PRIVACY POLICY    

Last updated April 9, 2026 

ZigBuddy is a scheduling and route optimization app built for home health workers. This policy explains what data we collect, why we collect it, and how we protect it. We’ve written it to be clear and readable — not just to satisfy a legal checkbox.

Questions? Email us any time at hello@zigbuddy.com.

What we collect

Information you give us

  • Account details — your name, email address, and password (or Google/Apple login credentials)
  • Scheduling and patient data — names, addresses, phone numbers, and appointment information you enter while using ZigBuddy
  • Payment information — processed and stored by your payment provider (Stripe, Apple, or Google depending on how you subscribe). We do not store your full card or payment credentials. See each provider’s privacy policy for details on how they handle payment data
  • Communications — anything you send us via email or support requests

Information we collect automatically

  • Device and usage data — IP address, device type, operating system, browser, and how you interact with the app
  • Location data — with your device-level permission, we access your location to support route optimization. You can revoke this at any time in your device settings
  • Cookies and similar technologies — used for authentication, analytics, and performance monitoring

Voice input

If you use our voice-to-text feature, your voice is processed by your device’s native speech-to-text service (Apple or Google depending on your device). ZigBuddy does not record or store your audio. The transcribed text is handled the same as anything else you type into the app.

How we use your data

We process your information where necessary to provide our services, fulfill our contractual obligations, comply with legal obligations, and pursue our legitimate business interests.

  • To provide and improve ZigBuddy’s scheduling and route optimization features
  • To power AI features — when you use natural language input or AI-assisted scheduling, your input is processed by third-party AI services as described below
  • To authenticate your account and keep it secure
  • To process payments
  • To send you product updates, feature announcements, and support responses
  • To comply with legal obligations and enforce our Terms of Use

We do not use your data to serve you ads. We do not sell your personal information or share it for cross-context behavioral advertising.

AI features and data processing

ZigBuddy uses AI to help you enter patient information faster, interpret natural language scheduling requests, and suggest optimized routes. When you use these features, the text you submit — including patient names, addresses, and appointment details — may be sent to third-party AI service providers such as Google Gemini. We may change AI providers over time and will update this policy to reflect any material changes.

A few important things to know:

  • We do not permit our AI service providers to use your data to train their general models, except as permitted under our contractual agreements with those providers and their applicable policies
  • We do not sell your scheduling or patient data to AI providers for their own purposes
  • We maintain appropriate agreements with our AI providers, including Business Associate Agreements where required by HIPAA
  • AI-generated results are suggestions only — you are responsible for reviewing them before acting on them

ZigBuddy is a logistics platform. Our AI features do not provide clinical advice, medical recommendations, or care assessments of any kind.

Health information and HIPAA

ZigBuddy is built for home health workers and we take health data seriously. We maintain administrative, physical, and technical safeguards designed to align with HIPAA requirements for any Protected Health Information (PHI) submitted through our services.

If your organization is a Covered Entity or Business Associate under HIPAA, you need a signed Business Associate Agreement (BAA) with ZigBuddy before submitting PHI through the app. Email us at hello@zigbuddy.com to get one in place.

We maintain BAAs with our own downstream vendors — including AI service providers — where required by law. We use PHI primarily to deliver our scheduling and logistics services and for related operational, security, and compliance purposes.

Who we share data with

We share data only as needed to operate our services or comply with the law. We never sell your data or share it for advertising purposes. These service providers process data on our behalf and are contractually restricted from using it for their own independent purposes.

  • Stripe, Apple, and Google — payment processing (depending on how you subscribe)
  • Google Maps — mapping and location services
  • Google Gemini and other AI providers — AI-assisted features
  • Hosting and infrastructure providers — secure app operation
  • Law enforcement or courts — when required by applicable law

In the event of a merger, acquisition, or sale of ZigBuddy, your data may be transferred as part of that transaction. We will notify you as required by applicable law.

Google Maps

Our app uses the Google Maps API for location display and route optimization. By using location features in ZigBuddy, you also agree to be bound by Google’s Terms of Service and Privacy Policy, available at policies.google.com/privacy.

Google and Apple sign-in

You can create and access your ZigBuddy account using Google or Apple login. When you do, we receive basic profile information — typically your name and email address — from those providers. We use this only to create and manage your account.

Google’s and Apple’s own privacy policies govern how they handle your data on their end.

Data retention

We keep your data for as long as your account is active or as needed to provide our services. When you close your account, we delete or anonymize your personal information within a commercially reasonable period, except where we’re required to keep it longer for legal, tax, or fraud-prevention purposes. Certain health-related data may be retained as required by applicable healthcare or legal recordkeeping obligations.

Backup copies may persist for a limited time in secure storage before being purged.

Security

We use industry-standard technical and organizational safeguards to protect your data, including encryption in transit and at rest, access controls, and HIPAA-aligned security practices for health-related information.

While we implement industry-standard safeguards, no system can be guaranteed to be completely secure. If you believe your account has been compromised, contact us immediately at hello@zigbuddy.com. In the event of a data breach affecting your information, we will notify you as required by applicable law.

Children

ZigBuddy is intended for users 18 and older. We do not knowingly collect personal information from anyone under 18, and we comply with applicable laws relating to children’s data, including COPPA. If we become aware that we have collected data from someone under 18, we will delete it promptly.

Your privacy rights

Regardless of where you live, you can always:

  • Access or update your account information in your account settings
  • Request deletion of your account and data by emailing hello@zigbuddy.com
  • Opt out of marketing emails using the unsubscribe link in any email we send

We respond to all requests within applicable legal timeframes, typically 30–45 days depending on your location.

California residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the CCPA as amended by the CPRA:

  • Right to know what personal information we collect, use, and share
  • Right to delete your personal information, subject to certain exceptions
  • Right to correct inaccurate personal information
  • Right to opt out of sale or sharing of personal information — we do not sell or share your data for advertising
  • Right to limit use of sensitive personal information, including health-related data
  • Right to non-discrimination for exercising your rights

To exercise these rights, email hello@zigbuddy.com. We may verify your identity before processing your request and will respond within 45 days.

Do Not Track

We do not currently respond to Do Not Track (DNT) signals, as no uniform standard has been established. If that changes, we will update this policy.

Updates to this policy

We may update this policy from time to time. When we make material changes, we’ll notify you by email or through a notice in the app. The date at the top always reflects the current version.

Contact

ZigBuddy, Inc.
hello@zigbuddy.com