Privacy Policy

Last updated: February 12, 2026

StaySafe Technologies ("we", "us", "our") operates the AreUAlive mobile application ("App"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our App and website.

1. Information We Collect

1.1 Information You Provide

Data Type	Purpose	Required
Email address	Account creation, login, communication	Yes
Display name	Identification in alerts sent to your contacts	Yes
Phone number	Account verification via OTP, contact identification	Yes
Password	Account authentication (stored as SHA-256 hash)	Yes
Gender	User profile (optional demographic)	No
Date of birth	User profile (optional demographic)	No
Address	User profile (optional)	No
Emergency contact details	Names, phone numbers, emails, and relationships of your emergency contacts	No (but needed for alerts)
Custom alert message	Personalized message sent to contacts during emergencies	No

1.2 Information Collected Automatically

Data Type	Purpose	When Collected
Device location (GPS)	Shared with emergency contacts during alerts (if enabled)	When location sharing is enabled by user
Check-in timestamps	Timer functionality and alert triggering	Each time user taps "I'M ALIVE"
Alert history	Record of triggered alerts for user reference	When alerts are sent
App settings/preferences	Timer duration, alert preferences, feature toggles	When user changes settings
Accelerometer data	Shake detection for emergency triggering (Pro feature)	When shake detection is enabled, processed on-device only

1.3 Information from Third Parties

If you sign in using a third-party authentication provider (e.g., Google, Facebook), we receive your email address and display name from that provider. We do not receive or store your third-party passwords.

2. How We Use Your Information

We use your personal information for the following purposes:

• Core Service: Operating the check-in timer and sending emergency alerts to your designated contacts when the timer expires.
• Account Management: Creating and managing your account, authenticating your identity, and verifying your phone number.
• Communication: Sending OTP codes for phone verification, subscription-related notifications, and service updates.
• Emergency Alerts: Transmitting SMS, WhatsApp messages, voice calls, email alerts, and push notifications to your emergency contacts on your behalf.
• Location Sharing: Including your last known location in emergency alerts (only when you have explicitly enabled location sharing).
• Payment Processing: Facilitating subscription purchases and managing billing through our payment processor.
• Service Improvement: Analyzing usage patterns to improve the App's reliability and features.

3. How We Share Your Information

3.1 Emergency Contacts

When an alert is triggered, the following information may be shared with your emergency contacts:

• Your display name
• Your custom alert message
• Your last known location (if location sharing is enabled)
• Your phone number (in ntfy alerts)
• The type and time of the alert

3.2 Service Providers

We share information with the following third-party service providers who help us operate the App:

Provider	Purpose	Data Shared
Twilio	SMS delivery, voice calls, WhatsApp messaging, OTP verification	Contact phone numbers, alert messages, your phone number
Paddle (Merchant of Record)	Payment processing, billing, tax collection, invoicing	Email address, payment information (handled directly by Paddle)
ntfy	Push notification delivery	Alert content, user display name

Each service provider processes data in accordance with their own privacy policies and applicable data protection laws.

3.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of StaySafe Technologies, our users, or the public.

3.4 No Sale of Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Data Storage and Security

4.1 Storage

Your data is stored in a PostgreSQL database hosted on secure cloud infrastructure. Local device storage (AsyncStorage) is used for caching preferences and session data on your device.

4.2 Security Measures

• Passwords are hashed using SHA-256 before storage (never stored in plaintext).
• All data transmission uses HTTPS/TLS encryption.
• API keys and secrets are stored as encrypted environment variables.
• Biometric authentication (Face ID/Fingerprint) is available as an additional security layer.
• OTP codes expire after a set time period and are single-use.
• ntfy topic IDs are unique 32-character alphanumeric strings for privacy.

4.3 Data Retention

We retain your data for as long as your account is active. Alert logs are retained indefinitely for your reference. If you delete your account, all personal data including emergency contacts, settings, and alert history will be permanently deleted from our servers.

5. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your account and personal data.
• Portability: Request your data in a structured, machine-readable format.
• Restriction: Request restriction of processing of your data.
• Objection: Object to processing of your data for certain purposes.
• Withdraw Consent: Withdraw previously given consent at any time.

To exercise any of these rights, contact us at are.u.alive1@gmail.com.

6. GDPR Compliance (European Users)

For users in the European Economic Area (EEA), we process your personal data under the following legal bases:

• Contract Performance: Processing necessary to provide the App's services (timer, alerts, account management).
• Consent: For optional features like location sharing, shake detection, and biometric authentication.
• Legitimate Interest: For service improvement and security measures.

Our payment processor Paddle, as the Merchant of Record, is independently responsible for GDPR compliance regarding payment data processing.

7. Children's Privacy

The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information promptly.

8. Device Permissions

The App may request the following device permissions:

• Location: To share your location with emergency contacts during alerts. You can enable or disable this at any time.
• Contacts: To import emergency contacts from your device's address book. Contact data is only used locally for convenience and not uploaded to our servers unless you explicitly save them as emergency contacts.
• Notifications: To send you timer reminders and alert confirmations.
• Biometric Authentication: To secure app access with Face ID or fingerprint. Biometric data is processed entirely on your device and is never transmitted to our servers.
• Accelerometer: For shake detection to trigger emergency alerts. Sensor data is processed entirely on your device.

9. Third-Party Links

The App may contain links to third-party websites or services (e.g., ntfy.sh, Paddle checkout). We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

10. International Data Transfers

Your data may be processed in countries other than your country of residence. We ensure that adequate data protection measures are in place for any international transfers, in compliance with applicable data protection laws including GDPR.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or via email. Your continued use of the App after changes are posted constitutes acceptance of the updated Privacy Policy.

12. Data Protection Officer

For privacy-related inquiries or to exercise your data protection rights, please contact us:

Email: are.u.alive1@gmail.com

StaySafe Technologies

13. Cookie Policy

Our website and checkout pages may use essential cookies for session management and checkout functionality. We do not use advertising or tracking cookies. Third-party services (Paddle) may set their own cookies during the checkout process, governed by their respective privacy policies.