How HelloRemind Keeps Your Family's Data Safe and Private

When you trust a service with information about your loved one’s medications, health routines, and daily activities, you deserve complete transparency about how that data is protected.

At HelloRemind, privacy and security aren’t afterthoughts—they’re built into every aspect of our service. Here’s exactly how we keep your family’s information safe.

What Information We Collect

We believe in radical transparency. Here’s everything we collect and why:

Information You Provide

Account Information:

• Your name and email address
• Phone number (optional, for account security)
• Payment information (processed securely through Stripe—we never see your full credit card number)

Recipient Information:

• Name of the person receiving reminders
• Their phone number
• Reminder schedules and messages

Why we need this: To deliver reminders to the right person at the right time and to communicate with you about your account.

Information We Automatically Collect

Service Usage Data:

• When reminder calls are delivered
• Whether calls are answered or go to voicemail
• How long calls last
• Which reminders are active or paused

Technical Information:

• IP address and browser type (for security)
• Device information (to optimize the user experience)
• Log data (for troubleshooting and system monitoring)

Why we need this: To ensure reminders are delivered reliably, troubleshoot problems, and improve our service.

What We DON’T Collect

We deliberately avoid collecting:

• Social Security numbers
• Detailed medical records or diagnoses
• Precise location data beyond timezone for scheduling
• Audio recordings of reminder calls (we deliver pre-scheduled messages but don’t record responses)
• Browsing history outside of our service

We follow the principle of data minimization: if we don’t need it, we don’t collect it.

How We Protect Your Data

Encryption Everywhere

Data in Transit: All data transmitted between your device and our servers uses TLS 1.3 encryption—the same technology banks use to protect financial transactions.

Data at Rest: All data stored on our servers is encrypted using AES-256 encryption, the gold standard in data protection.

What this means: Even if someone intercepted data in transit or gained access to our servers (both highly unlikely), your information would be unreadable without the encryption keys.

Industry-Standard Security Practices

We implement comprehensive security measures to protect your family’s information:

Security layers:

• Administrative safeguards (policies, training, access controls)
• Physical safeguards (secure data centers, access restrictions)
• Technical safeguards (encryption, authentication, audit trails)
• Secure agreements with all vendors who handle data

Regular security audits: Our security practices are regularly reviewed by third-party security professionals.

Secure Infrastructure

Cloud Hosting: We use enterprise-grade cloud infrastructure with:

• 99.9% uptime guarantees
• Geographic redundancy (your data is backed up in multiple locations)
• 24/7 security monitoring
• Regular security patches and updates

Network Security:

• Firewalls and intrusion detection systems
• DDoS protection
• Regular penetration testing by security professionals

Access Controls:

• Multi-factor authentication for all employee accounts
• Role-based access (employees only see data necessary for their job)
• Audit logs of every access to customer data
• Background checks for all employees with data access

Payment Security

We use Stripe, a PCI DSS Level 1 certified payment processor (the highest security standard).

What this means:

• Your credit card information never touches our servers
• Stripe handles all payment data according to banking industry standards
• We only store a tokenized reference to your payment method

How We Use Your Data

We use your information only for purposes that directly benefit you:

Primary Uses

1. Deliver reminder calls: Schedule and execute reminder calls to your loved one
2. Send notifications: Alert you when reminders are delivered or missed
3. Customer support: Help you troubleshoot issues or answer questions
4. Billing: Process payments and send receipts
5. Service improvements: Analyze usage patterns to improve reliability and features

What We DON’T Do

We NEVER:

• Sell your data to third parties
• Share your information with advertisers
• Use your data to train AI models
• Send marketing emails to reminder recipients
• Share information with anyone without your explicit consent (except as required by law)

Your Privacy Rights

You have complete control over your data:

Access and Portability

• View your data: Access all information we have about you at any time
• Export your data: Download your information in a standard format
• Update information: Correct or modify any information we have

Deletion

• Delete specific reminders: Remove individual reminders without affecting others
• Delete recipient data: Remove a recipient from your account
• Delete your entire account: Permanently delete all your data from our systems

When you delete your account:

• All reminders immediately stop
• Your data is permanently removed from our active systems within 30 days
• Backup copies are deleted according to our retention schedule (typically 90 days)

Communication Preferences

• Control notifications: Choose how and when you receive alerts
• Opt out of marketing: Unsubscribe from promotional emails (service-critical emails will still be sent)
• Communication method: Choose email, SMS, or both for notifications

Data Retention

We keep your data only as long as necessary:

• Active accounts: Data is retained while your account is active
• Inactive accounts: If you stop using our service, we’ll delete your data after 12 months of inactivity
• Deleted accounts: Data is permanently removed within 30 days
• Legal requirements: Some data may be retained longer if required by law (e.g., financial records)

Third-Party Services

We work with carefully vetted third parties:

Who We Share Data With

Telephony providers: To deliver reminder calls (secure, encrypted connections) Payment processor: Stripe, for billing (PCI DSS compliant) Cloud infrastructure: Enterprise-grade hosting providers Analytics: Privacy-focused analytics (Cloudflare Web Analytics—no cookies, no personal data tracking)

What We Require

All third parties must:

• Sign data processing agreements
• Meet our security standards
• Use data only for specified purposes
• Delete data when services end

Incident Response

Despite our best efforts, no system is 100% secure. If a data breach occurs:

Our Commitment

1. Immediate investigation: Identify scope and impact
2. Contain the breach: Stop unauthorized access immediately
3. Notify affected users: Alert you promptly about what happened
4. Provide guidance: Explain what happened and what you should do
5. Prevent recurrence: Implement fixes to prevent similar breaches
6. Transparency report: Publish details about what happened and how we responded

We’ve never had a data breach, but we’re prepared if one occurs.

Privacy by Design

Security and privacy are embedded in our development process:

• Security reviews: All new features undergo security assessment before launch
• Code audits: Regular third-party security audits of our codebase
• Employee training: All team members receive annual security and privacy training
• Principle of least privilege: Systems and employees have access only to data they need
• Regular updates: We continuously monitor and update security measures

Compliance and Standards

HelloRemind follows industry best practices and complies with:

• GDPR (General Data Protection Regulation—for EU users)
• CCPA (California Consumer Privacy Act)
• PCI DSS (Payment Card Industry Data Security Standard—through Stripe)
• SOC 2 principles (Security, Availability, Confidentiality)

Transparency and Accountability

We believe in being open about our privacy practices:

• Clear, readable privacy policy (not legal jargon)
• Regular updates about how we handle data
• Responsive privacy team that answers questions
• Public commitment to user privacy

Questions or Concerns?

If you have questions about privacy or security:

• Read our full Privacy Policy: View policy
• Contact our privacy team: [email protected]
• Report security issues: [email protected]
• General support: Contact us

We take every question seriously and typically respond within 24 hours.

The Bottom Line

Your trust is our most valuable asset. We treat your family’s information the way we’d want our own family’s data treated—with the highest standards of security, privacy, and respect.

When you choose HelloRemind, you’re choosing a service that:

• Collects only necessary data
• Protects it with bank-level security
• Never sells or shares it without permission
• Gives you complete control
• Operates with radical transparency

Your loved one’s safety and your peace of mind shouldn’t come at the cost of privacy. With HelloRemind, you don’t have to choose.

Try HelloRemind free for 14 days and experience secure, private reminder calls that actually work.

---

More questions about privacy? Contact our team or read our detailed Privacy Policy.