Privacy Policy

Last updated: June 11, 2024 · Effective: June 11, 2024

DripZEN (“we,” “our,” or “us”) is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

1. Information We Collect

1.1 Information You Provide Directly

Account Information: Name, email address, password, date of birth, and profile photo when you register.
Health & Wellness Data: Hydration logs, IV therapy session records, health goals, and wellness preferences you voluntarily enter.
Facebook Login Data: When you log in using Facebook, we receive your public profile information (name, profile photo, email) as permitted by your Facebook privacy settings.
Communications: Messages you send to our support team or through in-app messaging features.
Payment Information: Billing details processed securely through our payment partners (we do not store full card numbers).

1.2 Information Collected Automatically

Usage Data: App features accessed, session duration, screens viewed, and navigation patterns.
Device Information: Device model, operating system version, unique device identifiers, and mobile network information.
Log Data: IP address, app version, crash reports, and performance data.
Location Data: With your permission, approximate location to show nearby wellness providers.
Analytics: Cookies and similar technologies to improve our services.

2. How We Use Your Information

Create and manage your DripZEN account
Provide, personalise, and improve our wellness services
Process bookings and payments for IV therapy sessions
Send appointment reminders, wellness tips, and service updates
Analyse usage patterns to enhance app performance and features
Comply with legal obligations and enforce our Terms of Service
Detect, prevent, and address fraud, security issues, and technical problems
Respond to customer support requests

3. Facebook Data Usage

DripZEN integrates with Facebook Login to simplify account creation. When you authenticate through Facebook:

We access only the data permissions you explicitly grant
We receive your name, email, and profile picture for account setup only
We do not post on your behalf without explicit consent
We do not access your Facebook friends list or social graph
Facebook data is processed in accordance with the Facebook Platform Policy

You can revoke DripZEN's access to your Facebook account at any time via Facebook Settings → Apps and Websites. To request deletion of your Facebook-linked data, submit a data deletion request here.

4. Information Sharing & Disclosure

We do not sell, trade, or rent your personal information. We may share your information with:

Wellness Providers: Booking details shared with providers to deliver your sessions.
Service Providers: Trusted third-party vendors (cloud hosting, payment processing, analytics) under strict confidentiality agreements.
Legal Requirements: When required by law, court order, or governmental authority.
Business Transfers: In connection with a merger, acquisition, or sale of assets, with advance notice to you.
Safety: To protect the rights, property, or safety of DripZEN, our users, or the public.

5. Data Retention

We retain your personal data for as long as your account is active. Upon deletion:

Account data is deleted within 30 days of the request
Aggregated, anonymised analytics may be retained indefinitely
Transaction records may be retained as required by applicable law (e.g., tax compliance)

6. Your Rights (GDPR & CCPA)

Right of Access: Request a copy of the personal data we hold about you
Right to Rectification: Request correction of inaccurate data
Right to Erasure: Request deletion of your personal data (“right to be forgotten”)
Right to Data Portability: Request your data in a machine-readable format
Right to Object: Object to certain types of processing, including direct marketing
Right to Withdraw Consent: Withdraw consent at any time where processing is consent-based

To exercise these rights, submit a data request or email hello@thecreatorpreneur.in.

7. Data Security

AES-256 encryption for data at rest
TLS 1.3 encryption for data in transit
Regular security audits and penetration testing
Multi-factor authentication options
HIPAA-compliant data handling for all health information

8. Children's Privacy

DripZEN is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe your child has provided us with personal information, contact hello@thecreatorpreneur.in and we will delete it promptly.

9. Third-Party Services

We use the following third-party services, each governed by their own privacy policies:

Firebase (Google) — analytics and crash reporting
Stripe — payment processing
Facebook Login — authentication
Apple Sign In — authentication

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission for EEA transfers.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes through the app or by email. Your continued use of DripZEN after changes constitutes acceptance of the updated policy.

12. Contact Us

Privacy Email: hello@thecreatorpreneur.in
Data Deletion: Submit Data Deletion Request
Support: hello@thecreatorpreneur.in