Last updated April 27, 2020
Privacy is fundamental to sobriety.
What data do we collect?
I Am Sober can be used anonymously. For anonymous users and non-subscribers, we primarily collect app usage data.
Any questions we ask are not intended to be personally identifiable. We may ask you to report your:
- Addiction name
- Sobriety start date
- Survey questions about reaching your milestone
Upon setting up the app, we will explicitly ask for your permission to collect this data.
Additionally, we may collect crash data when the app crashes that can help us debug issues and improve the quality of the app.
In order to create an account with I Am Sober, we will ask you to provide us with your email address. You can also optionally create a user profile photo.
We will also collect data that you give us in regards to your interaction with app. This may include technical information such as your IP address based on your location, app version, or device platform.
Account data with a Sober Plus subscription
When you subscribe to Sober Plus, we provide cloud data backups as a service. This means that any information you provide will be backed up securely in the cloud. This can include information such as your addictions, start dates, reasons for staying sober, daily notes, etc. This may include sensitive personal data about personal health issues and/or information related to your past, present, or future physical or mental health condition.
You can also choose to share your "story" with the community upon reaching a milestone. This can include:
- The username you chose
- The user profile photo you uploaded
- The story text and photo you uploaded
Any information that is disclosed in these areas becomes public information. You should exercise caution when using these and avoid posting any personal information.
Where is this data stored?
The data mentioned above will be stored securely on Amazon Web Services (“AWS”) in the USA.
What do we do with this data?
- The app usage and account data help us improve the user experience of our apps.
- We use anonymized addiction names, start dates, and survey questions to display interesting statistics to our app users to provide motivation for reaching their next milestone.
- Community data is displayed on our community pages.
We are not a subsidiary of a larger corporation that can access your information.
Who do you share this data with?
We never share information with third parties beyond those required to serve you and we will never share any of this data unless required to by law or subpoena.
We use the following third-party providers to provide the following processes:
Amazon Web Services https://aws.amazon.com/privacy/
We use Amazon Web Services as a data storage provider and we use it to securely store the data outlined above.
Google Analytics http://www.google.com/policies/privacy/
We use Google Analytics to help us improve the user experience of I Am Sober.
We use Email Octopus to send communications to users who have opted in to receiving such communications from us. The only personal info we share with EmailOctopus is your email address.
We use RevenueCat to process our subscriptions. The only personal info RevenueCat collects is an app user ID.
What do you do with the photos that I take?
We use your camera and your device's storage for photos that you take for various tasks in the app (such as remembering or sharing a milestone, your reason for staying sober, or your profile photo, etc). These are sent to and stored securely on our servers.
Upon setting up the app, you will be asked to confirm that you are at least 16 years of age. By using the app, you confirm to us that you meet this requirement. If you are under the age of 18, you confirm you have received permission from your parent or guardian before using this app or sending us personal information.
User data protection
I Am Sober treats user data privacy as a primary concern. Any personal data you choose to share with us is transmitted over the Internet; any transmission is at your own risk. Once we have received your data transmission we follow HIPAA-compliant practices to prevent unauthorized access.
- All user data is secured in transit using TLS.
- I Am Sober uses Amazon Web Services (“AWS”) as our cloud computing provider. This includes, but is not limited to, application servers, databases, and persistent storage. User data is encrypted in transit and at rest as it flows through our AWS infrastructure.
- I Am Sober strictly reviews modifications to our application code, as well as to our AWS infrastructure. This involves automated and manual efforts.
- I Am Sober monitors our AWS infrastructure in an effort to detect any potential attempt of unauthorized access.
User data retention
I Am Sober retains user data for the duration of any period in which you have expressed an interest in our products or services, for as long as you actively use our mobile application, and for six years after that such that we can respond to any future legal proceedings. Any data provided by a user via a web-based form is also retained for this same period. User data may be anonymously aggregated during and beyond this time in order to help us develop and improve our products and services. It is not possible for a customer to be individually identified from aggregated or derived data.
How do I delete my data?
You can delete any of your information – including your milestone stories and photos – at any time via the app.
If you'd like us to delete all information tied to your account, you can request us to do so by emailing us at email@example.com.
EU Citizen rights under GDPR
I Am Sober is data controller that is committed to complying with GDPR which you can read about here.
You have the right under certain circumstances:
- To be provided with a copy of your personal data held by us.
- To request the deletion of your personal data held by us.
- To request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example).
- To object to the further processing of your personal data, including the right to object to marketing.
- To request that your provided personal data be moved to a third party.
You can exercise the rights listed above at any time, or send us questions about GDPR concerns by contacting us at firstname.lastname@example.org.
If you have any questions about our policies, please feel free to email us at email@example.com.