Privacy Policy
Effective July 12, 2026
The short version
WellChime helps families watch over aging parents. The monitored parent (the "Member") always controls what is shared. We collect only what the product needs, we never sell your data, and we never use health or location data for advertising. You can pause sharing, export your data, or delete your account at any time.
What we collect
Account data — name, email, and sign-in credentials for each family member and Member, plus subscription status. Payment is processed by Stripe; we never see or store full card numbers.
Health and activity data (with the Member’s consent) — signals such as heart rate, blood oxygen, sleep, steps and activity, and motion events used to generate suspected-fall signals. Apple HealthKit data is used only to provide WellChime’s monitoring features, is never used for advertising or marketing, and is never sold or shared with data brokers.
Location data (optional, off by default) — if the Member enables location sharing, we collect device GPS location to show family where the Member is and to power safe-zone alerts. The Member can pause or turn this off at any time, on their own device.
Device and coverage data — device type, battery level, app state, and signal freshness, used to show honestly whether monitoring is working ("Coverage Truth").
Care content — notes, check-ins, messages, and medication schedules that family members and the Member add.
How we use it
To provide the service: showing wellbeing status to invited family members, generating alerts, computing each Member’s personal baselines, delivering notifications, processing subscriptions, and providing support.
We do not sell personal data. We do not serve ads. We do not use health or location data for any advertising purpose.
Who can see the Member’s data
Only the family members the Member (or their authorized representative) has approved, with the sharing scope they chose. The Member can change visibility or pause sharing at any time. Our staff access personal data only when needed for support or safety, under minimum-necessary access controls, and access is logged.
Service providers
We use a small set of processors to run WellChime: Supabase (database, authentication, storage), Render (hosting), Stripe (payments), Apple (notifications), Resend (email), and OpenAI (voice assistant features — conversation audio/text only, not your health records). Each receives only what it needs.
Alerts — what we do and don’t do
WellChime is not a medical device, does not diagnose conditions, and does not call 911 or dispatch emergency services. Suspected-fall signals are heuristic signals, not confirmed events. We show delivery honestly: an alert is only marked delivered when a real delivery record exists.
Data retention and deletion
Raw high-frequency sensor data is kept briefly and aggregated; derived events and care content are kept while your account is active. When you delete your account (in-app or by emailing privacy@wellchime.com), we delete personal data within 30 days, except records we must keep for legal or billing reasons. You may request an export of your data at any time.
Breach notification
If a breach of identifiable health data occurs, we will notify affected users and regulators as required by law, including the FTC Health Breach Notification Rule.
Children
WellChime is for adults. It is not directed at children under 18, and we do not knowingly collect data from them.
Your rights
Depending on your state or country, you may have rights to access, correct, delete, or port your data, and to opt out of certain processing. Contact privacy@wellchime.com and we will honor applicable rights regardless of where you live.
Changes & contact
We’ll post updates here and, for material changes, notify you in the app or by email before they take effect.
Contact: privacy@wellchime.com