Privacy Policy

1. Introduction

Welcome to CareCircle ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our caregiving management platform.

By using CareCircle, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us:

• Account Information: Name, email address, password, and profile photo
• Patient Information: Names, relationships, dates of birth, gender, diagnoses, and medical conditions of care recipients
• Healthcare Data: Doctor information, medications, lab results, appointments, therapy sessions, and medical notes
• Task and Schedule Data: Caregiving tasks, reminders, and calendar events
• Communication Data: Messages and interactions with our AI assistant
• Family Circle Information: Information about other caregivers in your care network

2.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on the platform
• Device Information: IP address, browser type, operating system, device identifiers
• Location Data: General location information based on IP address
• Cookies and Tracking: Session data, preferences, and analytics information

2.3 Third-Party Integrations

When you connect third-party services:

• Google Calendar: Calendar events, tasks with due dates, appointment information
• Authentication Providers: Profile information from Google OAuth

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our caregiving management services
• Create and manage your account
• Process and sync your healthcare data, tasks, and appointments
• Send reminders, notifications, and updates about your caregiving activities
• Provide AI-powered assistance and personalized recommendations
• Facilitate collaboration with your family circle and care team
• Respond to your comments, questions, and support requests
• Analyze usage patterns to improve our platform
• Protect against fraud, abuse, and security threats
• Comply with legal obligations and enforce our terms

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 With Your Consent

• Family members you invite to your care circle
• Healthcare providers you choose to share information with
• Third-party services you connect (e.g., Google Calendar)

4.2 Service Providers

• Cloud Infrastructure: Google Cloud Platform for hosting and storage
• Database Services: Supabase for secure data storage
• AI Services: OpenAI for AI assistant functionality
• Email Services: Resend for transactional emails
• Analytics: Privacy-focused analytics providers

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Legal process or government requests
• Protection of rights, property, or safety
• Investigation of fraud or security issues
• Enforcement of our Terms of Service

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest
• Access Controls: Strict authentication and authorization mechanisms
• Secure Infrastructure: Hosted on secure Google Cloud Platform with regular security updates
• Database Security: PostgreSQL with row-level security policies
• Regular Audits: Periodic security assessments and monitoring
• Employee Training: Staff trained on data protection and privacy practices

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

6. Data Retention

We retain your personal information for as long as necessary to:

• Provide our services and maintain your account
• Comply with legal obligations (e.g., tax records, HIPAA compliance)
• Resolve disputes and enforce our agreements
• Fulfill the purposes outlined in this Privacy Policy

When you delete your account, we will delete or anonymize your personal information within 90 days, except where we must retain it for legal reasons.

7. Your Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Portability

You can access, download, and export your data at any time from your account settings.

7.2 Correction and Update

You can update your personal information directly in your account settings.

7.3 Deletion

You can delete your account and personal information from the settings page. We will process your request within 30 days.

7.4 Opt-Out

• Email Notifications: Unsubscribe from marketing emails (service emails may still be sent)
• Cookies: Adjust your browser settings to refuse cookies
• Third-Party Integrations: Disconnect services like Google Calendar from your settings

7.5 Complaint

If you believe we have violated your privacy rights, you have the right to file a complaint with a data protection authority in your jurisdiction.

8. Children's Privacy

CareCircle is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately, and we will delete it.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We take appropriate safeguards to ensure your information receives adequate protection, including using standard contractual clauses approved by regulatory authorities.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about the personal data we collect, use, and share
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (Note: We do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, please contact us at vishwadeep@getcarecircle.com or use the data management tools in your account settings.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):

• Right of Access: Obtain confirmation of data processing and access to your data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to certain types of data processing
• Right to Withdraw Consent: Withdraw consent for data processing at any time

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14. Acknowledgment

By using CareCircle, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.