At Autoimmune Health Tracker, we know how personal and sensitive your health information is. You’re trusting us with some of the most private parts of your life, and we take that responsibility incredibly seriously. This Privacy Policy explains exactly what data we collect, why we collect it, how we protect it, and your rights over it.

1. Information We Collect

Information you give us directly

• Email address (for account creation and communication)

• Name or nickname (optional)

• Health data you choose to log: symptoms, medications, sleep, hydration, diet, mood, activity, notes, custom goals, and any photos you upload (e.g., food or skin rash images)

• Invited family/caregiver emails (only if you use the sharing feature)

Automatically collected information

• Device information (type, operating system, app version)

• Analytics data (how you use the app, which screens you visit, crash reports)

• Wearable sync data (if you connect Apple Health, Google Fit, Oura, Fitbit, etc.)

We do NOT collect precise location data, payment information (the app is free or uses Apple/Google in-app purchases), or social security numbers.

2. How We Use Your Information

• To provide and improve the app (show your dashboard, generate insights, send reminders)

• To create doctor-ready reports (only when you request)

• To send occasional updates, tips, and new feature announcements (you can unsubscribe anytime)

• To understand how the app is used so we can make it better and more helpful

3. How We Protect Your Data

• All health data is encrypted in transit (TLS 1.3) and at rest (AES-256)

• We follow HIPAA-compliant practices for any U.S. protected health information

• We are GDPR-compliant for European users

• Access is limited to the tiny handful of team members who absolutely need it (and they’re bound by strict confidentiality agreements)

• We regularly audit our security and work with external security experts

4. Sharing Your Data

We share your data only in these limited cases:

• With your explicit consent (e.g., when you invite family/caregivers or export a report)

• With trusted subprocessors who help us run the service (e.g., cloud hosting on AWS US regions, analytics tools like PostHog in privacy mode, email delivery via Resend all under strict data-processing agreements)

• If required by law (e.g., a valid court order)

We will never sell, rent, or trade your personal or health data to third parties for marketing or advertising purposes.

5. Data Retention & Deletion

• You can delete individual entries or your entire account at any time from Settings → Account → Delete Account

• When you delete your account, all your health data is permanently erased from our servers and backups within 30 days

• We keep anonymized analytics data to improve the app, but it can never be linked back to you

6. Your Rights (GDPR, CCPA, and beyond)

You have the right to:

• Access your data

• Correct inaccurate data

• Delete your data

• Restrict or object to processing

• Data portability (export everything in a machine-readable format)

Just email us at support@autoimmunehealthtracker.com and we’ll help within 48 hours.

7. Children’s Privacy

Our app is not intended for anyone under 16. If we learn we have collected data from a child under 16, we will delete it immediately.

8. Changes to This Policy

If we make material changes, we’ll notify you by email and in the app. Continued use after changes means you accept the updated policy.

9. Contact Us Questions, concerns, or requests?

We’re here for you. Email: support@autoimmunehealthtracker.com Thank you for trusting Autoimmune Health Tracker with your health journey. We’ve got your back and your privacy.

— The Autoimmune Health Tracker Team