Merge pull request #460 from nightscout/update_privacy_policy

Updated privacy policy based on feedback

PRIVACY_POLICY.md

@@ -10,43 +10,50 @@ data.
 
 ## Information We Collect
 
-### Crash Reporting (Opt-In by default, with ability to Opt-Out)
+### What We Do NOT Collect
+
+For complete transparency, we want to clarify that Trio does not collect:
+- Blood glucose (BG) readings
+- Treatment data
+- Total daily doses (TDD)
+- Any health-related statistics or personal medical information
+- Personal identifiable information such as name, address, or email
 
-Our App uses Google Firebase Crashlytics to collect crash reports. You
-will be asked to opt in to crash reporting when you first use Trio,
-and you can change this setting at any time.
+### Crash Reporting (Opt-In by default, with ability to Opt-Out)
 
-For users who use Trio without going through the onboarding process,
-we opt them in to crash reporting by default, but you can opt out at
-any time.
+Trio uses Google Firebase Crashlytics to collect crash reports. During
+the initial app setup (onboarding process), you will be asked to opt
+in to crash reporting. The onboarding process is the series of screens
+you see when first launching Trio that helps you set up the app.
 
-The following information may be sent to Crashlytics when the App
-crashes:
+The following information may be sent to Crashlytics when Trio crashes:
 
-- Time and date of the crash
-- Device state at the time of the crash
-- Stack trace information
-- Device model and OS version
-- A generated unique identifier (not personally identifiable)
+- Time and date of the crash (example: "Trio crashed on April 6, 2025 at 2:15 PM")
+- Device state at the time of the crash (example: "Trio was in the foreground" or "Battery level was 42%")
+- Stack trace information (technical information showing which line of code failed)
+- Device model and OS version (example: "iPhone 14 Pro running iOS 17.4.1")
+- A generated unique identifier (a random code like "A7B2C9D3" that doesn't identify you personally)
 
 ### Debug Symbols (dSYMs)
 
-As an open source project, our build scripts upload debug symbols
-(dSYMs) to Google's servers. We use these files to give us
-deobfuscated and human-readable crash reports, and contain mapping
-information that helps us interpret crash reports. dSYM files only
-contain code-related mapping information to decode a stack-trace into
-a readable format, such as function names, class names, method names,
-and line numbers. They are used to create human-readable crash reports
-to help us understand crashes. These files do not contain any personal
-information about you or your device usage.
+When we build the Trio app, we create special files called debug
+symbols (dSYMs) that help us read crash reports. Think of these like a
+decoder ring for crashes:
+
+Without dSYMs, a crash might look like: "Error at memory address
+0x1234ABCD" With dSYMs, we can see: "Error in function
+'calculateInsulin' at line 157"
+
+These files only contain code-related information that helps us
+understand where crashes happen. They contain no personal information
+about you or how you use Trio.
 
 ## How We Use Your Information
 
 We use anonymous crash report information exclusively to:
 
 - Identify and fix bugs and crashes
-- Improve the App's stability
+- Improve Trio's stability
 
 We do not use this information for any other purpose, such as
 analytics, marketing, or user profiling.
@@ -64,38 +71,36 @@ documentation.
 ### Open Source Contributors
 
 As an open source project, crash reports and debugging information may
-be visible to project contributors who help maintain and improve the
-App. All contributors are expected to adhere to this privacy policy
+be visible to project contributors who help maintain and improve
+Trio. All contributors are expected to adhere to this privacy policy
 and handle any data responsibly.
 
-## Opting Out
+## Opting Out and Data Retention
 
 You can opt out of crash reporting at any time through the Trio
 settings. If you opt out:
 
-- No crash data will be collected or sent to us
-- Previously collected crash data will still be retained as described below
+- No new crash data will be collected or sent to us
+- Previously collected crash data will still be retained for approximately 90 days
 
 To avoid sending dSYMs to Crashlytics, you can delete the Trio target
 Build Phase script, titled "Copy dSYMs to Crashlytics".
 
-## Data Retention
-
-Crash data and associated debugging information are retained only as
-long as necessary to analyze and fix issues. Typically, this is for a
-period of 90 days.
-
 ## Your Rights
 
-You have certain rights regarding your personal information,
-including:
+You have certain rights regarding your information, including:
 
-- The right to access the information we have about you
+- The right to opt-out of crash reporting
 - The right to request deletion of your data
-- The right to opt-out of crash reporting (as described above)
 
-To exercise these rights, please contact us using the information
-provided below.
+To opt-out of crash reporting, please see the section above for
+details about how to configure Trio to not record crash reports.
+
+The information we store is anonymous, so we are unable to look up
+information for a particular individual. However, our general data
+retention policy ensures that data older than 90 days is deleted,
+enabling us to accommodate data deletion requests by design despite
+having anonymous data.
 
 ## Changes to This Privacy Policy
 
@@ -106,8 +111,9 @@ updating the "Last Updated" date.
 ## Contact Us
 
 If you have any questions about this Privacy Policy, please contact us
-on [Discord](http://discord.diy-trio.org/).
+on [Discord](http://discord.diy-trio.org/) or send us an email at
+trio.diy.diabetes@gmail.com.
 
 ## Last Updated
 
-April 6th, 2025
+April 15, 2025