Privacy

Last updated: 2026-05-12

What we collect

• Caregiver name, email, and mobile phone.
• Senior name, mobile phone, birth year, and city/state.
• Approximate coordinates derived from city, used only to fetch local weather.
• Every SMS we send and every reply we receive.
• Consent timestamps and IP at signup (required for SMS compliance).

How we use it

• Phone numbers route SMS via RingCentral.
• Coordinates go to Open-Meteo (no API key) for the day's forecast.
• Message text is sent to Anthropic to generate trivia and warm replies. Recent conversation history is included as context.
• Email addresses receive sign-in links via Resend.

What we don't do

• We do not sell phone numbers or message content.
• We do not share data outside the providers above.
• We do not use messages for advertising.

Retention & deletion

• Conversation messages (SMS bodies) are automatically deleted after 2 years.
• Biography entries (life-story Q&A you've collected via Curious Gabe) are retained for the life of the account — they're your archive.
• Check-in metadata (date, status, weather summary) is retained for the life of the account; no message content.
• Consent timestamps + signup IP are retained as required by SMS regulations (TCPA).
• You can delete your entire account from the dashboard (bottom of the page). That permanently removes the caregiver record, all enrolled seniors, every check-in, every message, every biography entry, and all active sessions.

Security

Sessions are server-side and never exposed in URLs. Cookies are HttpOnly + Secure + SameSite=Lax. All endpoints are HTTPS-only with HSTS. Mutating endpoints require same-origin requests. Rate limits protect signup, sign-in emails, and inbound SMS. The SMS webhook is authenticated with a shared secret.