Privacy Policy

Last updated: May 7, 2026

This Privacy Policy describes how Recallection (“we,” “our,” or “the Service”) collects, uses, shares, and protects personal information. Recallection is a multi-channel accountability and check-in service operated by Adam Gersh.

1. Roles

The Service is used by two kinds of people:

Caregivers — registered account holders who schedule check-ins.
Recipients — people whose phone numbers a Caregiver adds and who receive check-ins after consenting.

A Caregiver may also invite other Caregivers as Co-caregivers to share visibility and alert routing for a particular Recipient. See Section 6 for details on shared access.

2. Information we collect

From Caregivers, we collect:

Account information: email address, password (stored as a salted hash via bcrypt), name, display name, phone number, an optional uploaded profile photo, and your account preferences (timezone, notification settings).
Records of acceptance: the time you accepted these Terms and Privacy Policy, the time you attested to having permission for each Recipient you added, and any phone-verification timestamps.
Recipient list: the names, phone numbers, optional email addresses, and timezone of the Recipients you choose to add. Optional caregiver notes you record about each Recipient.
Check-ins: the message text, label, scheduled time, channel (SMS/voice/email), ack window, and an event history of delivery, response, escalation, and acknowledgment events.
Voice recordings: short audio clips you choose to record and upload for use in voice check-ins.
Medication lists: the names, doses, and times-of-day you record per Recipient (optional).
Push-notification subscriptions: when you opt into phone banner alerts, we store the browser-supplied endpoint URL and public encryption keys necessary to deliver notifications to your device. Each enrolled device has its own subscription record.
Backup-caregiver contact list: names, phone numbers, and emails of any backup contacts you configure for a Recipient.

From Recipients, we collect:

The phone number, optional email, and timezone a Caregiver provided.
Your consent decision (agreed, declined, or opted out) and the time of that decision.
Your responses to check-ins: button taps and SMS replies (e.g. 1, 2, YES, NO, STOP, HELP).
Optional free-text notes you choose to submit alongside your reply.
Optional photo or voice-note attachments you choose to add to your reply (e.g. a selfie, a brief audio clip). Attachments are stored only when you affirmatively choose to upload them.
Optional location data. If you tap “Share my location” on a check-in response page, your browser will request permission and, if you grant it, send us latitude/longitude coordinates with an accuracy radius. We forward this as a Google Maps link to your Caregiver and store the coordinates with the check-in record. We do not collect location passively or in the background — only at the moment you tap the button and grant permission.
A timestamp of when each message to you was delivered or attempted, and an audit log of acknowledgment / help / opt-out events tied to your phone number.

From everyone who visits the Service (including before signing in), our servers automatically record a basic access log for security, abuse prevention, and operational diagnostics: the time of the request, the page or resource requested, the response status, and your browser's user-agent and referring page. We do not store your raw IP address — only a salted, irreversible hash of it, which lets us count distinct visitors and detect abuse without retaining the address itself. These access logs are kept for a limited period (by default 30 days) and then automatically deleted.

3. How we use information

We use information solely to operate the Service:

To authenticate Caregivers and keep accounts secure.
To deliver scheduled check-ins, capture responses, and escalate to the Caregiver (and any Co-caregivers and configured backup-caregiver contacts) when a Recipient indicates they need help, shares their location, or does not respond within the configured window.
To deliver phone banner / push notifications to Caregivers who have explicitly enabled them on a particular device.
To honor opt-out requests and to maintain a record of consent for compliance with applicable law (TCPA, CTIA, COPPA, GDPR, CCPA, where applicable).
To compile per-Recipient adherence statistics (response rates, response times, streaks) for the Caregiver's own dashboard and printable summaries.
To investigate and prevent abuse of the Service.

We do not use your information for advertising, selling lead lists, third-party marketing, or any purpose outside the operation of the Service.

4. How we share information

We share information only with the service providers required to operate Recallection:

Twilio Inc. — to deliver SMS messages and voice calls. Twilio receives the Recipient phone number, the message body, and inbound replies. See Twilio's Privacy Policy.
Render Services Inc. — our application hosting provider.
Neon Inc. — our database provider.
Cloudflare, Inc. — for DNS, content delivery, web analytics, edge security, and (via Cloudflare R2) storage of uploaded media including profile photos, voice recordings, and any photo/voice-note attachments Recipients choose to send. See Cloudflare's Privacy Policy.
Resend / Amazon SES — to send verification emails, password resets, caregiver alerts, daily/weekly digest emails, and feedback notifications.
Anthropic, PBC — only when a Caregiver explicitly taps the “Suggest with AI” button while drafting a check-in. We send the Recipient's first name (no phone number, email, or other identifier), the Recipient's general kind (adult / child / elderly), an optional check-in label, and any draft text the Caregiver has typed. Anthropic returns a suggested message text. See Anthropic's Privacy Policy. AI suggestions are off by default and only fire on Caregiver action.

We do not sell, rent, share, or otherwise transfer personal information for marketing purposes. We may disclose information if required by law, valid legal process, or to protect the rights, property, or safety of Recallection, our users, or the public.

Mobile opt-in and SMS consent data are never shared with third parties or affiliates for marketing or promotional purposes. Phone numbers, SMS opt-in checkbox events, and consent records collected as part of the SMS opt-in process are used solely to deliver the Service. Recipient phone numbers and message bodies are shared only with Twilio (our SMS delivery provider, listed above) for the sole purpose of transmitting the check-ins the Caregiver has scheduled. No mobile information collected for opt-in is sold or rented under any circumstances.

5. Cookies and similar technologies

We use a small number of strictly functional cookies required for the Service to operate. We do not use advertising, analytics, or tracking cookies.

rc_session — your authenticated session token after sign-in. Set HttpOnly and Secure; expires when your session ends or you sign out.
rc_gate — a closed-beta access cookie issued after you enter a valid invite code on the gate page (when the Service is in invite-only mode). Same security flags as above.

Our hosting and DNS providers (Cloudflare, Render) may also issue infrastructure-level cookies for security and load balancing; these are described in their privacy policies linked above.

6. Caregiver representations regarding Recipients

When a Caregiver adds a Recipient, the Caregiver is required to attest that they have the Recipient's permission to send them automated check-in messages, or that they have legal authority to consent on the Recipient's behalf (e.g. as the parent of a minor under 13). The Caregiver — not Recallection — is responsible for the accuracy of that attestation.

A Caregiver may also invite another Caregiver (a “Co-caregiver”) by email to share access to a Recipient. Once a Co-caregiver accepts the invitation, they receive the same alerts the original Caregiver receives (help requests, no-response timeouts, location shares, banner notifications) on their own contact channels. Co-caregivers can be granted “view” (read-only) or “full” (edit + schedule) roles. The original Caregiver may revoke a Co-caregiver's access at any time.

7. Children's privacy

Where a Recipient is a minor under the age of 13, the Caregiver must be the parent or legal guardian and must provide consent in compliance with the Children's Online Privacy Protection Act (COPPA). We do not knowingly collect personal information from a child under 13 outside of this Caregiver-mediated arrangement. If you believe we have inadvertently collected information from a child under 13 without proper consent, please contact us and we will delete it.

8. Recipient opt-out

A Recipient may opt out of check-ins at any time by replying STOP, CANCEL, UNSUBSCRIBE, END, or QUIT to any SMS we send. Opt-out is honored across the entire Service for that phone number. Recipients can reply HELP at any time for program information. Opt-outs take effect immediately, and the Caregiver is notified.

9. Message frequency & charges

Recipients receive only the check-ins their Caregiver schedules. Frequency varies based on the Caregiver's schedule (typically 1–3 messages per day during configured hours). Standard message and data rates may apply based on the Recipient's mobile carrier plan. Recallection does not charge Recipients to receive messages.

10. Data retention

Account information, recipient lists, check-ins, response history, attachments, and consent records are retained as long as the Caregiver's account is active. Consent records (agree/decline/opt-out events) are retained for a reasonable period after account closure to demonstrate compliance with applicable laws. Location coordinates are retained alongside the check-in record they were attached to. To request deletion of your account and all associated data, contact us at the address below; we will complete the deletion within 30 days (subject to limited retention required for legal compliance).

11. Security

We use HTTPS for all connections, hash passwords with bcrypt, validate inbound webhook signatures from Twilio, sign push notifications with VAPID keys, store secrets in an encrypted secrets manager, and limit access to the production database. No system is perfectly secure, but we take commercially reasonable steps to safeguard your data and respond promptly to any incident.

Operator access is limited and audited. Your account’s individual data is not browsed casually. When an operator needs to look up your account to resolve a support issue (for example, “my reminder didn’t send”), that lookup is recorded in your own security history (Profile → Tools → Sessions & security), showing that your account was viewed and when. Aggregate, non-identifying statistics (such as total messages sent or overall response rates) may be reviewed to operate and improve the Service.

12. International users

The Service is operated from the United States. If you access the Service from outside the U.S., you understand and consent to the transfer and processing of your information in the U.S., which may not have data-protection laws equivalent to those in your jurisdiction.

13. California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act and the California Privacy Rights Act give you the following rights, which we honor:

Right to know. You can request a copy of the personal information we hold about you, the categories of sources, and the categories of third parties with whom we share it.
Right to delete. You can request that we delete your personal information, subject to limited legal exceptions.
Right to correct. You can request correction of inaccurate personal information we hold.
Right to opt out of sale or sharing. We do not sell or share personal information for cross-context behavioral advertising. There is nothing for you to opt out of.
Right to non-discrimination. We will not discriminate against you for exercising any of these rights.

To exercise any of these rights, email us at the address in Section 16. We will verify your identity (typically by confirming you control the email address on the account) before fulfilling the request.

14. European Economic Area / UK residents (GDPR / UK GDPR)

If you are in the EEA, the United Kingdom, or Switzerland, the General Data Protection Regulation (or its UK equivalent) gives you these rights:

Access to a copy of your personal data.
Rectification of inaccurate or incomplete data.
Erasure (the “right to be forgotten”), subject to limited exceptions.
Restriction of processing in certain circumstances.
Data portability — receive your data in a structured, machine-readable format.
Objection to processing based on legitimate interests.
Withdrawal of consent at any time, where processing is based on consent.
Right to lodge a complaint with your local supervisory authority.

The legal bases on which we rely:

Consent — for sending SMS check-ins to Recipients (recipient opt-in via reply YES) and for sending push notifications to Caregiver devices (per-device opt-in).
Contract — for operating the Caregiver account and delivering scheduled check-ins.
Legitimate interests — for fraud prevention, security, abuse mitigation, and service improvement.
Legal obligation — for retaining consent records as required by TCPA, CTIA, and other applicable laws.

15. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date reflects the most recent version. For material changes, we will give Caregivers reasonable notice via email or an in-app banner.

16. Contact

Questions or data requests:

Adam Gersh
Recallection
1391 Harbor Drive
Sarasota, FL 34239
United States
Email: [email protected]

← Back to app

Have a question about how Recallection works? Email [email protected]. For privacy or data requests, use the contact above.