Privacy Policy

Effective Date: December 3, 2025 • Last Updated: December 3, 2025

CareDune™ is a Community Engagement Program offering by Fail Safe Technologies LLC.

NOTICE AT COLLECTION (U.S.)

What we collect. Depending on how you use CareDune™, we may collect (a) identifiers such as name and email, (b) internet/network and device information such as logs, diagnostics, and app usage data, (c) User Content you choose to provide (such as journaling entries and uploaded media), and (d) optional permissions-based data (such as location, camera, microphone, or contacts) only if you enable those features (where supported).

Why we collect it. We use this information to provide and operate the Services, secure accounts and prevent abuse, troubleshoot and improve reliability, respond to support requests, and comply with legal obligations.

Selling/sharing. We do not sell personal information. We do not “share” personal information for cross-context behavioral advertising as defined by certain U.S. state privacy laws. If our practices change, we will provide the required notices and choices (including opt-out mechanisms where applicable).

Retention. We retain information as long as reasonably necessary for the purposes above, including security, backups, and legal compliance, with retention varying by data type.

1. Scope

This Privacy Policy explains how Fail Safe Technologies LLC (“Fail Safe,” “we,” “us,” “our”) collects, uses, shares, and protects information in connection with CareDune™ (the “Services”). This Policy applies to our websites and apps and to support interactions. It does not cover third-party services you may use in connection with the Services.

2. Key Concepts (Plain Language)

  • You control what you enter. CareDune™ can contain sensitive journaling and timeline information depending on how you use it.
  • Permissions are optional. Features like camera, microphone, contacts, and location are enabled by you through device settings and in-app prompts (where supported).
  • We don’t sell personal info. We do not sell your personal information.

3. Information We Collect

  • Account information: name, email, login identifiers, authentication metadata, preferences.
  • User Content: journaling entries, notes, files/media you upload, and associated metadata (e.g., timestamps, tags).
  • Device and app information: device identifiers, app version, OS version, diagnostics, crash logs, performance data, and general usage analytics.
  • Permissions-based data (optional): camera/photos, microphone/audio, contacts, location, calendar, or health-related inputs only if you choose to enable and use them (where supported).
  • Support communications: information you submit via our Contact page, including the selected subject and message contents.

4. Sensitive Data

Depending on use, the Services may include sensitive data such as mental health journaling, dementia-related notes, behavioral triggers, safety planning notes, or other highly personal information. We treat such information as sensitive and apply safeguards designed to reduce risk. You should adopt your own best practices (strong passwords, device lock, careful sharing).

5. HIPAA / PHI; Business Associate Agreements (BAA)

  • Not a HIPAA service by default. Unless a separate written agreement states otherwise, Fail Safe is not acting as a “Business Associate,” and we do not represent that the Services are configured for HIPAA compliance for Covered Entities.
  • No BAA unless signed. We only assume Business Associate obligations via an executed written BAA for eligible partners. If you believe a BAA is required, contact us via Contact (Legal).
  • Do not submit PHI if you require HIPAA protections unless and until a BAA is executed and the appropriate product configuration/controls are confirmed in writing.

6. How We Use Information

  • Provide and operate the Services: authentication, storage, synchronization, and feature delivery.
  • Security and abuse prevention: detect fraud, protect accounts, prevent misuse, and maintain integrity.
  • Reliability and improvement: debugging, analytics (often aggregated), performance monitoring.
  • Support: respond to your inquiries through the correct subject team (Support, Billing, Privacy, Data Requests, Security, Legal, DMCA).
  • Compliance: comply with legal obligations and enforce our Terms.

7. How We Share Information

We do not sell personal information. We may share information:

  • With service providers (processors) who help us host, monitor, secure, and support the Services, subject to contractual protections.
  • For legal reasons (legal process, law enforcement requests, security and safety protection, rights enforcement).
  • In business transfers (merger, acquisition, asset sale), subject to applicable law.
  • With your direction when you choose to share or collaborate (if/when those features are available and enabled by you).

8. Cookies and Similar Technologies (Web)

Our website may use cookies or similar technologies for basic functionality, security, and aggregated analytics. You can control cookies through your browser settings. Some features may not function properly without cookies.

9. Data Retention

We retain information for as long as necessary to provide the Services, fulfill the purposes above, comply with law, and maintain security and operational integrity. Retention can vary by data type. We may retain certain logs and records for security, fraud prevention, backups, and legal compliance.

10. Security

We use reasonable administrative, technical, and physical safeguards designed to protect information. No system is 100% secure. Use strong passwords, keep your device protected, and use discretion when sharing.

11. Your Choices & Rights (U.S.)

  • Permissions: you can control app permissions in your device settings (camera/microphone/location/contacts), where applicable.
  • Account controls: you may be able to edit certain profile fields in-app (depending on current feature set).
  • Data requests: you can request access, deletion, correction, or export of certain data, subject to identity verification and legal exceptions. Use Contact (Data Requests).
  • Appeals: if a request is denied, you may be able to appeal via Contact (Privacy).

Depending on your state, you may have additional rights (e.g., access, deletion, correction, portability, opt-out of certain processing). We respond as required by applicable law and may need to verify your identity.

12. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided information, contact us via Contact (Privacy).

13. Data Location / Processing

The Services are intended for use in the United States. If you access the Services from outside the U.S., you understand that your information may be processed and stored in the United States and other locations where our service providers operate, subject to appropriate protections.

14. State Privacy Rights Addendum (CA/VA/CO/CT/UT)

This section applies to the extent applicable state consumer privacy laws apply to our processing of “personal information”/“personal data.” We will respond as required by applicable law and may need to verify your identity.

California (CCPA/CPRA)

  • Categories of personal information collected: identifiers (e.g., name, email); internet/network activity (e.g., device/app logs); User Content you provide; support communications; and approximate location only if you enable location features (where supported).
  • Purposes: provide/operate services; security; debugging and improvement; support; compliance and enforcement.
  • Sensitive personal information: may be present in User Content depending on what you enter. We do not use sensitive personal information for the purpose of inferring characteristics in a way that requires a “limit” link under CPRA; if this changes, we will provide appropriate notices and controls.
  • Sales/Sharing: we do not sell personal information. We do not share personal information for cross-context behavioral advertising as defined by CPRA unless we later provide notice and the right to opt out.
  • Retention: we retain information as described in Section 9; periods vary by data type and business/legal needs.
  • Your rights: right to know/access, delete, correct, and obtain portability of certain data; right to opt out of sale/sharing (if applicable); and right to non-discrimination.
  • How to exercise: submit requests via Contact (Data Requests). Authorized agents may submit requests where permitted by law; we may require proof of authorization and identity verification.

Virginia / Colorado / Connecticut / Utah

  • Your rights (vary by state): access, delete, correct, data portability, and opt out of targeted advertising and certain profiling (and in some states, opt out of certain “sales” of personal data).
  • Appeals: if we deny a request, you may appeal via Contact (Privacy).

15. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice as required by law. Continued use after the effective date constitutes acceptance.

16. Contact

For privacy questions use Contact (Privacy). For data rights requests use Contact (Data Requests). For security matters use Contact (Security). For legal/BAA inquiries use Contact (Legal).