Privacy Policy

1. Introduction

Welcome to Fil Care ("we," "our," or "us"). We are committed to protecting your personal data and your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website and sign up for our waitlist.

Fil Care is based in Berlin, Germany, and we comply with the EU General Data Protection Regulation (GDPR) and the UK GDPR.

2. Data Controller

The data controller responsible for your personal data is:

Fil Care
Altensteinstraße 40
14195 Berlin, Germany
Email: hello@fil-care.com

3. What Personal Data We Collect

When you sign up for our waitlist, we collect the following information:

• Email address (required) - To contact you about Fil and send updates
• First name (required) - To personalize our communications with you
• Role/User type (required) - To understand whether you are a patient, caregiver, clinician, or other stakeholder
• Country (optional) - To understand our geographic reach and tailor our service to your region
• User testing interest (optional) - To understand if you want to participate in product testing
• Additional information (optional) - Any additional context you choose to share with us (up to 1000 characters)
• Consent preferences - Your marketing consent and research participation consent
• Technical data - We automatically collect your IP address, browser type, device information, and pages visited through our analytics service

Special Category Data: If you identify as a patient with cognitive impairment or share health-related information in the "additional information" field, this is considered special category data under GDPR and receives additional protections.

4. How We Use Your Data (Legal Basis)

We use your personal data for the following purposes, with the following legal bases under GDPR:

• To add you to our waitlist and contact you about early access - Legal basis: Consent (GDPR Article 6(1)(a))
• To send you product updates and news about Fil - Legal basis: Consent (GDPR Article 6(1)(a))
• To invite you to participate in user research or testing - Legal basis: Consent (GDPR Article 6(1)(a))
• To improve our product and understand our audience - Legal basis: Legitimate interests (GDPR Article 6(1)(f)) - our interest in developing a product that meets user needs
• To analyze website usage and performance - Legal basis: Consent (via cookie consent banner)
• For processing special category health data - Legal basis: Explicit consent (GDPR Article 9(2)(a))

5. Who We Share Your Data With

We share your personal data with the following third-party service providers who process data on our behalf:

• Web3Forms (form submission service) - Receives your waitlist form data. Web3Forms is based in the United States. Data is transferred under appropriate safeguards.
• Vercel Analytics (website analytics) - Collects anonymized usage data to help us understand how visitors use our website. Vercel is based in the United States and complies with GDPR.
• Google Fonts - We use Google Fonts to display fonts on our website. Google may collect your IP address. See Google's privacy policy for details.

We do not sell your personal data to third parties. We do not share your data with advertisers or data brokers.

6. International Data Transfers

Your data may be transferred to and stored in countries outside the European Economic Area (EEA) and the United Kingdom, specifically the United States (where Web3Forms and Vercel are based).

We ensure that appropriate safeguards are in place for these transfers, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Vercel's GDPR compliance framework and EU-US Data Privacy Framework certification
• Ensuring processors implement appropriate technical and organizational security measures

7. How Long We Keep Your Data

We retain your personal data for the following periods:

• Waitlist data: Until you request deletion, withdraw consent, or until 2 years after our product launches (whichever comes first)
• Analytics data: Vercel Analytics retains data for up to 90 days in identifiable form
• Browser localStorage: Stored locally on your device until you submit the form or clear your browser data

After these periods, we will securely delete or anonymize your data unless we are required to retain it for legal or regulatory purposes.

8. Your Rights Under GDPR and UK GDPR

You have the following rights regarding your personal data:

• Right of access - Request a copy of the personal data we hold about you
• Right to rectification - Request correction of inaccurate or incomplete data
• Right to erasure ("right to be forgotten") - Request deletion of your personal data
• Right to restrict processing - Request that we limit how we use your data
• Right to data portability - Receive your data in a structured, machine-readable format
• Right to object - Object to processing based on legitimate interests
• Right to withdraw consent - Withdraw your consent at any time (this will not affect the lawfulness of processing before withdrawal)
• Right to lodge a complaint - File a complaint with your local data protection authority

To exercise any of these rights, please contact us at hello@fil-care.com. We will respond to your request within 30 days.

9. How to Unsubscribe

You can unsubscribe from our marketing emails at any time by:

• Clicking the "unsubscribe" link in any email we send you
• Emailing us at hello@fil-care.com with "Unsubscribe" in the subject line

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience on our website. We use:

• Essential cookies: Required for the website to function (e.g., form draft saving in localStorage)
• Analytics cookies: Vercel Analytics to understand how you use our website (requires your consent)

You can control cookies through our cookie consent banner and your browser settings. For more information, see our cookie consent banner when you first visit our site.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• HTTPS encryption for all data transmission
• Secure data storage with our service providers who meet industry security standards
• Access controls to limit who can view your data
• Regular security assessments of our systems and processes

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

12. Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately, and we will delete it.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on this page with a new "Last updated" date
• Sending you an email if you are on our waitlist (for significant changes)

We encourage you to review this Privacy Policy periodically.

14. Supervisory Authority

If you have concerns about how we handle your data, you have the right to lodge a complaint with your local data protection authority:

• For EU residents: Contact your national data protection authority
• For UK residents: Information Commissioner's Office (ICO) - ico.org.uk
• For Germany: Berlin Commissioner for Data Protection and Freedom of Information - datenschutz-berlin.de

15. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Email: hello@fil-care.com
Address: Altensteinstraße 40, 14195 Berlin, Germany