← Back to Home
Privacy Policy
Last Updated: January 2026
Privacy-First Design: WellCheck stores the absolute minimum data needed to provide automated emergency alerts. Your personal information (names, photos, settings) stays on your device.
No Backend Accounts: We don't create user accounts or store any identifying information beyond what's required for SMS consent and delivery.
Data Stored on Your Device (Local Only)
The following data never leaves your iPhone:
- Contact photos
- Check-in history and app settings
- Alarm schedules and preferences
- App customization preferences
Minimal Backend Storage (Required for SMS)
To send automated emergency SMS alerts, WellCheck stores minimal data on secure servers:
- Emergency contact phone numbers (to deliver SMS)
- Opt-out records (phone numbers that opted out - legal requirement)
- Device push tokens (to notify you if a contact opts out)
What we DON'T store:
- Contact photos
- Device identifiers beyond push tokens
- Usage patterns or analytics
- Location data
- Anything else
Data Stored for SMS Consent Management
To manage email consent requests for SMS alerts, we temporarily store:
- Contact email addresses (to send consent requests)
- Contact names (to personalize consent emails)
- Your full name (displayed in consent requests)
- Consent status (pending/confirmed/rejected/expired)
- Emergency notes (optional custom message included in SMS alerts)
- Phone numbers (only after consent is accepted)
Retention:
- Pending requests: Deleted after 7 days if no response
- Accepted/rejected: Stored permanently for compliance
- Email addresses: Deleted after consent processed (not used for marketing)
- Emergency notes: Stored while contact is active, deleted when contact removed
Why Backend Storage is Necessary
iOS Limitation: Apple doesn't allow apps to send automated SMS messages from your device. To provide emergency alerts, we must use a third-party SMS service (Twilio).
Legal Requirement: US law (TCPA) requires us to collect explicit consent before sending SMS messages and to permanently honor opt-out requests.
Third-Party Services
SendGrid (Email Delivery): Used to send consent request emails to your contacts. SendGrid processes email addresses and names but does not store or use this data for any other purpose.
Twilio (SMS Delivery): Used only to send emergency alerts to contacts who have explicitly consented. Twilio processes phone numbers and message content but does not store or use this data for any other purpose.
Firebase (Minimal Storage): Google's Firebase securely stores phone numbers, consent records, and opt-out records. Data is encrypted in transit and at rest.
No Analytics or Tracking: We don't use analytics services, advertising networks, or any tracking tools.
Permissions Required
Contacts: To select trusted adults from your existing contacts
Photos (Optional): To choose custom photos for contacts
Notifications: For check-in reminders and emergency alerts
You can manage permissions in: Settings → Privacy → WellCheck
Your Data Rights
- View stored data: Contact support@wellcheckapp.com
- Remove your data: Delete the WellCheck app to remove all local data
- Remove backend data: Contact support to delete consent records and phone numbers
- Opt-out: Any contact can reply STOP to opt out of alerts or decline the email consent request
Data Security
- All network communication uses HTTPS encryption
- Backend data is encrypted at rest on Firebase servers
- Email delivery uses TLS encryption via SendGrid
- No employee access to user data
- Regular security audits
Children's Privacy
WellCheck can be used by children for emergency calling but must be set up by an adult. No personal information about children is collected or stored on our servers.
Data Retention
- Email addresses: Stored during consent process (up to 7 days), then deleted
- Phone numbers: Stored while actively used for SMS delivery
- Consent records: Stored permanently (compliance requirement)
- Opt-out records: Stored permanently (legal requirement)
- Emergency notes: Stored while contact is active, deleted when contact removed
Your Choices
If you prefer complete privacy with no backend storage, you can:
- Use WellCheck without SMS alerts (emergency calling still works)
- Don't add emergency notes (keep them on your device only)
Changes to This Policy
We'll notify you of any significant changes through the app and update the "Last Updated" date above.
Contact Us
Questions about privacy? Email: support@wellcheckapp.com
By using WellCheck, you agree to this privacy policy.
This policy complies with Apple App Store requirements, COPPA, CCPA, GDPR, and TCPA.