Privacy Policy

Last updated: 12/11/2024

Introduction

This Privacy Policy describes how MyAllergies ("we," "our," or "us") collects, uses, processes, and discloses your information, including personal information and medical data, in conjunction with your access to and use of our allergy tracking service.
When you use our service, you trust us with sensitive personal and medical information. We take your privacy very seriously. This policy explains what information we collect, how we use it, and what rights you have in relation to it. Please read it carefully.
By using our service, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please do not use our service.

Information We Collect

We collect several types of information to provide and improve our Service:

Personal and Medical Information

We collect and store:
Full name and contact information
Email address and phone number
Emergency contact information
Medical information including:
-Food and medication allergies
-Severity of allergies
-Medical notes and instructions
-Previous allergic reactions
-Healthcare provider information
Payment information (processed securely through Stripe)
Profile preferences and settings
Physical shipping address (for allergy cards)

Service Usage Information

We automatically collect:
Access times and dates
Pages and features used
Device information (type, OS, browser)
IP address and location data
QR code scan statistics
Search queries and results
Error logs and performance data
Interaction with notifications
Subscription status and history

User-Generated Content

We collect content you create:
Custom allergy lists and profiles
Shared allergy information
Comments and feedback
Support requests
Custom card designs
Profile pictures
Emergency instructions

How We Use Your Information

We use your information for the following purposes:

Core Service Functionality

Creating and managing your allergy profiles
Generating QR codes for allergy information sharing
Processing physical allergy card orders
Managing subscription services
Providing AI-powered recommendations
Facilitating emergency contact access
Processing payments through Stripe
Sending critical alerts and notifications

Service Improvement

Analyzing usage patterns
Improving user experience
Developing new features
Enhancing security measures
Optimizing performance
Research and analytics
Training our AI systems
Quality assurance testing

Communication

Service updates and announcements
Subscription status notifications
Order confirmations and shipping updates
Security alerts
Marketing communications (with consent)
Customer support responses
Emergency notifications
Legal and policy updates

Data Sharing and Disclosure

We share your information with:

Service Providers

Payment processors (Stripe)
Cloud hosting providers
Email service providers
Analytics services
Customer support platforms
Card printing services
Shipping carriers
Security and fraud prevention services

Data Security

We implement robust security measures:

Technical Measures

End-to-end encryption for sensitive data
Regular security audits
Multi-factor authentication
Secure data backups
Intrusion detection systems
Vulnerability scanning
Access logging and monitoring
Data loss prevention tools

Organizational Controls

Employee security training
Access control policies
Data handling procedures
Incident response plans
Regular compliance reviews
Vendor security assessments
Privacy impact assessments
Security certification maintenance

Your Privacy Rights

You have the following rights:

Access and Control

Access your personal information
Correct inaccurate data
Delete your account and data
Export your data
Restrict processing
Object to processing
Withdraw consent
Manage marketing preferences

Data Portability

You can request:
A copy of your data
Transfer to another service
Export in common formats
Specific data selections
Historical data access
Emergency contact updates
Subscription data

Children's Privacy

We comply with COPPA and protect children's privacy:

Age Restrictions

Users must be 13+ to create accounts
Parents must create accounts for children under 13
We verify parental consent
We collect minimal information from children
Parents can review and manage children's data
Special protections for family accounts
Immediate deletion of unauthorized child data

Parental Rights

Parents/guardians can:
Review their child's information
Request data deletion
Restrict information collection
Update child's information
Control sharing settings
Manage emergency contacts
Monitor account activity

International Data Transfers

We process data globally:
Data may be transferred internationally
We ensure appropriate safeguards
We comply with data transfer regulations
We use standard contractual clauses
We maintain data transfer impact assessments
We monitor international compliance
We respect local privacy laws

Data Retention

We retain data as follows:
Active accounts: Data retained while account is active
Deleted accounts: Data removed within 30 days
Backup retention: 90 days
Payment information: As required by law
Usage logs: 12 months
Support requests: 24 months
Emergency contact info: Until updated
Marketing preferences: Until opt-out

Changes to Privacy Policy

We may update this policy:
Changes effective upon posting
Notice provided for material changes
Email notifications sent
30-day notice for significant changes
Continued use implies acceptance
Previous versions available on request
Change logs maintained

Contact Information

For privacy questions or concerns:
Privacy Officer: [email protected]
Support: [email protected]
Legal: [email protected]
MyAllergies
PO Box 492
Rockwall, TX 75087

This privacy policy was last updated on December 11, 2024. If you have any questions about our privacy practices, please contact us.