Privacy Policy

We collect what you give us — and only what you give us. There are no third-party trackers running on our app surfaces, and we do not buy data about you from data brokers.

• Account information: name, email, password (hashed), authentication method (email, Google, Microsoft, Apple, or passkey), and the role you signed up under.
• Profile content: profile name, age (if you provide it), pronouns, diagnoses, support needs, accommodation notes — whatever you choose to enter into the profiles you create or manage.
• Plan content: plans, goals, milestones, tasks, tracker entries, calendar items, timeline events, activity feed posts, message threads, and files you upload.
• Navi conversations: messages you send to Navi (our AI assistant) and Navi's responses, saved to your account so you can return to them and so Navi can use prior context within the same conversation.
• Sharing graph: who you've invited, what they can see, and the audit trail of grants and revocations.
• Operational data: request logs, error reports, performance metrics. These logs do not include the content of plans, goals, notes, messages, or other fields you fill in. A CI drift-guard test blocks the common log patterns that would interpolate user content; a handful of multi-line cases are audited manually until the guard is upgraded.

Any of the content above may include health-related, behavioral, educational, or developmental information if that's what you're organizing. We treat that content as sensitive in the sections that follow.

Your information is used to provide and improve the service you signed up for: organize your plans, surface the right resources, keep your team coordinated, send service-critical notifications, and run the platform safely.

We do not sell your information. We do not rent your information. We do not use it to train AI models — neither ours nor any vendor's. We do not run advertising and we do not share data with advertising networks.

Navi is Specthrive's AI assistant. It drafts goals, helps you interpret evaluations, and answers questions about your plans. Navi runs on Google Cloud's Vertex AI, using the Gemini family of models, in the United States (us-central1).

When you use a Navi feature, the relevant context (your message, the open plan, the open document) is sent to Vertex AI as our processing subprocessor to generate the response. Vertex AI does not use your data to train Google's or anyone else's models. Any caching or short-term retention within Vertex AI is governed by Google Cloud's published data-handling policies. Your data is not sold or shared with parties beyond Google Cloud's processing infrastructure.

You control which AI features see your data. Each AI capability has its own consent record that you can grant or revoke at any time from Settings → Privacy → AI features. When consent is not granted, the feature is unavailable — there's no degraded fallback that tries to slip through. The consent check fires server-side at every Vertex AI call site; there is no client-only path.

Navi suggests; you choose what to act on. Navi never sends a message, edits a plan, or contacts a third party on your behalf without your explicit confirmation.

Specthrive uses a layered consent model:

All consent decisions (grants, revocations, acknowledgments) are audit-logged for accountability. Audit records do not include the underlying personal information.

You decide who sees what. Sharing is per-profile and per-domain — you can give a coach access to plans and trackers, give a babysitter access only to the calendar, and keep documents and messages off-limits to everyone except yourself. Documents are never shared by default.

When you share, we record what was granted, who granted it, and when. You can revoke access at any time; the revocation is also logged. People you share with see only what their grant allows; they don't see audit logs or the rest of your team. See Privacy & sharing: who sees what for the full breakdown.

Specthrive runs on a small set of trusted infrastructure providers. We don't share your information beyond what these providers need to deliver the service.

Data in transit is protected with TLS. Within our infrastructure, messages and uploaded documents are encrypted at rest using Fernet symmetric encryption with per-environment keys held in Google Cloud Secret Manager. Database backups inherit the same key boundary.

Sensitive operations are audit-logged with the actor, action, target, IP address, and timestamp. Operational logs do not include user-entered content or authentication tokens. A CI drift-guard test fails on the common log patterns that would interpolate a request body, query params, or an auth header; remaining edge cases (multi-line log calls) are audited manually until the guard handles them. Multi-factor authentication is available on every account.

Specthrive is not a HIPAA-covered entity today and does not claim HIPAA compliance. We are not a clinical service, we do not bill insurance, and we do not act as a business associate to a covered entity through the consumer product. We process information that families choose to enter — including health-related notes — and we treat it carefully: encryption, access scoping, audit logging, no PHI in logs, no AI model training on user data, and a BAA in place for our cloud infrastructure.

We are building toward clinical-grade compliance as the product grows into clinic workspaces, and we will surface that posture transparently as it ships rather than asserting compliance we haven't earned.

Specthrive is intended for use by adults coordinating care — including for children, dependents, and others they support. Children should not create their own accounts. When you create or manage a profile for a child, you are the controlling party for that profile's data and we record your guardian attestation accordingly.

We do not knowingly collect information directly from children under 13. If you believe we have, contact privacy@specthrive.com and we'll delete it promptly.

You can:

Residents of California and other US states with comprehensive privacy laws have additional rights to know, access, correct, delete, opt out of profiling, and opt out of the sale or sharing of personal information. We do not sell or share your information for cross-context behavioral advertising. To exercise the other rights, the controls listed in Section 10 are the fastest path; you can also email privacy@specthrive.com.

When we publish a materially updated version of this policy, the app will surface a re-acknowledgment prompt the next time you sign in. Non-material updates (typo fixes, clarifications without behavior change) update the version number but don't prompt for re-acknowledgment. The current version and effective date are at the top of this page.