Update privacy policy

PRIVACY.md

@@ -2,14 +2,14 @@
 *A Nightscout Foundation Project*
 
 ## Purpose and Scope
-This privacy policy outlines the principles and practices for collecting, using, and protecting debug data in Trio, an open source insulin dosing algorithm project of the Nightscout Foundation. Our primary goal is to ensure algorithm safety and accuracy while maintaining the highest standards of user privacy.
+This privacy policy outlines the principles and practices for collecting, using, and protecting debug data in Trio, an open-source insulin dosing algorithm project of the Nightscout Foundation. Our primary goal is to ensure algorithm safety and accuracy while maintaining the highest standards of user privacy.
 
 ## Data Collection Principles
 
 ### 1. Minimal Collection
 - We collect only the mathematical differences between JavaScript and Swift algorithm implementations
 - No personal identifiers, device information, or timestamps are collected
-- No actual insulin doses, blood glucose values, or other medical data are stored
+- No insulin doses, blood glucose values, or other medical data are stored
 - Data collected is limited strictly to algorithm debugging purposes
 
 ### 2. Anonymization
@@ -23,9 +23,9 @@ This privacy policy outlines the principles and practices for collecting, using,
 - No personal user information is collected
 
 ### 3. Transparency
-- All data collection code is [open source](https://github.com/kingst/trio-oref-logs) and available for community review
-- The specific data points being collected are documented in the source code
-- Any changes to data collection must go through public code review
+- Data collection code is [open source](https://github.com/kingst/trio-oref-logs) and available for community review
+- Specific data points being collected are documented in the source code
+- Your information will only be used as in this privacy policy -- any changes to data collection must go through public code review
 - Regular reports on data usage will be published to the community
 
 ## Data Usage
@@ -37,13 +37,13 @@ This privacy policy outlines the principles and practices for collecting, using,
 - Improving algorithm accuracy and safety
 
 ### Prohibited Uses
-- No commercial use or sharing with third parties
+- No commercial use or sharing data with third parties
 - No attempt to re-identify or correlate data points
 - No use for marketing, analytics, or user behavior analysis
 - No combination with other data sources
 
 ### Use in research publications
-- We will maintain aggregate statistics, like invocation rates and average timing differences between Javascript and Swift for use in research publications
+- We will maintain aggregate statistics, like invocation rates and average timing differences between Javascript and Swift, for use in research publications
 - We will not use individual records
 
 ## Data Protection
@@ -53,11 +53,12 @@ This privacy policy outlines the principles and practices for collecting, using,
 - Access to collected data is strictly limited to core algorithm developers
 - Data is stored in a secure, isolated environment
 - Regular security audits are performed
+- We will do everything we can to maintain the security of your data, but complete data security cannot be guaranteed
 
 ### Data Retention
 - Debug data is retained only for the duration necessary for verification
 - Maximum retention period of 90 days
-- Automatic deletion after the retention period
+- Automatic data deletion after the retention period
 - Option for immediate deletion upon request
 
 ## Community Oversight
@@ -70,8 +71,8 @@ This privacy policy outlines the principles and practices for collecting, using,
   - Confirmation of data deletion
 
 ### Community Control
-- Data collection can be disabled by users at any time
-- Community voting required for any changes to this policy
+- User can disable data collection at any time
+- Community voting is required for any changes to this policy
 - Annual review of data collection necessity
 - Public issue tracker for privacy-related concerns
 
@@ -79,19 +80,19 @@ This privacy policy outlines the principles and practices for collecting, using,
 
 ### Control and Consent
 - Explicit opt-in required for data collection
-- Right to opt-out at any time
+- Right to opt out at any time
 - Right to reset device identifier through iOS settings
 - Right to request verification of data deletion
 
 ### Communication
-- 48-hour response time commitment for privacy concerns
+- 72-hour response time commitment for privacy concerns
 - Regular updates on privacy-related improvements
 - Clear documentation of all privacy features
 
 ## Updates to This Policy
-- Changes require community discussion period
+- Changes require a community discussion period
 - Minimum 90-day notice before any changes
-- All historical versions maintained in repository
+- All historical versions of this policy are maintained in this repository
 - Change log with justifications maintained
 
 ## Contact Information
@@ -99,4 +100,4 @@ This privacy policy outlines the principles and practices for collecting, using,
 - Public discussion in GitHub issues
 - Optional private communication channel for sensitive concerns
 
-This policy is maintained in the Trio project repository at `/PRIVACY.md` and is governed by the same open source principles as the rest of the project. As a Nightscout Foundation project, Trio adheres to the Foundation's commitment to transparency, security, and patient privacy in diabetes technology.
+This policy is maintained in the Trio project repository at `/PRIVACY.md` and is governed by the same open-source principles as the rest of the project. As a Nightscout Foundation project, Trio adheres to the Foundation's commitment to transparency, security, and patient privacy in diabetes technology.