Global Compliance Framework 2026

Privacy Policy

Last Revision: Feb 13, 2026 Version 2.0.4 Applicable Law: International & Local

1. OVERVIEW AND SCOPE

This Privacy Policy (the "Policy") governs the collection, use, and disclosure of personal data by awldna International ("we," "us," or "our") in relation to the awldna mobile application, web services, and any integrated diagnostic or therapeutic management tools (collectively, the "Platform").

We operate as a high-security environment designed for children with neurodevelopmental challenges. This document serves as a binding commitment to transparency under the General Data Protection Regulation (GDPR), the Children's Online Privacy Protection Act (COPPA), and relevant local data protection statutes.

2. DATA CATEGORIZATION AND COLLECTION

We categorize the data we collect into specific groups to ensure targeted security protocols:

2.1. Account Identification Data

Direct identifiers provided during onboarding.

  • Legal Names and Email Addresses.
  • Authentication Metadata (Third-party provider IDs from Google, Apple, or Email hashes).
  • Profile Avatars and Display Names.

2.2. Clinical & Developmental Data

Data related to the child's rehabilitation journey.

  • Child Profile Details (Age, specific developmental condition, nicknames).
  • Behavioral Assessment Responses and Progress Metrics.
  • Goal definitions, frequency of task completion, and performance logs.
  • Medication schedules, dosages, and compliance timestamps.

2.3. Professional Credentials

For specialists and educational centers.

  • Licensing numbers and professional certifications.
  • Organization tax IDs and verification documents.
  • Work schedules and service availability metadata.

2.4. Automatically Collected Technical Data

  • Device identification markers (Model, OS version).
  • Application crash logs and performance telemetry (managed via Sentry).
  • IP Addresses (used solely for security monitoring and region verification).

3. CORE PROCESSING PURPOSES

Your personal and clinical data is processed for the following exhaustive list of purposes:

  • Providing personalized rehabilitation goals and progress analytics.
  • Executing medication reminders via automated notification services.
  • Facilitating communication between Parents and authorized Specialists.
  • Generating AI-assisted insights and goal suggestions using Google Gemini.
  • Customizing the 'Centers Directory' based on your selected geographic region.
  • Maintaining secure authentication and preventing fraudulent access.

4. ARTIFICIAL INTELLIGENCE & AUTOMATED DECISIONS

awldna utilizes Advanced Generative AI Models (Specifically Google Gemini) via secure Supabase Edge Functions. This integration is designed for "Drafting Assistance" only.

4.1. Privacy Safeguards in AI

  • Anonymized Transit: Data sent for AI processing is stripped of direct legal names where possible.
  • No Training Use: Your child's Developmental data is NEVER used to train or improve third-party AI models.
  • Human-in-the-loop: No AI-generated content is final until approved by an authorized Parent or Specialist.

5. DATA RETENTION AND ARCHIVAL POLICY

We maintain a strict data lifecycle management policy:

  • Active Data: Retained as long as the account is deemed "Active." An account is considered inactive after 24 months of total cessation of usage.
  • Deletable Data: You may initiate the absolute deletion of your records via the Application Settings.
  • Legal Preservation: Certain transaction logs or professional certificates may be retained for up to 7 years to comply with financial and medical auditing requirements.

6. DISCLOSURE TO THIRD-PARTY SUB-PROCESSORS

We do not "sell" your data. We disclose data only to the following essential infrastructure partners:

Partner Purpose Data Scope
Supabase (PostgreSQL) Primary Cloud Infrastructure Full encrypted database access
Google Cloud Platform AI Insights & Edge Logic Anonymized session content
Sentry.io Diagnostics & Monitoring Technical logs & system state

7. SECURITY AND ENCRYPTION PROTOCOLS

We protect data at three distinct layers:

  • Translation Protection (In-Transit)

    All communication between your device and our servers is forced through TLS 1.2+ encryption with strict HSTS policies.

  • Resting Data Protection (At-Rest)

    Databases and media backups are encrypted using AES-256 standards provided by Supabase/AWS infrastructure.

8. INTERNATIONAL TRANSFERS

As a global service, your data may be stored on servers located in the United States, the European Union, or Singapore. We ensure that such transfers comply with standard contractual clauses (SCCs) to maintain a GDPR-equivalent level of security.

9. COPPA COMPLIANCE & CHILD PRIVACY

Because awldna features content about children, we strictly adhere to COPPA guidelines:

  • We do not collect data directly from children. All inputs must be facilitated by an adult legal guardian.
  • Parents have the absolute right to review, edit, or delete their child's records at any moment.
  • No behavioral data is shared for behavioral advertising purposes.

10. ACCOUNT DELETION & THE "RIGHT TO BE FORGOTTEN"

You possess the absolute right to permanent data erasure. When you trigger "Delete Account" in settings:

Auth Records

Immediate Purge

Media Storage

Hard Link Removal

Database Tables

Cascading Deletion

Contact Privacy Ops

If you have specific questions about our data processing architecture or want to exercise your legal rights, please contact our Data Protection Officer (DSO).

privacy@awldna.com

ESTIMATED RESPONSE: 48 HOURS