Privacy Policy

Account Information

We collect minimal information required to provide the emergency communication service: your email address (for authentication and service notifications), display name (optional), and phone number (optional, for SMS alerts). We follow a data minimization principle, collecting only what is essential for service operation.

Emergency Contact Information

You provide emergency contact details (names, emails, phone numbers) for individuals who should be notified in emergency situations. You are responsible for obtaining consent from these contacts before adding them to the system. Contact information is encrypted using industry-standard client-side encryption before being stored.

Location Data

Location data is collected ONLY when you explicitly enable location-based safety protocols. This includes GPS coordinates, accuracy information, and timestamps. Location data is only shared with your emergency contacts when a protocol triggers.

Usage Data & Protocol History

We collect protocol creation times, check-in confirmations, missed check-ins, and protocol completion status to provide the service functionality. This data is retained and shown in your history page. Anonymous analytics may be collected to improve service quality.

Security Events & Logs

We log security events including login attempts, PIN verification attempts, suspicious activity, and rate limit events to protect your account. Security logs are retained for a minimum of 90 days for security analysis and fraud prevention. IP addresses and user agents may be logged for security purposes.

File Metadata

When you upload files to emergency packages, we store file metadata (filename, size, upload timestamp, content type). File contents are fully encrypted using zero-knowledge encryption before storage. We cannot access your file contents without your PIN. Files linked to completed protocols are deleted after 30 days.

Primary Purpose: Emergency Communication Service

Your data is used to provide the core emergency communication functionality: sending alerts to your emergency contacts when safety protocols trigger, managing check-in schedules, location tracking (when enabled), heartbeat monitoring, and escalation workflows. This is the fundamental purpose of the service.

Security Monitoring & Rate Limiting

We monitor login attempts, PIN verification attempts, and suspicious activity patterns to protect your account from unauthorized access. Rate limiting prevents brute-force attacks on emergency PINs. Security logs help us identify and respond to potential threats quickly.

Service Improvement & Bug Fixes

Anonymous, aggregated analytics help us understand how the service is used and identify areas for improvement. We analyze protocol completion rates, feature usage patterns, and error logs to fix bugs and enhance reliability.

Legal Compliance & Law Enforcement

We may disclose information when required by law, court order, or legal process. In exceptional cases involving imminent danger to life, we may cooperate with law enforcement. We will notify you of legal requests unless prohibited by law.

Service Communications (No Marketing)

We send essential service notifications (protocol reminders, security alerts, service updates, billing information). We do NOT send marketing emails without your explicit opt-in consent. You can manage notification preferences in your account settings.

Client-Side Encryption (Zero-Knowledge Architecture)

All sensitive data (emergency messages, contact information, file contents, encrypted links) is encrypted on your device BEFORE transmission to our servers using industry-standard client-side encryption. We implemented a zero-knowledge architecture: we cannot access your encrypted data without your PIN. This provides maximum privacy protection.

Military-Grade Encryption Standards

We use bank-level encryption standards with modern cryptographic algorithms. All data is encrypted at rest and in transit (TLS/HTTPS). Encryption keys are derived from your PIN using secure cryptographic key derivation functions.

PIN Security & Hashing

Your PIN is never stored in plain text. It is hashed using secure one-way cryptographic functions, making it computationally hard to reverse. Emergency contact PINs are also hashed for protection. Rate limiting prevents brute-force attacks. If you lose your PIN, encrypted data cannot be recovered (zero-knowledge architecture).

Access Controls & Internal Policies

We maintain strict internal access policies. Access to production systems is limited to essential personnel only. All administrative actions are logged. Database access is controlled via role-based permissions.

Secure Infrastructure

Data is stored on Supabase secure cloud infrastructure with regular automated backups, geographic redundancy, and industry-standard security certifications. All network communications use TLS/HTTPS encryption. Our infrastructure providers maintain SOC 2 compliance.

Emergency Contacts (Only When Protocols Trigger)

Your emergency information is shared with your designated emergency contacts ONLY when a safety protocol triggers (missed check-in, location confirmation failure, heartbeat timeout, manual alert). This is the core functionality you explicitly configured. Your contacts receive decrypted information using their emergency PINs.

Service Providers (Strict Minimum)

We use trusted third-party service providers to deliver the service: Supabase (database and hosting),Resend (email delivery), Stripe (payment processing), Mapbox (mapping services),Vercel (deployment), and GitHub (code repository). These providers have limited access to data necessary for their services only. They are bound by strict confidentiality agreements.

Legal Requirements & Law Enforcement

We may disclose information when required by valid legal process (court orders, subpoenas, search warrants) or to comply with applicable laws. In exceptional cases involving imminent danger to life or serious crimes, we may cooperate with law enforcement. We will notify you of legal requests unless prohibited by law or court order.

Business Transfers

If Aegis Mark 1 is acquired, merged, or sells assets, your information may be transferred to the new entity. We will notify you via email at least 30 days before any such transfer. You will have the right to delete your account before the transfer if you choose.

We NEVER Sell Your Data

We do NOT sell, rent, or share your personal information with third parties for marketing or advertising purposes. Your emergency communication data is not a commodity. We do NOT participate in data brokerage or advertising networks.

Under GDPR (European Union) and CCPA (California) data protection laws, you have comprehensive rights regarding your personal information. These rights apply regardless of your location:

To exercise any of these rights, contact us at legal@safety-checkpoint.com. We will respond within 30 days (GDPR requirement) or 45 days (CCPA requirement).

Active Data

Data associated with your active account (profile, contacts, active protocols) is retained for as long as your account remains active. You can delete your account at any time.

Completed Missions

Protocol data for completed missions is retained for 30 days after completion, then automatically deleted. This includes mission details, check-in history, and associated encrypted files.

Email History

Email delivery logs and history are retained for 90 days for troubleshooting and service quality purposes, then automatically deleted.

Security Logs

Security event logs (login attempts, PIN verifications, suspicious activity) are retained for a minimum of 90 days for security analysis and fraud prevention. Critical security incidents may be retained longer.

Soft-Deleted Contacts

When you delete a contact, it is soft-deleted and retained for 30 days in case of accidental deletion. After 30 days, the contact is permanently and irreversibly deleted from all systems.

Deleted Accounts

Account deletion is immediate and permanent. Once you confirm deletion and verify your PIN, all your data (contacts, missions, files, settings) is permanently deleted from our systems. This action cannot be undone. We recommend exporting your data before proceeding. Note: Due to standard database backup retention policies, copies of your data may persist in encrypted backups for up to 90 days before automatic expiration.

Legal Holds

If data is subject to legal holds, court orders, or ongoing investigations, retention periods may be extended as required by law. We will notify you if this applies to your data.

Billing Records

Subscription and payment records may be retained longer for tax compliance and dispute resolution purposes, as required by French and EU financial regulations.

Essential Cookies

We use essential cookies for session management, authentication, and security. These cookies are necessary for the service to function and cannot be disabled without breaking core functionality.

Analytics

We use Vercel Speed Insights to collect anonymous technical performance data (page load speeds, navigation timing, Core Web Vitals). This monitoring is essential for maintaining service quality and reliability. The data collected is fully anonymized and contains no personally identifiable information. Performance monitoring is not based on cookies and cannot currently be disabled.

No Third-Party Advertising Cookies

We do NOT use third-party advertising cookies or tracking pixels for marketing purposes. We do NOT participate in ad networks or retargeting campaigns.

Data Storage Locations

Your data is stored on Supabase cloud infrastructure. Supabase operates data centers in multiple geographic regions. Data may be stored in EU regions or other regions depending on service configuration.

EU-US Data Transfers

Your data is stored in secure data centers located in Paris, France (European Union) through Supabase infrastructure. Some service providers process data outside the EU: - Stripe (payment processing) - United States - Resend (email delivery) - United States - Mapbox (mapping services) - United States When data is transferred to the United States or other non-EU countries, our service providers use Standard Contractual Clauses (SCCs) or rely on adequacy decisions approved by the European Commission to ensure GDPR-compliant data protection.

Global Protection Standards

Regardless of where data is stored, we apply the same high security and encryption standards globally. Your data receives the same protection whether stored in EU, US, or other regions.

Age Requirement

CheckPoint is intended for users aged 16 years or older. We do not knowingly collect personal information from individuals under 16 years of age without verifiable parental consent.

Parental Notification

If we become aware that we have collected personal information from a user under 16 without proper consent, we will take steps to delete that information immediately. Parents or guardians can contact us to request deletion of a minor's data.

How to Report

If you believe a user under 16 has created an account without parental consent, please contact us immediately at legal@safety-checkpoint.com.

Notification of Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service features. We will notify you via email at least 30 days before any material changes take effect.

Continued Use Constitutes Acceptance

Continued use of CheckPoint after receiving notice of Privacy Policy changes constitutes your acceptance of the updated policy. If you disagree with changes, you may delete your account before the changes take effect.

Material Changes May Require Explicit Consent

For significant changes that materially affect your rights or how we process sensitive data, we may require explicit consent before the changes apply to you.