Privacy Policy
Last updated: March 16, 2026
Introduction
This Privacy Policy describes how Nearwise Health, Inc. collects, uses, stores, and shares information about Subscribers, Care Recipients, and website visitors. The Service involves a unique data relationship: the Subscriber provides personal data about a third party (the Care Recipient) and receives ongoing behavioral reports about that third party. This Policy addresses both parties separately where their rights differ.
Geographic Scope: The Service is currently available in the United States only. Data is processed in the United States under U.S. law.
Section 1 — Information We Collect
1A — Provided by Subscribers
- Account info: name, email, phone number, billing address
- Payment info: processed by Stripe; we do not store full card numbers
- Care Recipient enrollment info: name and phone number(s)
- Subscriber Profile Data: biographical information, family structure, life history, hobbies, interests, geographic context, health background, and preferences about the Care Recipient
- Support communications sent to us
1B — Collected Through Gloria Interactions with Care Recipients
Health-Adjacent Sensitive Data
The categories below may qualify as sensitive personal information under California’s CPRA and similar state laws. We handle them with enhanced protections described in Section 4.
- Voice call audio recordings and transcripts
- SMS and WhatsApp message content
- Mood and emotional state signals derived from conversation content
- Sleep pattern references
- Medication names, adherence patterns, and references
- Nutrition and eating pattern references
- Physical mobility and activity references
- Social engagement and isolation signals
- Cognitive engagement markers: memory references, confusion indicators, conversational coherence
- Spontaneous disclosures of any kind made during interactions
- Longitudinal behavioral profiles derived from all of the above over time
- Inferred and derived data: health-adjacent signals inferred from conversation patterns
1C — Collected Automatically
- Website usage: IP address, browser type, OS, pages visited, time spent
- Device info: device type and identifier
- Cookies and similar tracking technologies
Section 2 — How We Use Information
For Subscriber Account Data
- Account creation and management
- Payment processing
- Customer support
- Service communications
- Terms enforcement
For Care Recipient Interaction Data and Subscriber Profile Data
- Personalizing Gloria’s conversations using Subscriber Profile Data
- Generating wellness summaries, behavioral patterns, and progress reports
- Populating the Subscriber Dashboard
- Improving Gloria’s AI models — we may use anonymized and aggregated Interaction Data to improve Gloria’s conversational capabilities. Care Recipients and Subscribers may opt out of AI training use at any time by emailing info@nearwise.xyz with subject line “AI Training Opt-Out.”
- Detecting service misuse or safety concerns
What We Do NOT Do
- We do not sell personal information
- We do not use personal information for targeted advertising
- We do not share data with third parties for their independent marketing
Section 3 — How We Share Information
3A — Sharing With the Subscriber (Core Product Function)
The primary purpose of the Service is to provide Subscribers with information about their Care Recipient. We share post-interaction wellness summaries, mood and behavioral signals, engagement records, and all Dashboard content with the Subscriber.
3B — Service Providers
| Provider | Purpose | Care Recipient Data? |
|---|---|---|
| Twilio | Voice calls and SMS delivery | Yes — call audio and SMS content |
| Stripe | Payment processing | No — payment data only |
| Vercel | Website and app hosting | Yes — infrastructure level |
| LLM/AI Provider | Natural language processing | Yes — conversation transcripts |
| Cloud Storage | Data storage and infrastructure | Yes — encrypted storage |
All providers are contractually prohibited from using data for purposes other than providing services to us.
3C — Legal Disclosures
We may disclose information if required by law, subpoena, court order, or governmental authority, or to protect the safety of users or the public.
Section 4 — Sensitive Personal Information
Health-adjacent data including mood signals, cognitive markers, medication references, and behavioral patterns may qualify as sensitive personal information under CPRA, VCDPA, and similar laws. We: (a) collect it only as needed for the Service; (b) do not use it for advertising, non-Service profiling, or sale; (c) implement enhanced security; and (d) allow California residents to limit its use as described in Section 8.
Section 5 — Data Retention
| Data Category | Retention Period |
|---|---|
| Subscriber account data | Account duration + 30 days after deletion |
| Payment records | 7 years (tax/legal compliance) |
| Call audio recordings | 90 days from recording date |
| Conversation transcripts | Account duration + 30 days |
| Wellness summaries and Dashboard data | Account duration + 30 days |
| Subscriber Profile Data | Account duration + 30 days |
| Usage logs and analytics | 12 months rolling |
Section 6 — Security
We use TLS encryption in transit, encryption at rest, access controls, and regular security reviews. No system is completely secure. Use of the Service is at your own risk. We will notify you of breaches as required by applicable law.
Payment Security: All payment processing is handled by Stripe, Inc., a PCI DSS Level 1 certified payment processor. Nearwise Health does not store, process, or transmit cardholder data.
Accessibility: Nearwise Health is committed to making its website and Service accessible to persons with disabilities. We strive to conform to WCAG 2.1 Level AA standards. Gloria’s voice-first interface is specifically designed to be accessible to users with limited digital literacy or visual impairment. If you encounter an accessibility barrier, please contact info@nearwise.xyz.
Section 7 — Care Recipient Independent Rights
Care Recipients may exercise the following rights independently, without Subscriber involvement, by contacting info@nearwise.xyz or replying STOP:
- Right to Know: what data has been collected about them
- Right to Access: a summary of the categories of Interaction Data collected and the general purposes for which it has been used
- Right to Delete: deletion of personal identifiers associated with their Interaction Data (name, phone number, and direct identifiers). Deletion requests are honored within 30 days and immediately terminate the Care Recipient’s Service.
- Right to Opt Out: withdraw consent from the Service at any time
- Right to Correct: correction of inaccurate data
We will respond within 30 days. A Care Recipient opt-out is honored immediately and cannot be overridden by the Subscriber.
Periodic Monitoring Reminder: Gloria will deliver a brief reminder to Care Recipients approximately every 90 days informing them that their conversations are summarized and shared with the Subscriber, and that they may opt out at any time.
Section 8 — Subscriber Privacy Rights / CCPA
Subscribers may access, correct, or delete account data by contacting us. California residents have additional rights under CPRA:
- Right to Know categories of personal information collected, sources, purposes, and third parties
- Right to Delete personal information
- Right to Correct inaccurate information
- Right to Opt-Out of Sale or Sharing — Nearwise Health does not sell personal information
- Right to Limit Use of Sensitive Personal Information
- Right to Non-Discrimination for exercising rights
Additional State Privacy Rights
Residents of Colorado, Virginia, Texas, Washington, Nevada, Florida, Montana, Iowa, Indiana, Tennessee, and other states may have additional privacy rights under their respective state laws. To exercise any right, contact info@nearwise.xyz. We will respond within 45 days.
Washington residents (MHMD): You have the right to confirm whether we collect consumer health data, access your consumer health data, withdraw consent, and have your consumer health data deleted. Nearwise Health does not sell consumer health data.
Section 9 — No Medical or Clinical Liability
Nearwise Health collects health-adjacent information through Gloria’s conversations. This data is used for wellness engagement and Subscriber reporting only. Nearwise Health does not use this data to provide medical advice, clinical monitoring, or diagnostic services. The full scope of our disclaimers is set forth in the Terms and Conditions, Section 12.
Section 10 — Data Ownership and Retention Rights
Nearwise Health owns all Service Data as defined in the Terms and Conditions. All raw call audio, transcripts, AI model inputs and outputs, interaction logs, metadata, and derived wellness data are the exclusive property of Nearwise Health.
Neither Subscribers nor Care Recipients have any right to access, receive, or demand raw Service Data in any form. Privacy rights described in Sections 7 and 8 do not extend to raw Service Data or underlying AI records.
Section 11 — Children’s Privacy
The Service is for adults 18+. We do not knowingly collect data from children under 13. We will delete any such data upon discovery.
Section 12 — HIPAA
Nearwise Health is not a HIPAA-covered entity. The Service does not provide HIPAA protections. Do not use the Service to communicate Protected Health Information.
Section 13 — Changes
We may update this Policy. Material changes will be posted with a new effective date. Continued use constitutes acceptance.
Contact: info@nearwise.xyz · nearwise.xyz