Privacy Policy

← Back to Home

Introduction

Welcome to Huddl ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

Important: Huddl is a Personal Health Record (PHR) application designed for personal and family use. We are NOT a HIPAA "covered entity" or "business associate." We are a technology company providing personal health tracking software for individuals and families.

Information We Collect

Information You Provide

• Account Information: Email address and name when you create an account
• Care Information: Details about care recipients, medications, tasks, and appointments that you enter into the app
• Communications: Messages and content you share within your care circles

Information Collected Automatically

• Device Information: Device type, operating system, and unique device identifiers
• Usage Data: How you interact with our app, including features used and time spent
• Push Notification Tokens: To send you important reminders and updates

How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Service
• Send medication reminders and appointment notifications
• Enable collaboration between care circle members
• Respond to your requests and provide customer support
• Detect and prevent fraud or abuse
• Comply with legal obligations

Information Sharing

We do not sell your personal information. We may share your information only in the following circumstances:

• With Your Care Circle: Information you add to a care circle is visible to other members of that circle
• Service Providers: With trusted third parties who assist in operating our Service (e.g., cloud hosting, email delivery)
• Legal Requirements: When required by law or to protect our rights and safety
• Business Transfers: In connection with a merger, acquisition, or sale of assets

Data Security

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit using HTTPS/TLS
• Secure authentication using email-based one-time passwords
• Regular security assessments and updates
• Access controls limiting who can view your data
• Secure cloud infrastructure with enterprise-grade protection

HIPAA and Regulatory Compliance

HIPAA Status

Huddl is NOT a HIPAA covered entity. We are a technology company offering personal health record software for individual and family use. Key points:

• We do NOT provide medical care, diagnosis, or treatment
• We do NOT bill insurance companies or process claims
• We are NOT a healthcare provider, health plan, or healthcare clearinghouse
• We do NOT sign Business Associate Agreements (BAAs) with healthcare providers
• Our Service is intended for personal use only, not for use by healthcare providers in delivering patient care

Privacy Laws We Comply With

Although not subject to HIPAA, we comply with applicable privacy and security laws, including:

• FTC Health Breach Notification Rule: We will notify you and the FTC in the event of a breach involving your health information
• State Privacy Laws: We comply with California CCPA/CPRA, Virginia VCDPA, and other applicable state privacy regulations
• International Standards: We follow industry best practices for data security and privacy

Data Breach Notification

In the event of a data breach affecting your health information, we will:

• Notify affected users within 60 days of discovery
• Notify the Federal Trade Commission if required
• Notify media outlets if the breach affects 500 or more individuals
• Provide information about what data was affected and steps you can take

Data Retention

We retain your information for as long as your account is active or as needed to provide you with our Service. You may request deletion of your account and associated data at any time by contacting us.

Your Rights

You have control over your health information. Depending on your location, you have the right to:

• Access: View all personal and health information we hold about you
• Correct: Update or correct inaccurate information
• Delete: Request deletion of your account and all associated data
• Export: Download your data in a portable format (JSON or CSV)
• Opt-Out: Opt out of certain data processing activities
• Limit Sharing: Control who has access to your care circles and information

To exercise any of these rights, please contact us at huddl@oneway.co.nz. We will respond within 30 days.

Intended Use and Limitations

Personal Use Only: Huddl is designed for personal and family health tracking. The Service is NOT intended for:

• Use by healthcare providers in the delivery of medical care to patients
• Use by medical facilities for patient management
• Emergency medical situations or critical care coordination
• As a substitute for professional medical advice or treatment

You are responsible for the accuracy of information you enter and for following your healthcare provider's instructions. We are not liable for health outcomes, missed medications, or medical decisions made using the Service.

Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Email: huddl@oneway.co.nz