Privacy Policy

Introduction

Welcome to RITE, the Relationship Interaction Tracking Experience. Your privacy is important to us, and we are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when using our app.

By using RITE, you agree to the terms outlined in this policy.

1. Information We Collect

1.1 Personal Information:

• Account Information: When you create an account, we collect your name, email address, and password.
• Interaction Logs: Details of your logged interactions, including dates, times, and types of interactions.
• Therapist Data: If you choose to share data with a therapist, we collect the therapist’s name and contact information.

1.2 Non-Personal Information:

• Usage Data: Information about how you use the app, such as features accessed, session times, and device interactions.
• Device Information: Details about the device used, including model, operating system, and IP address.

1.3 Cookies and Tracking Technologies:

We use cookies and similar tracking technologies to collect data on app interactions and enhance the user experience.

2. How We Use Your Information

2.1 Personal Insights & AI Processing:

• Assessment data is used for personal insights, therapy assistance, AI model training, and psychological research.
• AI-generated insights do not replace professional advice and should be interpreted at the user’s discretion.

2.2 Data Security & Compliance:

• RITE follows industry-standard encryption practices to protect your personal information.
• While we take extensive security measures, no system is 100% secure, and users acknowledge data-sharing risks.

2.3 Communication & Notifications:

• We may send service updates, security alerts, and support messages.
• Users can opt out of marketing communications at any time.

3. Data Sharing & Third-Party Services

3.1 Therapist & Professional Sharing:

• Users may share assessment results with therapists at their discretion.
• Therapist data is stored as long as the user has an active account.

3.2 Third-Party Analytics & Marketing:

• We may use third-party analytics tools to understand app usage. No personally identifiable data is sold.
• RITE may use certain data for targeted advertising and promotional communications. Users can opt out via account settings.

3.3 Legal & Research Use:

• Data used for research will be anonymized and retained until the end of the study, after which it will be deleted.
• If required by law, we may disclose data to comply with legal obligations.

4. Data Retention & Deletion

4.1 Account & Data Deletion:

• If a user deletes their account, all personally identifiable data is deleted within 7 days.
• If data is being used for research, it will be anonymized and deleted after the study concludes.

4.2 Partial Data Deletion:

• Users can delete specific interaction logs at any time.
• Assessment results cannot be individually deleted unless the account is deleted.

5. Security & Breach Notification

5.1 Encryption & Protection:

RITE uses industry-standard encryption for storing user data, including therapist feedback.

5.2 Breach Notification Policy:

• In the event of a high-risk data breach, RITE will notify affected users within 72 hours.
• Lower-risk security incidents will be reported within 7 days.

6. HIPAA Compliance & PHI Handling

6.1 Business Associate Status:

RITE acts as a business associate under the Health Insurance Portability and Accountability Act (HIPAA) when therapists use the platform to store or process Protected Health Information (PHI).

6.2 Protected Health Information (PHI):

PHI includes any identifiable health-related information shared by therapists or users within the RITE platform.

6.3 Data Security Measures:

RITE follows industry-standard encryption protocols (AES-256 for data storage, TLS 1.2+ for transmission) and implements multi-factor authentication (MFA), access controls, and audit logging to protect PHI.

6.4 Business Associate Agreement (BAA):

Therapists must sign a BAA with RITE before accessing PHI-related features.

6.5 User Responsibility:

Users who choose to share PHI with a therapist through RITE do so at their own discretion.

6.6 Breach Notification:

In the event of an unauthorized PHI disclosure, RITE will notify affected users and regulators within 72 hours in accordance with HIPAA’s Breach Notification Rule.

7. International Compliance (GDPR & CCPA)

7.1 GDPR (EU Users):

• Users can access, correct, delete, or restrict processing of their data.
• Users may request data portability or withdraw consent for data processing.

7.2 CCPA (California Users):

• Users can request to know what personal data is collected, how it’s used, and request deletion.
• Users may opt out of data sharing for marketing purposes.

To exercise your rights, contact privacy@ritemobileappco.com.

8. Cross-Border Data Transfers

• RITE uses Amazon Web Services (AWS) cloud infrastructure, which may store and process data in multiple regions, including the U.S.
• By using RITE, you consent to cross-border data transfers in compliance with applicable privacy laws.

9. Children’s Privacy

9.1 Under 13 Policy:

Users under 13 are not permitted to use RITE. If discovered, their data will be immediately deleted.

9.2 Teenage Users (13–17):

• Parental or guardian consent is required for users aged 13–17 to create an account.
• Parents may request deletion of their child’s account by contacting privacy@ritemobileappco.com.

10. Changes to This Privacy Policy

We may update this policy periodically. Users will be notified of significant changes via the app or email.

11. Contact Us

If you have any questions or concerns about this privacy policy, please contact us at:

• Email: privacy@ritemobileappco.com
• Mail: RITE App, Privacy Office, Salt Lake City, UT 84121