CareEchoBack to home

Privacy Policy

Last updated: May 2026

Overview

CareEcho is a companionship and wellness check-in service that uses AI-powered phone calls to help families stay connected with elderly loved ones. This Privacy Policy explains what information we collect, how we use it, and your rights as a user. We are committed to handling all data with care and transparency.

Information We Collect

Account information

When you sign up, we collect your email address and name via Google OAuth. We do not store your Google password.

Contact information

You provide details about your loved one, including their name, phone number, location, preferred call times, and personal notes you choose to share (hobbies, background, topics of interest). This information is used solely to personalize and schedule calls.

Call data

After each call, we store a transcript of the conversation, an AI-generated summary, a mood score, and any health flags identified during the call. This data is used to generate the reports we send you.

Usage data

We may collect standard server logs including IP addresses, browser type, and pages visited to maintain and improve the service.

How We Use Your Information

  • To schedule and place AI-powered calls to your loved one
  • To generate post-call summaries and health reports for you
  • To send you email alerts when health concerns are flagged
  • To improve the accuracy and quality of our AI conversations
  • To maintain the security and reliability of our service

We do not sell your personal data to third parties. We do not use your data for advertising purposes.

Third-Party Services

Vapi AI

We use Vapi (vapi.ai) to place and manage AI phone calls. Vapi receives the phone number and call configuration for each call. Call transcripts and analysis are returned to us via webhook. Please review Vapi's Privacy Policy for details on their data practices.

Supabase

Your data is stored in a Supabase-hosted PostgreSQL database with row-level security enabled. Supabase is hosted on AWS infrastructure. Please review Supabase's Privacy Policy for details.

Google OAuth

We use Google Sign-In for authentication. We only receive your name and email address from Google. We do not receive access to your Google account, contacts, or other data.

Vercel

Our application is hosted on Vercel. Standard web traffic data may be processed by Vercel's infrastructure.

Data Retention

We retain your account and contact data for as long as your account is active. Call transcripts and summaries are retained indefinitely to give you a full history. You may request deletion of your data at any time by contacting us.

Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Withdraw consent for us to call your loved one at any time

To exercise any of these rights, please contact us at the address below.

Children's Privacy

CareEcho is designed for use by adults to support elderly family members. We do not knowingly collect data from anyone under the age of 18.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by a notice in the application. Continued use of CareEcho after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at: privacy@careecho.app

Terms of ServiceHome

We use cookies

Essential cookies keep the site working. Optional cookies improve your experience. Privacy policy