Privacy Policy for JoyBuddy
Last Updated: November 25, 2024
Effective Date: November 14, 2024
IMPORTANT DISCLAIMERS:
- This App is NOT a medical service and does NOT provide medical advice
- We are NOT HIPAA-covered and do not guarantee absolute data security
- You must be 18+ years old to use this App
- By using the App, you agree to this Privacy Policy and Terms of Service
1. INTRODUCTION AND ACCEPTANCE
1.1 Overview
This Privacy Policy governs the collection, use, storage, and disclosure of personal information by JoyBuddy ("we," "us," "our") in connection with the JoyBuddy mobile application and related services.
1.2 Binding Agreement
By accessing, downloading, installing, or using the App, you expressly acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. IF YOU DO NOT AGREE, DO NOT USE THE SERVICES.
1.3 Legal Capacity
By using the Services, you represent and warrant that:
- You are at least 18 years of age
- You have legal capacity to enter this binding agreement
- Your use does not violate any applicable law
2.1 Information You Provide Directly
Account Information:
- Email address
- Username
- Profile photograph (optional)
- Date of birth (age verification only)
User-Generated Content:
- Emotional state selections and mood tracking
- Journal entries and progress notes
- Sleep tracking data
- Feedback and support communications
Payment Information:
- Processed through Apple's in-app purchase system and RevenueCat
- We do NOT store credit card numbers
- We receive only transaction confirmations and subscription status
2.2 Automatically Collected Information
Device Information:
- Device model and operating system version
- Unique device identifiers (IDFA, IDFV)
- Screen resolution and device language
- Time zone and mobile carrier
Usage Data:
- App launch frequency and session duration
- Feature usage statistics
- Navigation paths and interactions
- Crash reports and error logs
Location Information:
- General geographic location (city/region) from IP address
- We do NOT collect precise GPS location
3. HOW WE USE YOUR INFORMATION
3.1 Primary Purposes
- Service Provision: Provide wellness tracking, journaling, and emotional support tools
- Personalization: Customize your experience based on your preferences
- Progress Tracking: Enable emotional wellness journey and sleep tracking
- Subscription Management: Facilitate in-app purchases through RevenueCat
3.2 Communication
- Account verification and authentication
- Transaction confirmations and receipts
- Service updates and technical notices
- Support inquiry responses
- Marketing communications (with consent - you can opt out)
3.3 Analytics and Improvement
- Analyzing usage patterns to improve functionality
- Research and development
- Testing new features
- Troubleshooting technical issues
- Fraud prevention and security monitoring
4. DATA SHARING AND DISCLOSURE
We do NOT sell, rent, or trade your personal information to third parties.
4.1 Service Providers
We share data with trusted service providers:
- Infrastructure: Google Firebase - analytics, authentication, crash reporting
- Subscriptions: RevenueCat - subscription management
- Payments: Apple - in-app purchases
All providers are bound by data processing agreements compliant with GDPR, CCPA, and applicable privacy laws.
4.2 Legal Requirements
We may disclose information when required by law:
- Valid legal processes (subpoenas, court orders)
- Government or law enforcement requests
- Fraud prevention and rights protection
- Emergency situations involving danger of death or serious injury
5. DATA RETENTION AND STORAGE
5.1 Retention Periods
- Account Data: Duration of account + 90 days after deletion
- Conversations: Active subscription duration; deleted within 30 days after deletion request
- Analytics: Up to 26 months
- Payment Records: 7 years (tax/legal compliance)
5.2 Security Measures
- End-to-end encryption (TLS 1.3) for data in transit
- AES-256 encryption for data at rest
- Encrypted database backups
- Multi-factor authentication for admin access
- Regular security audits
- SOC 2 Type II certified data centers
SECURITY DISCLAIMER: While we implement industry-standard security measures, NO METHOD IS 100% SECURE. WE CANNOT GUARANTEE ABSOLUTE SECURITY. USE AT YOUR OWN RISK.
6. YOUR PRIVACY RIGHTS
6.1 Rights for All Users
- Access: Request access to your personal information
- Correction: Request correction of inaccurate information
- Deletion: Request deletion of your information
- Export: Request portable copy of your data
- Opt-Out: Opt out of marketing communications
6.2 GDPR Rights (EU/UK Users)
- Right to erasure ("right to be forgotten")
- Right to restriction of processing
- Right to data portability
- Right to object to automated decision-making
- Right to withdraw consent
- Right to lodge complaint with supervisory authority
6.3 CCPA Rights (California Residents)
- Know what personal information is collected
- Know whether personal information is sold (we don't sell data)
- Opt-out of sale (not applicable - we don't sell)
- Non-discrimination for exercising rights
- Delete personal information
- Access in portable format
6.4 Exercising Your Rights
- In-App: Settings > Privacy > Data Rights
- Email: privacy@joybuddy.app
- Response Time: Within 30-45 days
7. CHILDREN'S PRIVACY (COPPA COMPLIANCE)
The App is NOT intended for users under 18 years of age.
We do not knowingly collect information from individuals under 18. If you believe your child has provided information:
- Contact us immediately at privacy@joybuddy.app
- We will delete the information within 30 days
- We will terminate the associated account
8. INTERNATIONAL DATA TRANSFERS
Your information may be transferred to and processed in the United States and other countries.
For EEA/UK Users:
- Standard Contractual Clauses (SCCs) approved by European Commission
- Adequacy decisions where applicable
- Appropriate safeguards as required by GDPR
9. HEALTH INFORMATION NOTICE
NOT MEDICAL ADVICE
THE APP PROVIDES EMOTIONAL SUPPORT ONLY. IT DOES NOT PROVIDE MEDICAL ADVICE, DIAGNOSIS, OR TREATMENT.
- NOT a substitute for professional medical advice
- Always seek advice from qualified healthcare providers
- Never disregard professional medical advice
- In emergency, call 911 or local emergency services
NOT HIPAA COVERED
JoyBuddy is NOT a HIPAA-covered entity. We are not a healthcare provider, health plan, or clearinghouse.
Crisis Resources
If you are in crisis:
11. LEGAL DISCLAIMERS
NO WARRANTIES
THE SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND.
LIMITATION OF LIABILITY
TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES, INCLUDING BUT NOT LIMITED TO:
- Loss of data or privacy
- Unauthorized access or data breaches
- Identity theft
- Emotional distress
- Business interruption or loss of profits
CAP ON LIABILITY
Our total liability shall not exceed the greater of: (a) amount you paid in the last 12 months, or (b) $100 USD.
12. ACKNOWLEDGMENT
By using JoyBuddy, you acknowledge:
- ✓ You have read and understood this Privacy Policy
- ✓ You consent to data collection and use as described
- ✓ You understand services are "as is" without warranties
- ✓ You understand this is NOT a medical service
- ✓ You are at least 18 years of age
- ✓ You consent to data transfers to the United States
IF YOU DO NOT AGREE, DO NOT USE THE SERVICES.
© 2024 JoyBuddy. All Rights Reserved.