Privacy Notice
Effective July 2026 · DiggsCare ("the Service")
What we collect
Account details (name, email, phone), care activity you log (meals, fluids, bathroom events, vitals, medications, notes), appointments, and alert history. This is sensitive health information — treat every account password accordingly.
How it is used
Solely to coordinate care among the people the administrator invites: showing tasks and logs to authorized members, sending reminders and escalation alerts, and producing reports for administrators. We do not sell or share data with advertisers.
Who can see what
- Administrators & caretaker admins: everything, including reports.
- Caretakers: the assigned patient's tasks, logs, conditions, and care notes.
- The patient: their own tasks and logs — but not private care-team notes.
- Watchers / guests: calendar and broadcast alerts only. No health logs, ever.
About HIPAA
Used privately by a family, this Service is generally not a HIPAA "covered entity." We nonetheless follow HIPAA-inspired safeguards: role-based access, row-level database security, encrypted transport (TLS), and acknowledgement trails. If the Service is offered by or to a healthcare provider or other covered entity, a Business Associate Agreement and a HIPAA-compliant hosting tier are required first — contact the administrator before any such use.
Storage & deletion
Data is stored with our infrastructure providers (Supabase/PostgreSQL, Vercel) in the United States. Administrators may request account or data deletion at any time via the contact below.
Contact
The system administrator listed on your organization profile.