Legal
Privacy Policy
Effective July 3, 2026 · Last updated July 3, 2026
1. Who we are
Binda is operated by Binda Health LLC, a Texas limited liability company. For privacy questions contact privacy@binda.health; for general support support@binda.health. For the purposes of GDPR / CCPA (where applicable), we are the data controller for the personal data described below.
2. The short version
- Binda is a care-coordination app. We collect what we need to make the service work and nothing else.
- We do not sell your personal data.
- We do not show third-party ads in the app.
- We are not a HIPAA-covered entity and we don't sign Business Associate Agreements. Binda is care-coordination software, not a medical device or a healthcare provider.
- You can delete your account from inside the app at any time. When you do, your sign-in and personal contact details are removed; records you authored as part of someone's care work stay attached to that care plan but are de-identified — attributed only as “Former caregiver.” See section 8.
3. What we collect
Contact information
Email address (to create your account and send transactional email); your display name (shown to people you share a care plan with); phone number (optional, only if you enter it).
Health and care information
Medications and dose logs, observations and notes, shift logs, appointments and providers, allergies, diagnoses, advance-directive flags, and hours/expenses/mileage. These are records you and the care team create about the care recipient. We treat them as sensitive personal data even though Binda is not subject to HIPAA.
Identifiers
A user ID (UUID) assigned on sign-up, and device identifiers reported by Apple/Google only when delivering push notifications (none enabled in this version).
Purchase history
Subscription tier and status, billing/renewal dates, and a store subscription identifier — so we know which tier to unlock. Consumer subscriptions are purchased through the App Store or Google Play and managed on our side by RevenueCat; we do not receive or store your payment card number.
Photos and user content
Photos you upload (medication confirmation, care-recipient avatar, expense receipts, your profile avatar) and notes you write (handoff notes, observations, family posts, comments).
Usage and diagnostics
Anonymized product analytics via PostHog (opt-out in settings) and crash reports via Sentry. We do not collect precise location, browsing history outside Binda, contact lists, or advertising identifiers.
4. How we use it
- Provide the service — show you the right care plan, medications, and notes, route invitations, and deliver transactional email.
- Enforce role-based access — so family members don't see caregiver-only financial details, doctors don't see the family feed, and so on.
- Bill subscribers — through the App Store / Google Play (managed by RevenueCat).
- Generate optional AI summaries — if you open the “AI summary” feature, we send recent notes and observations for that care recipient to our AI provider (Anthropic) to produce a short digest. This is done on request and cached; the provider does not use it to train its models.
- Send service-related email — invitations, deletion confirmations, billing receipts. We do not currently send marketing email.
- Fix bugs and improve the product — through anonymized analytics and crash reports.
- Comply with the law — when properly compelled by valid legal process. We will tell you if we are legally permitted to.
We do not use your data to train AI models, to sell to data brokers, or to advertise to you.
5. Who we share it with
We share the minimum data necessary with a small set of service providers, each contractually bound to handle data on our behalf.
Supabase
Database, authentication, file storage — Everything except payment card data
Apple / Google
In-app purchase billing + Sign in — Payment (they process it), store receipt, sign-in email
RevenueCat
Subscription management for in-app purchases — Account UUID, store receipts, subscription state
Anthropic
AI note summaries (on request) — Recent notes/observations for a care recipient
Resend
Transactional email — Email address, message body
Sentry
Crash reports — Crash stack traces, device + OS info
PostHog
Product analytics — Anonymized event data, account UUID
We do not share your data for advertising or marketing, and we do not sell or share personal information as defined under the California Consumer Privacy Act.
6. How long we keep it
- Account data — kept while your account is active.
- Care records (medications, observations, shift logs, notes, appointments) — kept while the care plan is active, and for 7 years after the plan is closed for the family's records.
- Subscription billing records — kept for 7 years for tax and accounting reasons.
- Backups — included in encrypted backups for up to 30 days after deletion.
- Crash reports and analytics — kept for 90 days, then anonymized further or deleted.
7. Your choices and rights
- See your data — most of it is in the app; for anything else, email privacy@binda.health.
- Correct your data — your profile, contact info, and care-plan data are editable in the app.
- Delete your account — from Settings → Delete account.
- Opt out of analytics — from the in-app settings.
If you live in California, Colorado, Connecticut, Virginia, or Utah you have additional rights under state law. If you live in the European Economic Area or the United Kingdom you have additional rights under GDPR / UK GDPR (access, rectification, erasure, restriction, portability, objection). To exercise any of these, email privacy@binda.health.
8. Account deletion
Apple's App Store policy 5.1.1(v) requires in-app account deletion. We provide it at Settings → Delete account. When you delete your account:
- Your sign-in is disabled immediately — we change your email and password to unguessable values so the account can't be reopened.
- Your profile data (name, phone, avatar) is replaced with generic placeholders, and your avatar photo is removed from storage.
- An in-app subscription must be canceled by you in your device's subscription settings — Apple and Google don't let us cancel it for you — and we stop honoring the paid tier.
- Records you wrote as part of a care plan stay attached to that care plan, attributed only as “Former caregiver” — they are part of the family's records of care. This is the “de-identify-and-retain” policy.
Closed accounts cannot be reopened.
9. Children
Binda is not for children. We do not knowingly collect personal information from anyone under 18. If you believe a child has signed up, email privacy@binda.health and we will delete the account.
10. Health data disclaimer
Binda is care-coordination software, not a medical device, not clinical decision support, and not a substitute for professional medical advice. The information in Binda comes from people in your care circle and reflects their best understanding at the time. Binda is not a HIPAA-covered entity and we do not sign Business Associate Agreements.
11. Security
We protect your data with:
- Encryption in transit (HTTPS / TLS 1.3) and at rest in the database and file storage.
- Row-level security on every database table — your data is isolated from other accounts at the database layer, not just the app layer.
- Sign in with Apple and Google as the recommended sign-in methods; bcrypt password hashes for email/password accounts.
- Limited employee access — production data is accessible only to Binda Health LLC personnel who need it to operate and support the service, under confidentiality obligations.
No security control is perfect. If you suspect your account has been compromised, email security@binda.health immediately.
12. International transfers
Binda is operated in the United States, and your data is processed in the United States. If you access Binda from another country, you consent to that transfer. For EU/UK users, we rely on Standard Contractual Clauses (or the EU-U.S. Data Privacy Framework, if applicable) to transfer data lawfully.
13. Changes to this policy
We will update this policy when our practices change. The “Last updated” date at the top reflects when we last changed anything. For material changes we will give you in-app notice or email before the change takes effect.
14. Contact
Email privacy@binda.health and we'll respond as quickly as we can.