3mpwrApp Privacy Policy

Last updated: November 24, 2025
Version: 3.0 (November 2025 Consolidation Update)

🆕 November 2025 Updates

We’ve completed comprehensive consolidation while maintaining our commitment to 100% user data ownership and 90% accessibility:

• 🎯 Complexity Mode System: Three experience levels (Simple/Standard/Power User) with Bad Day Mode - all preferences stored locally
• 📚 Resources vs Research Split: Clear separation of in-app tools from external links - no additional data collection
• 🗂️ Master Tracker Hub: Consolidated 6 tracking tools - all data stored locally on your device
• ⚖️ Appeal Command Center: Deadline management and legal tools - all processing local, no case data transmitted
• 📦 Offline Queue System: Enhanced offline support with auto-retry - queue stored locally, syncs when online
• 💪 4 Wellness Hubs: Consolidated wellness features - all tracking data local, optional cloud backup
• 🆘 SOS/Crisis Button: Quick access to external crisis services - no tracking of button usage
• 👤 Profile & Personalization: Enhanced recommendations - profile data local or your cloud only
• 🚀 10 Revolutionary Features: AI tools process locally - no external AI services receive your data
• 🌐 Campaign Submissions: Submit to 3mpwr feature - explicitly opt-in, control what’s shared

Privacy-First Design Maintained: All November 2025 features follow the same local-first, air-gapped architecture. No new data collection without your explicit consent.

📚 Table of Contents

Jump to any section below:

💙 Taking a break? This page will be here when you’re ready. Your wellbeing comes first.

This policy describes how 3mpwrApp (“we”, “us”, “our”) collects, uses, and protects information in the 3mpwrApp mobile application and website. By using our services, you agree to these practices.

🔐 100% User Data Ownership Guarantee

Technical Implementation:

Learn more about privacy modes →

📋 Privacy Summary

📊 Information We Collect

1) Information You Provide

Account Information (if you create one):

• Name, email, and basic identifiers
• Guest Mode collects no account identifiers

Preferences and Settings:

• Accessibility options (high contrast, text size, screen reader)
• Language preferences (including Indigenous languages)
• Complexity Mode level (Simple/Standard/Power User)
• Bad Day Mode trigger settings
• Quiet hours and notification preferences
• Cultural protocol preferences (territorial acknowledgments, ceremonial considerations)

Profile Data (optional):

• Bio, location, pronouns
• Accessibility needs
• Communication preferences, contact methods
• All stored locally or in your cloud only

Community Contributions (if enabled):

• Messages, posts, uploaded media
• Reactions, profile details
• Campaign coordination activities
• Campaign Submissions (explicitly opt-in)

Calendar Events (if you use this feature):

• Events you create in the app
• Event details, dates, reminders
• Events may be synced to your device calendar

Voice Input (if you use accessibility features):

• Voice commands for navigation
• Speech input processed in real-time
• Audio is NOT stored - processed ephemerally only
• Converted to text immediately and audio discarded

Evidence Locker Contents:

• Photos, videos, documents you upload
• Stored locally on your device unless you explicitly export or share them
• ⚠️ Privacy tip: Avoid storing personal identifiers in notes where possible

Legal Workflow Data:

• Information you provide for automated legal processes
• Appeal Command Center deadlines, case timelines, legal document drafts
• All legal workflow processing happens locally on your device
• No legal information transmitted to external servers without your explicit consent

Health & Wellness Data:

• Data you enter in Master Tracker Hub (Symptom Tracker, Mood Tracker 2.0, Medication Manager, Appointment Log, Activity Tracker, Energy Tracker)
• Wellness Hubs (Energy & Mood Hub, Mental Wellness Toolkit, Physical Wellness Hub, Pacing Partner AI)
• Unified Health Tracker data
• All wellness tracking data stored locally on your device
• Optional cloud backup only to your own authenticated cloud storage

Offline Queue Data:

• Queued actions (posts, uploads, evidence submissions) stored locally until network available
• Then processed and cleared

2) Information Collected Automatically

App Diagnostics:

• App version, device OS version, basic capabilities
• Crash/error logs (when enabled)

Analytics Events:

• Pseudonymous identifiers to improve features (opt-out available)
• Complexity Mode interactions: Anonymized usage patterns to improve experience level recommendations (no personal data)
• AI usage patterns: Local analytics on AI tool usage (Gaslighting Detector, Negotiation Coach, AI Case Interpreter, AI Co-Pilot) - no conversation content stored externally
• No personally identifiable information

Push Notification Token:

• Required only if you enable notifications

Network Status:

• For community features, offline indicators, and Offline Queue sync status

Security Monitoring:

• Device integrity checks, tamper detection events
• Biometric authentication attempts (local only)
• Workflow analytics: Aggregated, anonymized data about legal workflow completion rates (opt-in only)
  • No personally identifiable information or case details collected

3) Website Analytics

This Website:

• Page visits and visit duration (aggregated, non-identifying)
• Browser type and operating system
• Screen resolution and language preferences
• Newsletter signup information (if you subscribe)
• Contact messages you send us

Cookies:

• Essential cookies for site functionality
• Analytics cookies (opt-in only)
• Language preferences and accessibility settings

🔧 How We Use Information

We use your information only to:

• Provide core functionality: Navigation, saved items, localization, accessibility features, Complexity Mode personalization
• Deliver optional features: Voice navigation, quiet hours, wellness tracking, advocacy tools, legal workflow automation, Master Tracker Hub, Appeal Command Center, Wellness Hubs
• Process legal workflows: Automated document generation, form validation, deadline tracking, appeal deadlines (all processed locally)
• Enable AI assistance: Local AI processing for legal document review, case interpretation, translation assistance, gaslighting detection, negotiation coaching (no external AI services)
• Manage offline operations: Offline Queue storage and sync, ensuring data integrity during network interruptions
• Support cultural protocols: Indigenous language features, territorial acknowledgments, ceremonial considerations
• Personalize experience: Profile-based recommendations, Complexity Mode level suggestions, provincial resource filtering
• Provide crisis support: SOS button quick access to external crisis services (no usage tracking)
• Facilitate community participation: Campaign coordination, Submit to 3mpwr feature (opt-in only)
• Send chosen notifications: Reminders, updates, workflow deadlines, appeal deadlines, appointment reminders (you control all notification settings)
• Maintain security: App integrity, fraud prevention, security monitoring, biometric authentication
• Improve services: Aggregated analytics and diagnostics (with your consent)
• Comply with laws: Legal obligations and terms enforcement

⚖️ Legal Bases (EEA/UK)

• Contract: To provide services you request
• Legitimate interests: To improve and secure the app without overriding your rights
• Consent: For optional features like notifications or analytics (withdraw anytime in Settings)

🤝 Sharing and Disclosure

We do not sell personal data. We share limited information only with service providers necessary to operate services:

For the Mobile App:

• Push Notifications: Expo Notifications to deliver messages to your device
• Cloud Services: Google Firebase (Authentication, Firestore/Storage) for optional account and community features
• Error Monitoring: Sentry for crash logs and errors (when enabled)
• Content Integrations: YouTube API, Advocate Directory API (public metadata only)

For the Website:

• Web Hosting: Cloudflare Pages, GitHub Pages for website delivery
• Analytics: Privacy-friendly analytics (opt-in only)
• Newsletter: Email service provider (if you subscribe)

All service providers:

• Process data on our behalf under strict contracts
• Required to maintain confidentiality and appropriate security
• Cannot use your data for their own purposes

Legal disclosure: We may disclose information when required by law, to protect rights and safety, or in connection with a merger, acquisition, or similar corporate transaction.

🌍 International Transfers

When we transfer your information internationally, we rely on approved safeguards (e.g., Standard Contractual Clauses) where required by law.

🗄️ Data Retention

• Local device data: Persists until you delete the app or clear app data
• Accounts and community content: Retained while your account is active (you may delete posts or request account deletion anytime)
• Analytics and diagnostics: Limited periods (13 months for analytics; 30–90 days for logs)
• Website data: Newsletter subscriptions retained until you unsubscribe
• Backups: Retained per operational needs, then securely deleted

🎛️ Your Choices and Rights

Privacy Controls

In the Mobile App:

• Notifications: Enable/disable push notifications and choose categories in Settings
• Quiet Hours: Silence notifications during specified times
• Accessibility: Adjust text size, contrast, and language preferences
• Analytics: Opt out of analytics collection in Settings
• Guest Mode: Use core features without creating an account
• Legal Workflow Privacy: Control what data is included in automated workflows
• Advanced Security: Enable biometric authentication, threat monitoring

On the Website:

• Cookies: Manage via our cookie banner or browser settings
• Newsletter: Unsubscribe link in all emails
• Accessibility Settings: Adjust contrast, text size, language

Data Rights

Contact us at empowrapp08162025@gmail.com to request:

• Access: View what data we have about you
• Correction: Fix inaccurate information
• Deletion: Remove your data from our systems
• Portability: Export your data in a standard format

We may need to verify your identity to process requests.

Additional Rights (by location)

Depending on your location, you may have additional rights under laws like GDPR/UK GDPR, CCPA/CPRA, or PIPEDA. We honor all applicable rights requests.

👶 Children’s Privacy

The app and website are not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us immediately to request deletion.

🔐 Security Measures

We implement comprehensive security measures including:

Technical Safeguards:

• AES-256 encryption for data protection
• Hardware-backed key storage in your device’s secure enclave
• TLS 1.3 network encryption with certificate pinning
• HTTPS for all website connections
• Strict security headers (CSP, HSTS, X-Frame-Options)
• Real-time tamper detection and integrity monitoring
• Input validation preventing injection attacks

Operational Safeguards:

• Access controls limiting who can access data
• Security monitoring with automated threat detection
• Regular security testing including OWASP Mobile Top 10 compliance
• Incident response procedures for security events

⚠️ Remember: No system is 100% secure. Protect your device with a passcode and avoid storing unnecessary identifiers in free-text notes.

🔄 Changes to This Policy

We may update this policy to reflect:

• Changes to our practices
• New features or services
• Legal requirements
• User feedback

Notification process:

• Updated policy posted with new “Last updated” date
• Material changes communicated within the app
• Major changes may be sent via email or notification

📞 Contact Us

3mpwrApp Privacy Team

• Email: empowrapp08162025@gmail.com
• Organization: 3mpwrApp
• Location: Toronto, ON, Canada
• Website: https://3mpwrapp.pages.dev

For privacy-related questions, data requests, or security concerns, please contact us using the email above. We respond to all privacy inquiries within 48 hours and data rights requests within 30 days (or as required by applicable law).

🔒 Privacy Verification

This policy reflects our actual technical implementation. You can verify our privacy claims through:

• Code Inspection: Review our open development process
• Network Monitoring: Confirm only user-chosen endpoints are contacted
• Technical Verification: Test BYOC strict mode operation
• Independent Audits: We welcome third-party security and privacy audits

Your privacy and data ownership are not just promises—they’re technically guaranteed by our architecture.

📄 Related Documents

• Data Ownership Statement - Our commitment to 100% user data sovereignty
• Terms of Service - Terms and conditions for using our services
• Accessibility - Our accessibility features and compliance

🛡️ Our Promise:

3mpwrApp will never:

• Sell, rent, or share your personal data
• Store your data on servers you don’t control
• Access your data without explicit permission
• Hide data collection or tracking from users

3mpwrApp will always:

• Respect your complete data ownership
• Provide transparent privacy controls
• Maintain local-first, privacy-by-design architecture
• Give you full control over your information
• Enable you to verify our privacy claims

🔗 Related Pages & Next Steps

These pages work together with this privacy policy:

Understand Your Features & Data

• Features → - See all tools and what data they use
  • Includes privacy-focused feature descriptions
  • Links to privacy sections for each feature
  • Explains data handling for each tool
• User Guide → - How to use features with privacy in mind
  • Includes privacy settings tutorial
  • Explains data ownership rights
  • Shows how to export/delete data
  • Links to this privacy policy from security sections

Configure Your Privacy

• Privacy Controls → - Customize your privacy settings
  • Choose your privacy mode (default, BYOC, strict BYOC)
  • Control what data you share
  • Enable/disable optional features
  • Manage cloud sync settings
• Accessibility Guide → - Accessibility with privacy protection
  • Dyslexia, motor, and cognitive accessibility
  • All features work 100% offline
  • Privacy-protected data never leaves your device

Learn About Your Rights

• Data Ownership → - 100% user data sovereignty
  • Your data belongs to you
  • How to export your data
  • How to delete your data
  • Your rights explanation

Getting Help

• Contact Us → - Privacy questions or concerns
  • Contact our privacy team
  • Request your data
  • Report privacy concerns
  • Feedback and suggestions

Stay Informed

• What’s New → - Latest updates including security improvements
  • See recent privacy/security enhancements
  • Learn about new privacy features
  • Read security announcements

Join Our Community

• Beta Testing Guide → - Help test privacy features
  • Test privacy controls
  • Report privacy issues
  • Provide security feedback

Privacy Policy Quick Reference

Privacy Guarantee:

• ✅ 100% user data ownership
• ✅ Local-first by default
• ✅ Optional cloud sync (to YOUR cloud only)
• ✅ Military-grade AES-256 encryption
• ✅ Zero tracking, no analytics
• ✅ Export/delete anytime

Your Rights:

• ✅ Access your data anytime
• ✅ Export your data in JSON format
• ✅ Delete your data completely
• ✅ Request data from us (subject access)
• ✅ Correct or update your data
• ✅ Object to processing

Security:

• ✅ Hardware-backed key storage
• ✅ TLS 1.3 network encryption
• ✅ Tamper detection
• ✅ Regular security audits
• ✅ Incident response procedures

Legal Compliance:

• ✅ GDPR compliant (EU data)
• ✅ CCPA compliant (US data)
• ✅ PIPEDA compliant (Canadian data)
• ✅ Canadian accessibility laws
• ✅ International privacy standards

💡 Tip: Each of these pages links back to this policy, so you can always understand how your data is protected across the entire platform!

Version 3.0 (November 2025 Consolidation Update) - Updated November 24, 2025