Legal
Privacy Policy
Effective date: June 29, 2025
Note: This policy is a working draft. Please have qualified legal counsel review it before it is treated as a binding document.
1CareCircle Care, Inc. (“1CareCircle,” “we,” “us,” or “our”) operates the 1CareCircle platform, which helps families, senior living communities, and care providers coordinate care for older adults. This Privacy Policy describes how we collect, use, share, and protect information when you use our website and services.
1. Information We Collect
We collect information you provide directly to us:
- Account information: Name, email address, and password when you create an account.
- Profile information: Relationship to the care recipient, organization affiliation, and preferences.
- Care coordination data: Visit records, wellness check-in notes, service requests, and caregiver communications entered into the platform.
- Contact form submissions: Name, email, organization, and message content when you contact us.
We also collect information automatically:
- Log data: IP address, browser type, pages visited, and timestamps.
- Cookies and session tokens: We use HttpOnly session cookies to maintain your authenticated session. We do not use third-party advertising cookies.
2. How We Use Your Information
- To operate the platform and provide the services you requested.
- To send transactional communications (visit confirmations, service updates).
- To respond to your inquiries and support requests.
- To detect and prevent fraud, abuse, and security incidents.
- To improve and develop new features based on usage patterns.
- To comply with applicable legal obligations.
We do not sell your personal information to third parties. We do not use care coordination data for advertising purposes.
3. HIPAA and Health-Related Information
1CareCircle is designed to support care coordination, which may involve health-related information about care recipients. We implement technical and organizational safeguards consistent with HIPAA requirements where applicable, including:
- Role-based access controls limiting data visibility to authorized circle members.
- Automatic session expiration and token rotation.
- Audit logging of all access to care recipient records.
- Encryption of data in transit (TLS) and at rest.
If you are a covered entity or business associate under HIPAA, please contact us at privacy@1carecircle.com to discuss a Business Associate Agreement (BAA).
4. Information Sharing
We share your information only in the following circumstances:
- Within the circle of care: Information about a care recipient is visible to circle members as configured by the guardian. You control who is in the circle.
- Service providers: We use trusted third-party vendors (cloud infrastructure, email delivery) who are contractually bound to protect your data.
- Legal compliance: We may disclose information if required by law, court order, or to protect the rights and safety of our users.
- Business transfers: If 1CareCircle is acquired or merges with another company, your data may be transferred as part of that transaction.
5. Data Retention
We retain your information for as long as your account is active and for a reasonable period thereafter to comply with legal obligations. Care coordination data (visits, wellness notes) is retained for at least three years after the care relationship ends, unless applicable law requires longer retention.
You may request deletion of your personal information by contacting privacy@1carecircle.com. Deletion requests are subject to legal hold and compliance requirements.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access and portability — request a copy of your data.
- Correction — request correction of inaccurate information.
- Deletion — request deletion of your account and personal data.
- Restriction — request that we limit certain processing activities.
- Objection — object to processing based on legitimate interests.
To exercise these rights, email privacy@1carecircle.com. We will respond within 30 days.
7. Security
We implement industry-standard security practices including TLS encryption, access controls, audit logging, and regular security reviews. No transmission over the internet is 100% secure, and we cannot guarantee absolute security.
8. Children's Privacy
1CareCircle is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us at privacy@1carecircle.com.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by updating the effective date at the top of this page and, where appropriate, by sending an email notification to the address on your account.
10. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us at:
- Email: privacy@1carecircle.com
- Mail: 1CareCircle Care, Inc., Privacy Team, [Address to be added]