Privacy Policy

At AutiCare, your privacy and the privacy of your family are fundamental to everything we do. We understand that when you share information about your autism journey, you're trusting us with some of your most personal experiences.

Our Core Privacy Principles:

• Minimal Data Collection: We only collect information that directly helps us provide better support for your family
• Transparent Usage: We clearly explain how your information is used and never sell your personal data
• Strong Security: Your data is protected with enterprise-grade encryption and security measures
• Your Control: You have complete control over your data and can access, modify, or delete it at any time
• Legal Compliance: We comply with GDPR, CCPA, and other privacy regulations worldwide

What Makes Us Different:

Unlike many tech companies, AutiCare was built by parents for parents. We understand the sensitivity of autism-related information and treat your data with the same care we would want for our own families.

This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal data.

We collect different types of information to provide you with personalized support and improve our services.

Information You Provide Directly:

Account Information: • Name and email address (required for account creation) • Password (encrypted and never stored in plain text) • Age range and relationship to autism (to personalize Luna's responses)

Chat Conversations: • Messages you send to Luna (to provide context and improve responses) • Questions and topics you discuss (to understand common needs) • Feedback you provide about Luna's helpfulness

Information We Collect Automatically:

Usage Data: • How you interact with our platform (time spent, features used) • Technical information (device type, browser, operating system) • Log data (IP address, access times, error reports)

Information We Don't Collect:

• Medical records or formal diagnoses
• Specific identifying details about your child
• Location data beyond general region for legal compliance
• Social media account information

Your information helps us provide better support and continuously improve our services for autism families.

Primary Uses:

Personalized Support: • Tailoring Luna's responses to your family's specific needs and situation • Providing relevant articles and resources based on your interests • Remembering conversation context to maintain continuity

Service Improvement: • Analyzing common questions to develop new features and resources • Understanding which advice and strategies are most helpful • Identifying areas where families need additional support

Communication: • Sending important updates about your account or our services • Sharing new features, articles, or resources that might help your family • Responding to your support requests and feedback

How We Protect Your Privacy:

• Personal identifiers are removed from research data
• Individual conversations are never shared or published
• Aggregated insights never include identifying information
• All team members sign strict confidentiality agreements

We do not sell, rent, or trade your personal information. Period.

We Never Share:

• Your conversations with Luna
• Personal details about your family or child
• Individual usage patterns or behaviors
• Any information that could identify you or your family

Limited Sharing for Service Delivery:

We work with carefully selected partners who help us operate our platform:

• Cloud Infrastructure: Secure hosting and data storage (AWS/Google Cloud)
• Email Services: Account-related communications (with encryption)
• Analytics Tools: Website performance and user experience improvements
• Payment Processing: Subscription management (they never see your conversations)

All partners: • Sign strict data protection agreements • Only access the minimum data needed for their specific service • Are required to protect your information with the same standards we use • Are regularly audited for security and compliance

Legal Requirements:

We may disclose information only when required by law: • Valid court orders or legal processes • Protecting someone's safety in emergency situations • Preventing fraud or abuse of our platform • Complying with regulatory investigations

Protecting your information is not just our responsibility—it's our passion. We use multiple layers of security to keep your data safe.

Encryption:

Data in Transit: • All communications use TLS 1.3 encryption (the gold standard) • Your messages to Luna are encrypted before leaving your device • No one can intercept or read your conversations

Data at Rest: • All stored data is encrypted using AES-256 encryption • Encryption keys are stored separately and rotated regularly • Even our team cannot access your raw conversation data

Access Controls:

Team Access: • Strict "need-to-know" basis for all team members • Multi-factor authentication required for all staff accounts • Regular access reviews and immediate removal when someone leaves

Technical Safeguards: • Automated threat detection and response systems • Regular security audits by third-party experts • Continuous monitoring for unusual activity or potential breaches

Infrastructure Security:

• Hosted on enterprise-grade cloud infrastructure
• Automatic security updates and patches
• DDoS protection and traffic filtering
• Geographic data backup for disaster recovery

Incident Response:

If a security incident occurs: • We'll notify affected users within 72 hours • We'll provide clear information about what happened • We'll explain what steps we're taking to prevent future incidents

You have complete control over your personal information. Here's how you can exercise your privacy rights:

Access Your Data: • View all information we have about your account • Download a copy of your conversations with Luna • See how your data has been used and processed

How to Access: Contact us at [email protected] with "Data Access Request" in the subject line.

Correct Your Data: • Update your profile information anytime in your account settings • Correct any inaccurate information we may have • Add context or clarification to previous conversations

Delete Your Data: • Delete specific conversations or messages • Remove your entire account and all associated data • Request deletion of data held by our service providers

How to Delete: Use account settings for individual items, or email [email protected] for complete deletion.

Control Data Usage: • Opt out of research and analytics (while keeping personalized support) • Choose which types of communications you want to receive • Limit how your data is used for service improvements

Regional Rights:

For EU Residents (GDPR): • Right to object to processing for legitimate interests • Right to restrict processing in certain circumstances • Right to lodge complaints with supervisory authorities

For California Residents (CCPA): • Right to know what personal information is collected • Right to non-discrimination for exercising privacy rights

Response Times: • Data access requests: Within 30 days • Deletion requests: Within 7 days for conversations, 30 days for complete accounts • Correction requests: Immediate for account settings, within 7 days for other data

We use cookies and similar technologies to improve your experience, but we keep tracking to a minimum.

Essential Cookies (Always Active): • Authentication: Keep you logged in securely • Preferences: Remember your settings and language choices • Security: Protect against fraud and abuse • Functionality: Enable core features like chat history

These cookies are necessary for our platform to work properly and cannot be disabled.

Optional Cookies (You Can Control):

Analytics Cookies: • Help us understand which features are most helpful • Show us where users might be experiencing difficulties • Provide insights for improving the user experience

What We Don't Use:

• No Advertising Cookies: We don't show ads or track for advertising purposes
• No Third-Party Trackers: No Facebook Pixel, Google Analytics, or similar
• No Cross-Site Tracking: We don't follow you around the internet
• No Social Media Tracking: No social media platform integration

Managing Cookies:

Browser Settings: • Most browsers allow you to block or delete cookies • You can set preferences for different types of cookies • Incognito/private browsing modes limit cookie storage

Our Cookie Settings: • Access cookie preferences in your account settings • Choose which optional cookies to allow • Change your preferences anytime

Cookie Duration: • Session cookies: Deleted when you close your browser • Persistent cookies: Automatically deleted after 12 months maximum • Authentication cookies: Remain until you log out or change password

While AutiCare supports families with autistic children, our platform is designed for parents and caregivers, not children under 13.

Age Requirements: • Users must be 18 or older to create an account • We do not knowingly collect information from children under 13 • Parents and caregivers control all account information and conversations

Information About Children: When parents share information about their children, we: • Only collect general, non-identifying information (age ranges, interests) • Never request specific medical information or formal diagnoses • Don't collect photos, videos, or other identifying media • Treat all child-related information with extra security protections

Parental Control: • Parents have complete control over what information is shared • Parents can delete any information about their children at any time • We provide guidance on what information is helpful vs. what should remain private

Special Protections for Child Information: • Extra encryption for any child-related data • Stricter access controls within our team • Automatic deletion of detailed conversation context after 12 months • No use of child information for research purposes, even anonymized

If a Child Accesses Our Platform: If we discover that a child under 13 has created an account: • We will immediately delete the account and all associated data • We will not use any information collected from the child • We will notify the parent or guardian if possible

Global Compliance: We comply with international children's privacy laws: • COPPA (Children's Online Privacy Protection Act) in the US • GDPR protections for children in the EU • Similar regulations in other countries where we operate

We may update this Privacy Policy to reflect changes in our practices or legal requirements.

When We Update: • To comply with new privacy laws or regulations • When we add new features that affect data collection or use • To clarify existing practices based on user feedback • To strengthen privacy protections or security measures

How We Notify You:

Major Changes: • Email notification to all users at least 30 days before changes take effect • Prominent notice in your account dashboard • Clear explanation of what's changing and why • Option to download your data before changes take effect

Minor Changes: • Notice in your account dashboard • Updated "Last Modified" date on this page • Summary of changes in our help center

Your Choices: • Continue using AutiCare under the new policy • Modify your account settings to limit data collection • Delete your account if you don't agree with changes • Contact us with questions or concerns about updates

Current Version: • Effective Date: March 1, 2024 • Last Updated: March 1, 2024 • Version: 2.0

Previous Major Updates: • Version 1.0 (January 2023): Initial privacy policy • Version 1.5 (September 2023): Added GDPR compliance details • Version 2.0 (March 2024): Enhanced security measures and user rights

Emergency Updates: In rare cases where immediate updates are needed for security or legal compliance: • We will notify you as soon as possible • Explain the urgency and nature of the change • Provide additional protections or monitoring if needed • Follow up with detailed explanation within 7 days