Last updated: May 26, 2026
📋 Overview
FASDassist ("the App") is a caregiver support application designed to help families supporting individuals with Fetal Alcohol Spectrum Disorder (FASD). This policy explains what data we collect, how we use it, and your rights.
We do not sell, share, or monetize your personal data in any way.
📦 Data We Collect
We collect only what is necessary to provide the App's features:
- Account information: Email address and encrypted password for login.
- Youth profile: Name, date of birth, photo (optional), and location/province.
- Health information: Medications, allergies, medical triggers, and health card numbers (stored encrypted).
- Emergency profile: Emergency contacts, medical alerts, and safety information you enter for use with the NFC bracelet feature.
- Care team contacts: Names, phone numbers, roles, appointment details, invoices, and mileage records entered by or shared with your care team providers.
- Financial records: Expense amounts, mileage, and funding applications you log.
- Journal entries: Notes and shared entries between caregiver and youth.
- Appointment and routine data: Schedules and checklists you create.
- Subscription information: Your subscription status and billing period, managed through Apple App Store or Google Play. We do not store payment card details.
🔒 How We Store & Protect Your Data
- All data is transmitted over HTTPS (TLS encryption).
- Sensitive credentials (auth tokens, health card numbers) are stored in your device's secure keychain — not in plain storage.
- Data is stored on a secured MongoDB database hosted on Railway.app in Canada/North America.
- We use JWT-based authentication with short-lived access tokens.
- The App prevents screenshots and Recent Apps previews to protect sensitive information on your screen.
🌐 Data Sharing
We do not share your personal data with advertisers or analytics services.
The following third-party services are used solely to operate the App:
- Railway.app: Hosts our backend API and database (Canada/North America).
- SendGrid (Twilio): Used to deliver invoice and mileage report emails to caregivers from their care team providers. Only the recipient's email address and the invoice/mileage content you choose to send are transmitted.
- Apple App Store / Google Play: Handle subscription billing on our behalf. We receive only your subscription status — no payment details.
📡 NFC Usage
The App uses your device's NFC hardware to write emergency medical alert data (name, date of birth, medications, allergies, emergency contacts) to NFC tags embedded in emergency bracelets.
NFC data is written directly from the App to the tag — it is not transmitted to our servers. Only the information you have already entered in your Emergency Profile is written to the tag.
👶 Children's Privacy
FASDassist is designed for use by adult caregivers. Youth profiles within the App are managed exclusively by the caregiver account holder. We do not knowingly collect data directly from children under 13.
🗑️ Data Deletion
You can request deletion of your account and all associated data at any time by contacting us at the email below. We will process deletion requests within 30 days.
Individual records (journal entries, expenses, contacts) can be deleted directly within the App.
📱 Device Permissions
iOS
- Camera: Used to capture photos for youth profiles and emergency safety profiles.
- Microphone: Used for voice note features in the journal and routines.
- Photo Library: Used to attach photos to youth profiles and documents, and to save the emergency QR code to your photos.
- Near Field Communication (NFC): Used to write emergency medical alert data to NFC tags on emergency bracelets.
Android
- INTERNET: Required to sync data with our backend.
- CAMERA: Used to capture photos for youth profiles and emergency safety profiles.
- READ_MEDIA_IMAGES / READ_EXTERNAL_STORAGE: Used only when you choose to attach a photo to a youth profile.
- WRITE_EXTERNAL_STORAGE: Used only when you export a report or document.
- RECORD_AUDIO: Used for voice note features in the journal and routines.
- POST_NOTIFICATIONS: Used to deliver appointment reminders and routine alarms you schedule.
🔄 Changes to This Policy
We may update this policy as the App evolves. We will notify users of significant changes through the App or by email. Continued use of the App after changes constitutes acceptance of the updated policy.