Privacy Policy

Effective Date: January 28, 2026 | Last Updated: January 28, 2026

IMPORTANT MEDICAL DISCLAIMER

FirstAidTag is NOT an emergency response service. We do NOT dispatch ambulances, police, or emergency services. In any medical emergency, CALL 911 OR YOUR LOCAL EMERGENCY NUMBER IMMEDIATELY. Do not rely on FirstAidTag for emergency response.

1. Introduction

FirstAidTag (“we,” “us,” or “our”) operates a medical emergency alert system consisting of wearable medical ID bracelets with QR codes and NFC technology, paired with a mobile application. This Privacy Policy explains how we collect, use, disclose, and protect your personal information.

By using FirstAidTag services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

A. Information You Provide Directly

Account Information: Name, email address, phone number, date of birth, address, emergency contact names and phone numbers
Medical Profile Information: Blood type, allergies, medical conditions, current medications, medical history relevant to emergency response, emergency medical instructions
Payment Information: Billing address, payment card information (processed securely by third-party payment processors)

B. Information Collected Automatically

Device and Usage Data: Device type, operating system, mobile app version, IP address, device identifiers, app usage patterns, feature interactions, error logs and diagnostic information
Location Data: GPS location when QR code or NFC tag is scanned, location data when emergency alerts are triggered, location history related to emergency events only
QR Code & NFC Scan Data: Date, time, and location of each scan, device information of scanner (if available), number of scans and scan patterns

3. How We Use Your Information

Emergency Response

  • • Display medical information when your bracelet is scanned
  • • Send emergency alerts to designated contacts
  • • Share location data with emergency contacts during alerts

Service Operation

  • • Create and maintain your account
  • • Process payments and manage subscriptions
  • • Provide customer support

Communications

  • • Send service-related notifications
  • • Send SMS verification codes
  • • Respond to your inquiries

Legal and Safety

  • • Comply with legal obligations
  • • Protect against fraud and security threats
  • • Enforce our Terms of Service

4. Information Sharing and Disclosure

We share your information with:

  • Emergency Contacts: Medical profile information when bracelet is scanned; location data during emergency alerts; real-time notifications when your medical ID is accessed
  • Service Providers: SMS gateway providers (Telnyx) for emergency notifications; cloud hosting providers; payment processors; analytics providers
  • When Required by Law: To comply with legal obligations; respond to lawful requests; protect our rights, privacy, safety, or property
  • In Emergency Situations: Medical information may be shared with first responders; location data shared with emergency services if needed

We Do NOT:

  • • Sell your personal information to third parties
  • • Share your medical data for marketing purposes
  • • Use your health information for advertising

5. SMS Messaging Terms

By providing your phone number, you consent to receive:

  • Emergency medical alerts (time-sensitive)
  • QR code scan notifications
  • Account security codes (OTPs)
  • Service-related notifications

Message Frequency

Varies by activity

Opt-Out

Reply STOP

Help

Reply HELP

Important:

Opting out of SMS may limit your ability to receive emergency alerts. We recommend keeping SMS notifications enabled for safety.

DO NOT RELY SOLELY ON SMS FOR EMERGENCIES. ALWAYS CALL 911 FOR IMMEDIATE HELP.

Supported Carriers: All major US and Canadian carriers including AT&T, T-Mobile, Verizon, Rogers, Bell, Telus, and Freedom Mobile.

6. Data Security

We implement industry-standard security measures to protect your information:

Technical Safeguards

  • • Encryption in transit (TLS/SSL)
  • • Encryption at rest (AES-256)
  • • Secure authentication and access controls
  • • Regular security audits and updates

Organizational Safeguards

  • • Employee access restricted on need-to-know basis
  • • Confidentiality agreements with providers
  • • Incident response procedures

Note: No system is 100% secure. We cannot guarantee absolute security but take reasonable measures to protect your data.

7. Data Retention

We retain your information for as long as:

  • Your account remains active
  • Required to provide services
  • Necessary to comply with legal obligations
  • Needed to resolve disputes or enforce agreements

Account Deletion: You may request account deletion at any time. We will delete or anonymize your data within 30 days, except where required by law to retain records.

Medical Data: Emergency-related medical information may be retained longer for legal compliance and safety documentation.

8. Your Privacy Rights

Depending on your location, you may have rights including:

Access

Request a copy of your personal information

Correction

Update or correct inaccurate information

Deletion

Request deletion of your personal information

Portability

Receive your data in a machine-readable format

Objection

Object to certain processing of your information

Opt-Out

Unsubscribe from marketing communications

To exercise these rights, contact: privacy@firstaidtag.com

9. Children's Privacy

FirstAidTag is not intended for children under 13. We do not knowingly collect information from children under 13 without parental consent.

For minors (13-18): Parental or guardian consent is required to create an account.

If we discover we have collected information from a child under 13 without consent, we will delete it promptly.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers.

For Canadian Users

We comply with PIPEDA (Personal Information Protection and Electronic Documents Act).

For EU/UK Users

We comply with GDPR requirements for data transfers.

11. Third-Party Links

Our app may contain links to third-party websites or services. We are not responsible for their privacy practices. Review their privacy policies before providing information.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be posted here with an updated “Last Updated” date.

Significant changes will be notified via:

  • Email to your registered address
  • In-app notification
  • SMS notification (for material changes affecting your rights)

Continued use after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy questions, concerns, or requests:

FirstAidTag Privacy Team

Email: privacy@firstaidtag.com

Support: support@firstaidtag.com

Response Time: We aim to respond within 7 business days.

14. Specific Jurisdictions

California Residents

You have additional rights under CCPA/CPRA. Contact us to exercise these rights.

Canadian Residents

You have the right to file a complaint with the Privacy Commissioner of Canada.

EU/UK Residents

You have the right to lodge a complaint with your local data protection authority.

By using FirstAidTag, you acknowledge that you have read and understood this Privacy Policy.