Privacy Policy
We handle your family's health information with care. This policy explains exactly what we collect, how we use it, and what you can control — in plain English.
⚠️ Closed Beta Notice
SteadyWith is currently in invite-only closed beta. We are not HIPAA-compliant and do not have Business Associate Agreements (BAAs) with our AI providers. Please do not use SteadyWith as your sole system of record for critical medical decisions. We are working toward HIPAA compliance for our general launch.
1. What We Collect
Information you provide
- Your name and email address
- Your relationship to the person you're caring for (e.g., "daughter," "son")
- Health documents you upload (lab results, doctor notes, discharge summaries, etc.)
- Notes and observations you enter about your parent's health
- Care team information you add (doctor names, contact info)
Usage data we collect automatically
- How you interact with the app (pages visited, features used)
- Browser type, operating system, and IP address
- Error logs to help us fix bugs
What we do NOT collect
- Social Security numbers
- Insurance IDs or policy numbers
- Financial or payment information (we don't charge during beta)
- Location data beyond what's in your IP address
2. How We Use Your Information
- To provide the service: organizing documents, generating summaries, building timelines
- AI processing: When you upload a document or ask for a summary, that content is sent to Anthropic's AI (Claude) for processing. Anthropic has its own privacy policy. During closed beta, we do not have a BAA with Anthropic — please be aware of this limitation.
- To improve the product: anonymized usage patterns help us prioritize features
- To communicate with you: service updates, important notices, and your requested notifications
3. Where Your Data Is Stored
Your data is stored in Supabase, a US-based database provider, on servers located in the United States. Documents you upload are stored in Supabase's encrypted object storage.
We use Vercel to host the application. Vercel may process request data briefly as part of serving the web application.
4. Who We Share Your Data With
We never sell your data. Ever. Your information is not a product. Here's exactly who may have access:
- Anthropic AI: receives document content for AI processing (see beta notice above)
- Supabase: stores your data as our database provider
- Vercel: hosts the web application
- Family members you invite: only people you explicitly invite can see your data
- Legal requirements: we may disclose data if required by law or to prevent serious harm
5. Your Rights & Data Deletion
You are in control of your data. You can request deletion at any time:
- Go to Account Settings → Delete My Data in the app
- Or email us at privacy@steadywith.com
See our Data Retention Policy for full details on how long we keep data and our deletion timelines.
6. Security
We use industry-standard security practices: encrypted connections (HTTPS), encrypted storage, and access controls. That said, no online service can guarantee 100% security.
If we ever discover a security incident affecting your data, we will notify you promptly. See our Breach Notification Procedure for details.
7. Children's Privacy
SteadyWith is not intended for anyone under 18. We do not knowingly collect data from minors. If you believe we have, please contact us immediately.
8. Changes to This Policy
We'll notify you by email of any material changes to this policy. The version stamp at the top of this page will update when we make changes. Continued use of the service after changes means you accept the updated policy.
9. Contact Us
Questions about privacy? We're a small team and we actually read these emails.