Effective Date: July 2024 · Last Updated: 2026-03
Your privacy is of utmost importance to us. This Privacy Policy outlines how SJB Digital Ventures LLC, doing business as MS Buddy ("MS Buddy," "we," "us," or "our"), collects, uses, discloses, and safeguards your personal information. By using MS Buddy ("the App"), you agree to the collection and use of information in accordance with this policy and our Terms of Use.
Account Information: When you create an account, we collect your username and email address. Your password is securely hashed using industry-standard bcrypt and is never stored in plain text.
User-Entered Data: We collect health-related information that you choose to provide, including symptoms, triggers, activities, journal entries, and optional profile details such as age, sex, year of diagnosis, type of MS, current medications, and other health information. If you use the Reminders feature, you may also provide doctor names, appointment locations, and questions for your doctor. This data is stored solely to power your reminders and is never shared with third parties.
Sensitive Health Data Consent: By entering health-related information into the App, you provide explicit consent for us to process this sensitive data for the purpose of delivering the App's wellness tracking features. You may withdraw this consent at any time by deleting your data or your account.
Certain features of the App use artificial intelligence (AI) provided by third-party services (such as OpenAI) to generate summaries of research articles. When processing articles, we send the article text to the AI service; no personal user data is included in these requests. The AI-generated summaries are stored and displayed within the App. These summaries have not been reviewed by medical professionals and are provided for informational purposes only.
Usage Information: We collect information about how you use the App, including page views, feature usage, device type, operating system, and timestamps. This data is collected through our internal logging system.
Approximate Location: We may use your IP address to determine a general geographic area for usage analytics. This is not precise location data and is not shared with third parties.
Local Storage: When accessed via a web browser, we use local storage (similar to cookies) to maintain your login session and retain user preferences. We do not use third-party tracking cookies.
Database: We use MongoDB Atlas for data storage. All data is encrypted in transit using TLS and at rest using AES-256 encryption. MongoDB Atlas maintains SOC 2 Type II and ISO 27001 certifications.
We may disclose your information when required to do so by law or in response to valid legal process (such as a court order, subpoena, or government request). We will notify you of such requests when legally permitted to do so.
We do not sell, trade, or rent your personal information to third parties. We do not share your data with advertisers, data brokers, or any third parties for marketing purposes.
We employ industry-standard security measures to protect your personal and health data:
While we implement strong security measures, no online service can guarantee absolute protection. We encourage users to use strong, unique passwords.
MS Buddy supports Face ID and Touch ID for secure login. Biometric data is processed entirely within your device's secure enclave. MS Buddy does not store or access your biometric information.
In the event of a data breach affecting your personal information, we will:
We retain your personal data for as long as your account is active or as needed to provide you with the App's services:
MS Buddy may request access to your HealthKit data and local notifications. You have full control over these permissions and can modify them at any time via your device settings.
Editing and Deletion: You can view, edit, or delete your personal and health data within the App.
Account Deletion: You may delete your account at any time from your Profile page within the App. This will permanently remove your personal information and anonymize your health data so it can no longer be linked to you. For a complete deletion of all data including anonymized records, contact us at support@mymsbuddy.com before deleting your account.
Data Export: Before deleting your account, you can download all your data from your Profile page. Your data is exported as a JSON file containing your symptoms, triggers, health data, reminders, and other records.
You have the right to:
We commit to the following:
MS Buddy provides customizable local notifications for reminders about appointments, MRI and lab work, or other health-related activities. These notifications are processed locally on your device.
You can manage notification preferences within the App or through your device's notification settings.
Internal Analytics: We collect anonymized usage data (such as page views and feature usage) through our internal logging system to improve App functionality.
Data Exclusion: No sensitive health or personal data is included in analytics. We do not use third-party analytics services that receive your data.
MS Buddy may contain links to external websites such as mymsbuddy.com. We are not responsible for the privacy practices of external websites. We encourage you to review their privacy policies.
The App utilizes third-party plugins for features such as secure data storage, biometric login, and local notifications. These plugins handle data in accordance with their own privacy policies and are used strictly within their intended functionalities.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
Categories of Data Collected: Identifiers (username, email); health information (symptoms, medications, dosages, doctor information, diagnosis details you provide); and internet/electronic activity (page views, feature usage).
To exercise these rights, contact us at support@mymsbuddy.com. We will respond to verifiable consumer requests within 45 days, or within 30 days for non-CCPA requests.
Certain states have enacted laws providing additional protections for consumer health data. If you reside in such a state, the following applies:
Washington (My Health My Data Act):
Other states: Several states including Nevada, Colorado, Connecticut, and Virginia have enacted privacy laws granting consumer rights similar to those described in Section 11 above. If you reside in one of these states and wish to exercise your rights, contact us at support@mymsbuddy.com.
MS Buddy is operated from the United States and is primarily intended for users in the United States. Your information is transferred to and maintained on servers located in the United States, where data protection laws may differ from those in your jurisdiction.
EU/EEA Users: If you are located in the European Union or European Economic Area, please be aware that by using the App, your data will be transferred to the United States. We rely on your explicit consent (provided when you create an account and agree to this policy) as the legal basis for this transfer. If you do not consent to this transfer, please do not use the App.
By using MS Buddy, you acknowledge and consent to the transfer, processing, and storage of your information in the United States.
Some web browsers transmit "Do Not Track" (DNT) signals. Because there is no industry standard for how to respond to DNT signals, we do not currently respond to them. However, we do not engage in cross-site tracking of our users.
You have the right to access, correct, or delete your personal data. To exercise these rights, contact us at support@mymsbuddy.com. We will respond within 30 days (or 45 days for CCPA requests, as required by law).
Communications: You may opt out of receiving promotional communications by following the unsubscribe instructions provided in emails.
Data Collection: You can limit data collection by adjusting App permissions in your device settings.
For any questions or concerns regarding this Privacy Policy, please contact us:
Email: support@mymsbuddy.com
We comply with all applicable federal and state data protection and privacy laws. Users have the right to lodge a complaint with a data protection authority, state attorney general, or other regulatory body if they believe their rights have been violated.
We may update this Privacy Policy from time to time. Any significant changes will be communicated via in-app notifications or email at least 30 days before they take effect. Your continued use of MS Buddy after the effective date indicates your acceptance of the updated policy.
Thank you for choosing MS Buddy to assist you in your wellness journey. We are committed to protecting your privacy and providing a secure, user-friendly experience.