Our commitment to data privacy, security, and user control
Last updated: April 18, 2025
This document provides an overview of our application's approach to data privacy, security, and user control. We are committed to ensuring that our systems meet stringent standards in data protection and compliance, reflecting industry-best practices in safeguarding user information.
All user data is secured using TLS 1.2 (or higher) for data transmission and stored using AWS-managed encryption protocols. These industry-standard encryption methods ensure that data remains protected both during transmission and while at rest. We periodically review and update our encryption measures to maintain the highest levels of security.
We implement comprehensive audit logs that record all key system events, including data access and modifications. These logs are continuously monitored and are reviewed regularly by our dedicated security team to quickly detect and address any suspicious activities, ensuring transparency and accountability across our systems.
Our authentication system enforces strict access controls, ensuring that only authorized personnel and processes have permission to access sensitive data.
We perform regular security risk assessments using AWS integrated security tools along with third-party evaluations. These vulnerability tests and risk assessments help us identify potential threats early, allowing us to implement necessary mitigations promptly.
Users have the ability to delete their data at any time. This functionality is readily available through a user-friendly interface, ensuring that users can manage their information independently.
At any point, users may revoke consent for data usage. Revocation is processed immediately, stopping any further data access beyond the scope of what has been explicitly permitted.
While our application is not a healthcare provider, we have designed our systems to conform to a HIPAA-equivalent level of security. This includes robust measures for ensuring the confidentiality, integrity, and availability of sensitive data.
We perform regular security risk assessments and compliance reviews. These evaluations, conducted in conjunction with AWS security tools and third-party experts, ensure that our processes remain in line with evolving best practices and regulatory guidelines.
Our privacy practices are clearly communicated to users, offering confidence in how their data is handled and assuring them of our unwavering commitment to data protection.
Our commitment to robust encryption, meticulous audit logging, and comprehensive user controls ensures that user data is managed with the highest level of security and transparency. This attestation underscores our dedication to maintaining a secure, compliant environment that prioritizes user trust and data integrity.