Privacy Policy

1. Our Promise

Your health information is yours. We will never sell it. We will never trade it. We will never use it to target ads at you or anyone else. We collect only what we need to make Umuchi work for you, and we protect it as carefully as we know how.

This Privacy Policy explains what information we collect, why we collect it, how we use it, who we share it with, how long we keep it, and what rights you have. By using Umuchi, you agree to this Privacy Policy.

2. Information You Give Us

When you create an account and use Umuchi, you may give us:

• Account information: your email address, your password (stored encrypted), and the name you choose to display.
• Profile information: for yourself and anyone whose profile you manage — date of birth, sex assigned at birth, blood type, height, weight, pregnancy status, last menstrual period, preferred language, and preferred units.
• Health records: allergies, medical conditions, past surgeries, family medical history, advance directive notes, organ donor status, primary care provider information, and insurance details, plus any free-text notes you add.
• Medicines: prescription medications, over-the-counter medicines, and supplements you take, including doses, frequencies, prescribers, and start and stop dates.
• Emergency contacts: names, phone numbers, relationships, and notification preferences of the people you list as emergency contacts. You are responsible for confirming each contact's consent to receive messages from Umuchi on your behalf before adding them.
• Reminders and check-in schedules: the reminders you set, the check-in frequencies you configure, and your acknowledgments.
• Chat history: the questions you ask the AI Health Guide and the answers it gives you.
• Safety plans and discharge plans: any information you enter into the Safety Plan or post-hospital follow-up tools.
• Payment information: if you subscribe to a paid plan, our payment processor collects your payment method. We do not store full payment card numbers on our servers.
• Optional location data: if you enable location for the Panic Button, your latitude, longitude, and accuracy are recorded at the moment you trigger an alert. Precise coordinates are deleted after 30 days. The fact that an alert occurred is retained.

3. Information Collected Automatically

When you use Umuchi, we automatically collect:

• Device and browser information: the type of device, operating system, browser, and approximate region (derived from your IP address).
• Usage information: which features you used, when, and how often. We use this only to fix problems and improve Umuchi. We do not link this to advertising profiles.
• Authentication metadata: the date and time of sign-ins and the IP address used, for security purposes such as detecting unauthorized access.
• AI usage records: the date, the feature used, the model that responded, and the approximate cost of the call. We do not log this with marketing intent. We use it only to enforce monthly limits, detect abuse, and track our infrastructure costs.

4. Information We Do Not Collect

We do not collect, and never will collect:

• Crisis conversation content. If our system detects you may be in mental health crisis, we redirect you to crisis resources and never log what you typed.
• Information from your phone's contacts, photos, calendar, or microphone unless you explicitly take an action that uses them.
• Information from third-party advertising networks, social media profiles, or data brokers.
• Biometric identifiers, voiceprints, or facial recognition data.
• Tracking cookies used for advertising.

5. How We Use Your Information

We use the information you give us and the information we collect automatically only to:

• Provide the features of Umuchi to you — your records, your reminders, your AI conversations, your emergency tools.
• Authenticate your account and protect it from unauthorized access.
• Send necessary service messages, such as email confirmations, password resets, billing notices, and important security alerts. We do not send marketing emails by default.
• Enforce usage limits and detect misuse, such as automated abuse of AI features.
• Diagnose technical problems and improve the reliability of Umuchi.
• Comply with legal obligations, respond to lawful requests from authorities, enforce our Terms, and protect our rights and the safety of users.

We do not use your health information to train artificial intelligence models. We do not share your health information with advertisers or data brokers. We do not analyze your data to build a profile of you for commercial purposes outside of operating Umuchi.

6. Who We Share Information With

We only share your information with the limited service providers we need to operate Umuchi, and only the minimum necessary for them to do their job. These include:

• Our database and authentication provider — they store your account and health records on encrypted servers.
• Anthropic — the company that provides the AI models behind our Health Guide and other AI features. When you send a message to the AI, the text of that message is sent to Anthropic to generate a response. Anthropic does not retain your messages for training under our agreement and processes them in accordance with their published policies.
• Twilio — when you trigger a Panic Button alert or a missed Daily Check-In escalation, Twilio is used to deliver SMS messages to the trusted contacts you have added. Message contents include only what is needed to alert them — your display name, an optional short note you typed, and (if you chose to share it) a link to your location.
• Email delivery provider — to send account-related emails such as confirmation links and password resets, and to deliver the same emergency alerts to trusted contacts you have added who have an email on file.
• Hosting and infrastructure providers — the servers that physically run Umuchi.

We do not sell, rent, or lease your information to any third party. We do not share your information for any third party's own marketing purposes.

We may share information when required by law, such as in response to a valid subpoena or court order. If we receive such a request, we will only provide what we are legally required to provide, and where the law allows, we will attempt to notify you so you can object before we disclose.

If Umuchi is ever acquired by or merged with another company, your information may be transferred as part of that transaction. In that case, we will notify you in advance and the receiving company will be bound by privacy commitments at least as protective as this Policy.

7. People You Share Profiles With

If you invite another user to share access to a profile you manage (Family Mode), the person you invite will be able to see and edit information in that profile. They are bound by their own agreement to these Terms and Privacy Policy. You may remove their access at any time through Settings.

8. How We Protect Your Information

We use industry-standard security practices, including:

• Encryption of data in transit using HTTPS/TLS.
• Encryption of data at rest on our database servers.
• Row-level security in our database, so each user can only access their own information.
• Authentication and password hashing using vetted, established libraries.
• Limited employee access to user data, only as needed for support and security.

No system is perfectly secure. While we work hard to protect your information, we cannot guarantee absolute security. If we ever discover a data breach affecting your information, we will notify you promptly as required by applicable law.

9. How Long We Keep Information

We retain your information for as long as your account is active. When you delete your account, we permanently delete your personal information within 7 days, except:

• Records we are legally required to retain (such as billing records).
• Crisis intervention logs, which are kept (without content) for audit and safety purposes for up to 7 years.
• Aggregated, anonymized data that cannot be linked back to you.

Precise location coordinates captured during panic events are deleted after 30 days. The fact that a panic event occurred remains in your history.

10. Your Rights and Choices

You have the right to:

• Access: see all the information we have about you.
• Correct: update or fix information that is wrong.
• Delete: request that we delete your account and all associated personal data.
• Export: download your data in a portable format.
• Restrict: ask us to limit how we process your information.
• Object: object to certain types of processing.

You can exercise most of these rights directly through Settings. For anything you cannot do yourself, email contact@umuchi.com and we will respond within 30 days.

11. Children's Privacy

Umuchi is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If we learn that we have collected information from a child under 13 without parental consent, we will delete it.

A parent or guardian may manage a profile for a child under 13 within their own account. In that case, the parent or guardian is responsible for ensuring appropriate use and for the accuracy of the information entered.

12. International Users

Umuchi is operated from the United States, and your information is stored on servers in the United States. If you access Umuchi from outside the United States, your information will be transferred to and processed in the United States, which may have data protection laws different from those in your country.

If you are in the European Economic Area, the United Kingdom, or another region with comprehensive data protection laws, you have additional rights under those laws, including the right to lodge a complaint with your local supervisory authority.

13. Health Privacy Laws

Umuchi is a consumer wellness application. It is not a "covered entity" under the U.S. Health Insurance Portability and Accountability Act (HIPAA), and HIPAA generally does not apply to direct-to-consumer wellness apps. However, we treat your health information with care comparable to HIPAA's standards because we believe it deserves that level of protection.

If we ever offer Umuchi to a healthcare provider, employer, insurer, or other entity that would make HIPAA apply, we will execute the required Business Associate Agreements and update this Policy.

14. Cookies and Similar Technologies

We use a small number of cookies and similar technologies that are strictly necessary to keep you signed in and to remember your settings. We do not use advertising cookies or third-party tracking cookies.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you in the app and update the version number and effective date at the top. Your continued use of Umuchi after the changes take effect constitutes acceptance of the updated Policy.

16. Contact

For questions about your privacy, to exercise your rights, or to report a concern, email contact@umuchi.com. We typically respond within 7 days and always within 30 days.

17. SMS Messaging Program

Umuchi sends SMS messages on behalf of you, the account holder, to the trusted contacts you have personally added in the app. This section describes the program in detail so that you, your contacts, and the carriers we work with understand exactly how it operates.

Who sends the messages. Umuchi sends SMS messages through Twilio, our SMS delivery partner. The sending phone number is a verified business number registered to Umuchi.

Who receives the messages. Only trusted contacts you have personally added in the Umuchi app receive SMS messages. We do not send SMS messages to any number that was not added by an account holder. We do not buy or import contact lists.

What the messages contain. SMS messages contain only what is necessary to communicate an emergency. A typical Panic Button SMS contains your display name, an optional short note you typed before sending, and a link to your location if you chose to share it. A typical missed-check-in SMS contains your display name and a request that the recipient check on you. We do not send marketing, promotional, advertising, or commercial messages by SMS. Ever.

When messages are sent. SMS is sent only when you take a deliberate action in the app — pressing and holding the Panic Button for three full seconds, or failing to confirm a Daily Check-In within the window you configured. We do not send SMS on any other schedule.

How recipients opt in. When you add a person as a trusted contact in Umuchi, you are explicitly telling us they have agreed to receive emergency messages from you, sent through Umuchi. You are responsible for obtaining that consent before adding the person. Each contact entry in Umuchi has a separate, off-by-default toggle for each notification type ("Notify on panic", "Notify on missed check-in"). SMS is only sent to a contact for a notification type if you have specifically enabled that toggle for that contact.

How recipients opt out. A recipient can opt out at any time by replying STOP to any Umuchi SMS message. Twilio honors STOP, UNSUBSCRIBE, CANCEL, END, and QUIT automatically and blocks all future SMS from our number to that recipient. They can also ask you, the account holder, to remove them from your contacts list, which you can do in the My People section of the app at any time. Replying HELP returns information on how to contact us.

Message frequency. Frequency is entirely determined by your use of the Panic Button and Daily Check-In features. Most accounts will send no SMS messages in a given month. Heavy use of Daily Check-In could send a few alerts per month if you frequently miss confirming. We do not send any other SMS.

Carrier fees. Standard message and data rates from the recipient's mobile carrier may apply. Umuchi pays for the cost of sending; recipients pay only their carrier's normal rate for receiving an SMS.

Questions about SMS. Email contact@umuchi.com.