery is progressing over time.

Video and learning activity

Which educational videos you watch, how far you get, any notes you take, and your progress through learning pathways. This helps the system recommend relevant content.

Payment information

If you subscribe, payment processing is handled entirely by Stripe. We never see or store your card details. We store your Stripe customer ID and subscription status to manage your access.

Wearable data (optional)

If you connect a wearable device (Apple Health, Fitbit, Garmin, Google Fit, Oura, or WHOOP), we receive sleep, activity, heart rate, and recovery metrics from that platform. This connection is entirely optional and can be revoked at any time.

Usage analytics (with your consent)

If you consent, we collect basic usage events — which features you use, page views, and session data. This helps us understand how the platform is being used and where to improve it. No analytics data is collected without your explicit consent, and no data is sent to third-party analytics services.

How we use your data

Everything we collect serves one purpose: to deliver and improve your personalised recovery experience. Specifically:

• Personalisation — Your onboarding data, tracking history, and conversation context are used to tailor Biggie's guidance, your movement plan, and your learning pathway.
• Pattern recognition — Pain tracking and flare data are analysed to surface patterns in your triggers, activities, and recovery trends.
• Recovery tracking — Weekly snapshots measure your progress across body confidence, nervous system regulation, and functional capacity.
• Safety monitoring — The system flags clinical concerns (such as signs of distress or crisis) to ensure support remains safe and responsible.
• Service delivery — Account management, notifications, email communications, and subscription management.

Legal basis (GDPR): We process your health data on the basis of your explicit consent, which you provide when you create an account and complete onboarding (Article 9(2)(a) explicit consent). We process account and payment data on the basis of contractual necessity (Article 6(1)(b) — delivering the service you subscribed to). We process clinical safety monitoring (such as crisis-language detection and clinical flag escalation) on the basis of legitimate interest (Article 6(1)(f)), balanced against your interests as a data subject. The legitimate interest is keeping you safe and ensuring the service responds appropriately to clinical concerns. Where you are also a clinic client and you have linked your BTP account to your clinic record (see the section below), the cross-system data sharing operates under your separate explicit consent (Article 9(2)(a)) captured at the point of linkage. Our Legitimate Interest Assessment is documented in our Information Governance Framework, available on request.

AI and your data

Biggie, your AI guide, is powered by Anthropic's Claude language model. When you chat with Biggie, your messages and relevant context (such as your onboarding summary, recent tracking data, and conversation history) are sent to Anthropic's API for processing.

This means:

• Anthropic receives your messages in readable form in order to generate responses.
• Anthropic does not use API inputs to train their models. This is contractually committed in their commercial API terms.
• Anthropic may retain API inputs for up to 30 days for trust and safety purposes (abuse detection), after which they are deleted.
• No other AI provider receives your data. Biggie is the only AI-powered feature that processes your personal information.

We also use OpenAI's embedding model to power semantic search of educational content (the Vault). This processes course and video content only — your personal data, messages, and health records are never sent to OpenAI.

Third-party services

We use a small number of third-party services to operate the platform. Here is exactly who they are and what data they receive:

We do not use any third-party advertising or tracking services. We do not embed social media pixels or tracking scripts. There is no Google Analytics, Facebook Pixel, or similar technology on this platform. A full technical Record of Processing Activities is maintained internally and is available on request to regulators or users exercising their data rights.

Encryption and security

We take the security of your data seriously, particularly given the sensitive nature of health information. Here is exactly what we do:

• Encrypted in transit — All data between your device and our servers is encrypted via HTTPS/TLS.
• Encrypted on your device — Sensitive data cached on your device (such as chat history and tracking data) is encrypted using AES-256-GCM before being stored in your browser. The encryption keys never leave your device.
• Passwords — Your password is hashed using bcrypt before storage. We never store or have access to your actual password.
• Authentication — Sessions are managed via short-lived JWT tokens with HTTP-only refresh cookies.

What this means in practice: Your data is protected against interception in transit and against unauthorised access on your device. On our servers, your data is stored in a form that allows us to process it and deliver the service. We do not claim end-to-end encryption — the server needs to read your data to power features like Biggie, pattern analysis, and recovery tracking.

Clinical quality monitoring

To ensure the Platform operates safely and responsibly, the founder and clinical team may review system-generated summaries of AI interactions and inferred recovery patterns. This review is for quality assurance, safety monitoring, and clinical improvement purposes only.

This access is logged and controlled. No data reviewed in this way is shared with any third party. The purpose is to ensure that the AI guide (Biggie) is responding safely and appropriately, and that system-inferred patterns (such as recovery phase assignments) are functioning as intended.

If you are also a clinic client

Some users of Bigger Than Pain are also patients at David McGettigan Clinic (Dublin or Monaghan). If you are, your BTP account may be linked to your clinic patient record to enable integrated care. This section explains what that means.

What linkage is

Linkage is a cross-reference between two separate systems — BTP and the clinic's patient-records system. It is not data merging. Each system keeps its own data. The link simply allows your clinician (David) to view BTP-derived signals alongside your clinical record when preparing for your appointments.

How linkage happens

If you sign up via a private link shared by David from the clinic (for example, in a follow-up email after your first appointment), our signup process checks whether your email matches a clinic patient record. If it does, you're asked to confirm a 6-digit verification code sent to that email. This proves you own the clinic-registered email and links your accounts. Linkage is never automatic and never set by us without you completing the signup and verification step.

You can use BTP without being linked to your clinic record even if you are a clinic patient — simply sign up via our public signup page instead.

What data flows once you are linked

Once linked, an automated daily process (running at 07:00 in our internal system) assembles a clinician briefing that includes aggregated signals from your BTP account. The signals are:

• Your recovery direction (the BTP four-domain summary)
• Recent flare events (last seven days)
• Your top three triggers and top three helpers from pattern tracking
• Your conversation mood trend
• Orchestration signals the system surfaces about your trajectory

The briefing does not include raw conversation text with Biggie, your full pain-tracking history, or any data not summarised in the bullets above.

Who can access it

The briefing is sent only to David — your clinician — by email. No third party sees this briefing. The two systems (BTP and clinic) communicate over a private internal channel with shared-secret authentication; the cross-system flow operates within first-party clinic infrastructure.

Future use

We may, in future, expand this integration to write between-session summaries derived from BTP signals into your clinical record as treatment notes. We will update this policy and notify you before any such change goes live.

Your control

You can decline to link your BTP account at the time linkage is offered. You can ask us to unlink an existing link at any time by emailing support@biggerthanpain.com. Unlinking removes the cross-reference between systems but does not delete data on either side — see Your rights for what deletion does in each system.

Data retention

We retain your data for as long as you have an active account. Different types of data have different handling:

• Chat conversations — Conversations older than 60 days or exceeding 200 messages are automatically trimmed. The system keeps your most recent 50 messages and generates a summary of earlier exchanges. This prevents unbounded data growth while preserving context.
• Anthropic-side retention — Chat content also flows to Anthropic for AI processing as described in the AI and your data section. Anthropic's separate retention of API inputs (up to 30 days) operates independently of our retention of conversation data.
• Pain tracking, movement, and recovery data — Retained for the life of your account. This history is essential for tracking your recovery progress over time.
• Login codes and password reset tokens — Expire within minutes and are cleaned up automatically.
• Payment data — Stripe retains payment records per their own retention policy (typically three years for compliance purposes). We store only your customer ID and subscription status.

When you close your account, you can choose to suspend it for 90 days (keeping all your data safe in case you return) or permanently delete everything immediately. If you choose suspension, your data is automatically and permanently deleted after 90 days if you do not reactivate. We will email you a reminder 10 days before permanent deletion. See Your rights for details.

Your rights

Under GDPR and Irish data protection law, you have the following rights:

• Access — You can export a complete copy of your data at any time from your account settings. The export includes your profile, conversations, pain tracking, movement history, assessments, recovery snapshots, video activity, and more.
• Correction — You can update your profile information directly in the app. For corrections to other data, contact us.
• Deletion — You can permanently delete your account and all associated data from your account settings. This process requires email verification for security. When confirmed, your Stripe subscription is cancelled, your Stripe customer record is deleted, and all BTP data across our database is permanently removed via cascading deletion.

  If you are also a clinic client: deleting your BTP account removes your BTP data only. Any clinical notes or summaries already in your patient record at David McGettigan Clinic are separately retained for at least 7 years from your last clinical session.

  Legal basis for that retention: GDPR Article 17(3)(e) permits retention where processing is necessary for the establishment, exercise, or defence of legal claims, and Article 6(1)(f) recognises the clinic's legitimate interest in defending against potential professional-liability claims. The 7-year period is anchored in the 6-year limitation period for breach of contract claims under the Irish Statute of Limitations Act 1957 (as amended), with a one-year operational buffer.

  What happens to the link between systems when you delete BTP: the cross-reference pointer (the link itself) is nulled on the clinic side as part of the deletion event. The clinical record fields (your name, contact details, clinical notes, appointment history, etc.) are not touched.

  To request changes to your clinical record itself, contact the clinic directly at david@davidmcgettiganclinic.com.

• Data portability — Your data export is provided in JSON format, which can be used to transfer your data to another service.
• Withdraw consent — You can withdraw consent for optional data processing (such as analytics or marketing communications) at any time through your account settings. Because the service cannot function without processing your health data, withdrawing consent for core health data processing is equivalent to closing your account, which triggers our deletion process. You retain the right to do this at any time.
• Lodge a complaint — You have the right to lodge a complaint with the Irish Data Protection Commission at www.dataprotection.ie.

To exercise any of these rights, email support@biggerthanpain.com or use the tools in your account settings.

Cookies and local storage

Bigger Than Pain is a progressive web app (PWA). We use a small number of browser storage mechanisms to operate:

• HTTP-only cookies — Used for secure session management (refresh tokens). These cannot be read by JavaScript and are essential for keeping you logged in.
• Local storage — Used for UI preferences (dark mode, panel states) and non-sensitive identifiers (such as your active conversation ID). No health data is stored in local storage.
• IndexedDB — Used for encrypted client-side data caching. Sensitive data (chat messages, tracking data) is encrypted with AES-256-GCM before being written here. The encryption keys are non-extractable and never leave your device.

We do not use tracking cookies, advertising cookies, or any third-party cookies.

Children

Bigger Than Pain is not designed for or directed at anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Changes to this policy

If we make material changes to this policy, we will notify you via email or an in-app notification before the changes take effect. We will not reduce your rights under this policy without your explicit consent.

Contact

If you have any questions about this policy or how your data is handled:

• Email: support@biggerthanpain.com
• Data Protection Commission Ireland: www.dataprotection.ie