Privacy Policy

Last updated: May 2, 2026

This Privacy Policy describes how Recallection (“we,” “our,” or “the Service”) collects, uses, shares, and protects personal information. Recallection is a multi-channel accountability and check-in service operated by Adam Gersh.

1. Roles

The Service is used by two kinds of people:

• Caregivers — registered account holders who schedule check-ins.
• Recipients — people whose phone numbers a Caregiver adds and who receive check-ins after consenting.

2. Information we collect

From Caregivers, we collect:

• Account information: email address, password (stored as a salted hash via bcrypt), name, display name, phone number, and an optional uploaded photo.
• Records of acceptance: the time you accepted these Terms and Privacy Policy, and the time you attested to having permission for each Recipient you added.
• Recipient list: the names and phone numbers you choose to add.
• Check-ins: the message text, scheduled time, ack window, and an event history of delivery, response, and escalation events.

From Recipients, we collect:

• The phone number a Caregiver provided.
• Your consent decision (agreed, declined, or opted out) and the time of that decision.
• Your responses to check-ins (button taps and SMS replies such as 1, 2, YES, NO, STOP, HELP).
• A timestamp of when each message was delivered or attempted.

3. How we use information

We use information solely to operate the Service:

• To authenticate Caregivers and keep accounts secure.
• To deliver scheduled check-ins, capture responses, and escalate to the Caregiver when a Recipient indicates they need help or does not respond within the configured window.
• To honor opt-out requests and to maintain a record of consent for compliance with applicable law.
• To investigate and prevent abuse of the Service.

We do not use your information for marketing, advertising, profiling, or any purpose outside the operation of the Service.

4. How we share information

We share information only with the service providers required to operate Recallection:

• Twilio Inc. — to deliver SMS messages and (in the future) voice calls. Twilio receives the Recipient phone number, the message body, and inbound replies. See Twilio's Privacy Policy.
• Render Services Inc. — our hosting provider.
• Neon Inc. — our database provider.
• SMTP / email provider — to send verification emails, password resets, and caregiver alerts.

We do not sell, rent, or share personal information with third parties for marketing purposes. We may disclose information if required by law, valid legal process, or to protect the rights, property, or safety of Recallection, our users, or the public.

5. Caregiver representations regarding Recipients

When a Caregiver adds a Recipient, the Caregiver is required to attest that they have the Recipient's permission to send them automated check-in messages, or that they have legal authority to consent on the Recipient's behalf (e.g. as the parent of a minor under 13). The Caregiver — not Recallection — is responsible for the accuracy of that attestation.

6. Children's privacy

Where a Recipient is a minor under the age of 13, the Caregiver must be the parent or legal guardian and must provide consent in compliance with the Children's Online Privacy Protection Act (COPPA). We do not knowingly collect personal information from a child under 13 outside of this Caregiver-mediated arrangement. If you believe we have inadvertently collected information from a child under 13 without proper consent, please contact us and we will delete it.

7. Recipient opt-out

A Recipient may opt out of check-ins at any time by replying STOP, CANCEL, UNSUBSCRIBE, END, or QUIT to any SMS we send. Opt-out is honored across the entire Service for that phone number. Recipients can reply HELP at any time for program information.

8. Message frequency & charges

Recipients receive only the check-ins their Caregiver schedules. Frequency varies. Standard message and data rates may apply based on the Recipient's mobile carrier plan. Recallection does not charge Recipients to receive messages.

9. Data retention

Account information, recipient lists, check-ins, response history, and consent records are retained as long as the Caregiver's account is active. Consent records (agree/decline/opt-out events) are retained for a reasonable period after account closure to demonstrate compliance with applicable laws. To request deletion of your account and all associated data, contact us at the address below.

10. Security

We use HTTPS for all connections, hash passwords with bcrypt, validate inbound webhook signatures from Twilio, and limit access to the production database. No system is perfectly secure, but we take commercially reasonable steps to safeguard your data.

11. International users

The Service is operated from the United States. If you access the Service from outside the U.S., you understand and consent to the transfer and processing of your information in the U.S., which may not have data-protection laws equivalent to those in your jurisdiction.

12. Your rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict the processing of your personal information. To exercise these rights, contact us at the address below.

13. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date reflects the most recent version.

14. Contact

Questions or data requests: adam.s.gersh@gmail.com

© 2026 Recallection. All rights reserved.