ElderWatch AIBack to home

Privacy Policy

ElderWatch AI — Privacy Policy

Version 1.0.0 — Effective Date: [INSERT DATE]

Requires legal review for GDPR (EU/UK), CCPA (California), POPIA (South Africa), Kenya Data Protection Act, and other applicable regimes before launch.

1. Introduction

[INSERT COMPANY LEGAL NAME] ("Company") respects your privacy. This Privacy Policy explains what data we collect through ElderWatch AI, why we collect it, how it's used, and your rights regarding it.

2. Data We Collect

From Elder User devices (with consent):

  • Device usage signals: screen unlock timestamps, app session frequency, charging events
  • Movement data: step counts, active/inactive periods (derived from device sensors, not video or audio)
  • Communication metadata: call frequency and timing (NOT call content, NOT message content)
  • Location data: periodic location pings used solely to detect major routine deviations (NOT continuous real-time tracking)

From Family Caregiver / Administrator accounts:

  • Name, email address, phone number (optional)
  • Relationship to Elder User
  • Payment information (processed by Paystack; we do not store full card numbers)
  • Language and country preferences

Automatically collected:

  • IP address, browser/device type, app version (for security and diagnostics)
  • Consent timestamps and version history

3. What We Do NOT Collect

  • We do not record audio or video
  • We do not read the content of calls, texts, or emails
  • We do not continuously track GPS location in real time
  • We do not sell personal data to advertisers or data brokers

4. How We Use Data

| Purpose | Data Used | |---|---| | Behavioral baseline learning | Device usage, movement, charging, communication frequency, location clusters | | Anomaly detection & alerts | Same as above, compared against baseline | | Billing | Payment metadata via Paystack | | Service improvement | Aggregated, de-identified usage statistics | | Legal compliance | Consent records, audit logs |

5. AI Processing

Behavioral data is processed by automated machine learning models to establish baselines and compute anomaly scores. This processing is informational only and does not constitute a medical diagnosis. See our AI Monitoring Consent document for full details.

6. Data Sharing

We share data only with:

  • Service providers: Firebase/Google Cloud (hosting and database), Paystack (payments), Twilio (SMS/call escalation) — each bound by data processing agreements
  • Legal authorities: only when required by valid legal process
  • Emergency contacts: limited alert information, only as configured by the Family Caregiver

We do not sell, rent, or trade personal data to third parties for marketing purposes.

7. Data Retention

  • Active account data is retained for the life of the account
  • Upon account closure, data is retained for up to 24 months for legal/audit purposes, then permanently deleted
  • Consent records are retained for 7 years for compliance purposes
  • You may request earlier deletion via Settings → Privacy → Delete My Data, subject to legal retention requirements

8. Your Rights

Depending on your jurisdiction (GDPR, CCPA, POPIA, Kenya DPA, etc.), you may have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict or object to certain processing
  • Port your data to another service
  • Withdraw consent at any time

To exercise these rights, go to Settings → Privacy, or email privacy@elderwatch.ai.

9. International Data Transfers

Data may be processed in data centers located outside your country of residence (e.g., Google Cloud regions in the US/EU). Where required, we rely on Standard Contractual Clauses or equivalent safeguards for cross-border transfers.

10. Security

We implement encryption in transit (TLS 1.2+) and at rest (AES-256), role-based access controls, and regular security audits. No system is 100% secure; we encourage strong passwords and enabling available account security features.

11. Children's Data

The Service is not directed at children under 18. Elder User profiles are for adults requiring care support; if you believe a minor's data has been collected in error, contact us immediately.

12. Changes to This Policy

Material changes will be communicated via email or in-app notice with a new effective date and version number.

13. Contact

Data Protection queries: privacy@elderwatch.ai [INSERT DPO NAME AND CONTACT IF APPLICABLE UNDER GDPR] [INSERT COMPANY REGISTERED ADDRESS]

Country-specific addenda (UK GDPR, EU GDPR, CCPA/CPRA, POPIA, Kenya DPA 2019, PIPEDA for Canada, Privacy Act 1988 for Australia, Privacy Act 2020 for New Zealand) should be appended or linked based on user's detected country at signup.