✦ Clinical Concierge TDG Programme Blog Book a Call

Data Practices · Privacy · Beta Phase

How the Concierge handles your information

Plain language. No jargon. What goes where, what's stored, what isn't, and how to use the tool safely while it's in beta.

Beta Phase Notice

Both concierge tools are currently in beta — available to a small number of clients and visitors for testing and feedback. The core functionality is working but authentication (secure login) is not yet implemented. The practices on this page reflect that and will be updated as the system develops. If something feels uncertain, email hello@detective-health.com.

There are two separate concierges

They work differently and have different data practices. It's worth understanding which one you're using.

Public
DH Clinical Concierge
detective-health.com/concierge

For anyone exploring their symptoms or the Detective Health approach. No account needed. Nothing is stored between sessions. Each conversation starts completely fresh.
Clients Only
Client Concierge
detective-health.com/client-concierge

For existing clients between sessions. Conversation history is stored anonymously so the tool remembers what you've discussed. Linked to your device, not your name.

What happens to your messages

When you type a message into the public concierge, it travels via an encrypted connection through a Cloudflare Worker (a secure intermediary server) to Anthropic's API — the same technology that powers Claude. The response comes back the same way.

Nothing is stored. When you close the browser, the conversation is gone. There is no database, no log, no record. The next person to open the concierge starts completely fresh, as will you if you return tomorrow.

Anthropic processes the messages to generate responses but does not use API conversations for AI training under their standard API data handling terms. Your messages are not used to train any AI model.

Stored anonymously — not by name

The client concierge stores your conversation history so it can remember what you've discussed across multiple visits. This is stored in a secure EU-based database (Frankfurt, Germany) operated by Supabase — a reputable infrastructure provider used by thousands of applications.

Your conversation is linked to a random session token stored in your browser — not to your name, email address, or any identifying information. Stephen cannot look up "what did client X say" without knowing their session token, which exists only in their browser.

If you clear your browser history, use a different browser, or switch devices, your conversation history becomes inaccessible — effectively deleted from a practical standpoint.

No password is required at present. Proper authenticated login is on the development roadmap and will be implemented before the tool moves out of beta for wider use.

What to share and what to hold back

Both concierges are most useful when you're specific about symptoms, history, and what you've tried. Here's how to get the most from them while staying sensible about personal data.

Fine to share
Your first name
Symptoms in detail
Test results (marker names and values)
Health history and timeline
Supplements and protocols
Questions about mechanisms
How you're responding to treatment
Better left out
Full name + date of birth together
NHS or insurance numbers
Home address
Payment information
Passwords or account details
Other people's health information
Anything you wouldn't say in a waiting room

Think of the concierge like a knowledgeable clinical conversation — useful precisely because you can be specific and honest about what's happening. Treat it the way you'd treat a conversation in a consulting room, not a secure medical record system.

What's under the bonnet

For those who want to know exactly what infrastructure is involved:

Infrastructure
AI model
Anthropic Claude (claude-sonnet-4-6) via API. Anthropic do not train on API data by default.
API proxy
Cloudflare Workers — edge computing, encrypted in transit, no data logged at this layer.
Conversation storage
Supabase (PostgreSQL) — EU servers, Frankfurt, Germany. Client concierge only. Public concierge stores nothing.
Session identification
Random UUID generated in your browser. Not linked to your identity. Stored in browser localStorage.
Website hosting
Netlify — UK/EU data handling. Intake forms submitted via Netlify Forms to Stephen's account only.
Encryption
All connections use HTTPS/TLS. Data in transit is encrypted end to end.
Data access
Stephen Duncan and no one else. No third-party analytics, no advertising data, no data sharing.

Your intake forms and test data

The intake forms on the client portal (detective-health.com/clients) submit directly to Stephen via Netlify Forms. This data goes only to Stephen's Netlify account and is handled under standard clinical confidentiality — the same way a paper intake form or an email would be.

The clinical analysis tools (blood chemistry analyser, GI-MAP interpreter, DUTCH tool and others) run entirely within your browser. The data you enter into these tools does not leave your device unless you are using the AI interpretation feature, in which case it passes through the same Anthropic API route described above.

When using the AI interpretation tools: enter marker values and patterns rather than your full name alongside a complete medical history. The clinical analysis is just as useful without combining identifying information.

Data deletion and your rights

Under UK GDPR you have the right to request deletion of any personal data held about you. For the client concierge, clearing your browser history removes your session token and makes your conversation history inaccessible. If you want the underlying data permanently deleted from the database, email hello@detective-health.com and it will be removed within 72 hours.

For intake form submissions, contact Stephen directly via Practice Better or email and any submission can be deleted on request.

This page will be updated as the concierge moves out of beta and proper authentication is implemented. The full Detective Health privacy policy covers the broader website.

Questions about data, privacy, or how any of this works?

hello@detective-health.com — Stephen reads every email.

Open the Concierge Client Concierge