Privacy Policy

Comfort Care Registry – Privacy Policy

Website: https://comfortcaredirectory.com

Comfort Care Registry (“the Registry”, “we”, “us”, or “our”) is committed to protecting the privacy of all users of our platform. This Privacy Policy describes how we collect, use, store, and protect information provided by Families and Service Providers (collectively, “users”). Because our platform serves individuals and families during sensitive life circumstances — including serious illness, end-of-life care, and grief — we take data privacy especially seriously.

By using this Registry, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of the Registry.

1. Who This Policy Applies To

This policy applies to:

• Families: Individuals or households who access the Registry to search for and connect with Service Providers.
• Service Providers: Independent caregivers, practitioners, or agencies who register for a free or paid listing in the Registry.

2. Information We Collect

From Families:

• Name and email address (if voluntarily submitted via contact or waitlist forms).
• Search activity and browsing behavior on the Registry (non-personally identifiable).
• IP address and browser/device information for security and spam prevention.
• Any information voluntarily shared when contacting a Service Provider through the Registry.

From Service Providers:

• Name, business name, contact details, and location information.
• Professional credentials, certifications, and specialty information provided for directory listing.
• Identity verification documents optionally submitted (e.g., driver’s license, passport, background check results). These are stored securely and used solely for verification purposes.
• Profile photos and any images uploaded to the Registry.
• Membership and billing information, processed through a third-party payment processor (see Section 6).
• Community Portal activity, posts, and forum contributions.
• IP address and browser/device information.

3. Sensitive Information

Given the nature of our platform, users may voluntarily share sensitive personal information related to health conditions, end-of-life circumstances, grief, or caregiving needs. We treat all such information with the highest level of care and confidentiality. We do not sell, rent, or otherwise monetize sensitive personal information. Such information is used only to facilitate connections between Families and Service Providers and to improve Registry services.

Users are encouraged to share only the information necessary to facilitate their use of the Registry and should avoid sharing unnecessary medical details in public-facing profile areas or forums.

4. How We Use Your Information

We use collected information to:

• Operate and maintain the Registry directory and community.
• Create, manage, and display Service Provider listings.
• Facilitate connections between Families and Service Providers.
• Process membership fees and billing.
• Communicate with users regarding their accounts, updates to Terms or this Policy, or Registry news.
• Conduct optional verification of Service Provider credentials.
• Detect and prevent spam, fraud, or abuse.
• Comply with applicable legal obligations.

We do not use personal information for advertising, sell it to third parties, or share it with external companies or agencies for marketing purposes.

5. How We Share Your Information

We may share user information only in the following limited circumstances:

• With Registry staff, contractors, and vendors: Employees, contractors, and service vendors may access data solely to operate, improve, and support the Registry. All such parties are bound by confidentiality obligations.
• With third-party service providers: We use vendors for hosting, payment processing, email communication, and spam detection. These vendors process data only as necessary to provide their services and are not permitted to use your data for their own purposes.
• As required by law: We may disclose information if required to do so by law, court order, or government authority.
• Public directory listings: Service Provider profile information submitted for directory listing (name, specialty, location, contact details, photo) is visible to the public by design. Service Providers should not include sensitive personal information in their public profiles.

6. Payment Processing

Membership fees are processed through a third-party payment processor. The Registry does not directly store credit card numbers or full payment details. Payment data is handled in accordance with the payment processor’s own privacy and security policies. Service Providers should review the applicable processor’s privacy policy for details on how billing information is managed.

7. Cookies and Tracking

The Registry uses cookies and similar technologies for the following purposes:

• Authentication cookies: Set when users log in to maintain session state. These expire after two days, or two weeks if “Remember Me” is selected.
• Preference cookies: Store display and screen preferences for up to one year.
• Security cookies: Temporary cookies used to verify browser compatibility. These contain no personal data and are discarded when the browser is closed.
• Embedded content: If the Registry displays embedded content from third-party websites (e.g., videos), those sites may set their own cookies and tracking technologies. The Registry is not responsible for third-party cookie practices.

Most browsers allow you to control or disable cookies through their settings. Disabling cookies may affect certain Registry functionality.

8. Uploaded Images and Media

Service Providers who upload images to the Registry should be aware that images may contain embedded metadata, including GPS location data (EXIF data). The Registry does not automatically remove embedded location data from uploaded images. Users are responsible for ensuring that any images they upload do not contain sensitive location or personal metadata. The Registry is not responsible for any information contained within user-uploaded image files.

9. Data Retention

We retain user data for as long as necessary to provide Registry services and comply with legal obligations:

• Active Service Provider profiles and associated data are retained for the duration of the membership and for a reasonable period thereafter for administrative and legal purposes.
• Family contact data (e.g., waitlist signups) is retained only as long as necessary to fulfill the stated purpose.
• Verification documents submitted by Service Providers are retained securely and deleted upon verification or account closure unless retention is required by law.
• Community forum posts may be retained to maintain the integrity and continuity of the community, even after account closure, unless deletion is specifically requested.

10. Your Rights Over Your Data

All users have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Update or correct inaccurate information in your profile.
• Deletion: Request deletion of your personal data. Note that we may be required to retain certain data for legal, administrative, or security purposes.
• Portability: Request an export of your personal data in a commonly used format.

To exercise any of these rights, please contact us at the email address listed on the Registry website. We will respond to requests within a reasonable timeframe.

11. California Residents — CCPA Notice

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to request deletion, and the right to opt out of the sale of personal information. The Registry does not sell personal information. California residents may exercise their rights by contacting us directly.

12. Children’s Privacy

The Registry is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided personal information, we will take steps to delete it promptly.

13. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect personal information from unauthorized access, disclosure, alteration, or destruction. Sensitive documents submitted for verification are stored securely with access restricted to authorized Registry personnel only.

In the event of a data breach that affects your personal information, we will notify affected users in accordance with applicable law.

14. Third-Party Links

The Registry may contain links to third-party websites or services. This Privacy Policy applies only to the Registry. We are not responsible for the privacy practices of any third-party sites and encourage users to review those sites’ privacy policies independently.

15. Changes to This Policy

We reserve the right to update or modify this Privacy Policy at any time. Changes will be posted on the Registry website, and the effective date will be updated accordingly. Continued use of the Registry following any posted changes constitutes acceptance of the updated policy.

16. Contact Us

For questions, requests, or concerns regarding this Privacy Policy or your personal data, please contact us through the contact information provided on the Registry website at https://comfortcaredirectory.com.

This Privacy Policy is effective as of March 1, 2026.