PKD Buddy logoPKD BuddyBack to Home

Privacy Policy

Effective date: April 15, 2026

1. Introduction

PKD Buddy is operated by Fennec Forge LLC and provides wellness-oriented tracking tools for people living with Polycystic Kidney Disease (PKD).

2. What We Collect

We collect account data (email and authentication records), profile data (name, date of birth, PKD type, CKD stage, nephrologist information, blood type, allergies, tolvaptan status), and health tracking data including blood pressure readings, medications and adherence logs, symptoms with severity and location, lab results, imaging measurements, hydration logs, and family history entries.

3. How We Use Your Data

Your data is used only to provide PKD Buddy features. We do not use your data for advertising, analytics, behavioral profiling, or non-feature-related processing.

4. Where Your Data Lives

Data is stored in Supabase on AWS infrastructure (us-east-1). Data is encrypted at rest (AES-256) and in transit (TLS 1.2+).

5. Who Can See Your Data

Only you can access your records through your authenticated account. Supabase Row-Level Security policies restrict access so other users and routine Fennec Forge staff access are blocked.

6. What We Do Not Do

We do not sell your data, share with third-party advertisers, train AI models on your health data, provide data to insurance companies, or provide data to employers.

7. Your Rights

You may access and review your data, correct entries in-app, delete your account with data cascade deletion, and request export portability in JSON/CSV format.

8. FTC Health Breach Notification Rule

PKD Buddy is designed to comply with FTC Health Breach Notification Rule requirements. If a breach involving identifiable health information occurs, affected users will be notified within 60 days, and within 10 business days when 500+ users are affected.

9. State Privacy Laws

We maintain practices aligned with the Pennsylvania Breach Notification Act, CCPA/CPRA (California), and the Washington My Health My Data Act.

10. HIPAA Notice

PKD Buddy is not a HIPAA-covered entity (we are not a healthcare provider, health plan, or clearinghouse). Even so, we apply HIPAA-adjacent security controls because health data deserves strong protection.

11. Children

PKD Buddy is not intended for children under 13, and we do not knowingly collect personal data from children under 13.

12. Changes to This Policy

We may update this policy periodically. Material changes will be communicated in-app and by account email.

13. Contact

Contact: privacy@pkdbuddy.com (pending setup)
Fennec Forge LLC, Pennsylvania, United States

Important Medical Information

PKD Buddy is a self-tracking and educational tool. It is not a medical device and does not provide medical advice, diagnosis, or treatment. Always consult your nephrologist or qualified healthcare provider for medical decisions. If you are experiencing a medical emergency, call 911 or go to your nearest emergency room.