Privacy Policy

Halekin serves three groups of people, and we collect different information from each:

• Families: the adult child or relative who creates the account and pays for service.
• Members: the senior receiving visits. A member's profile is usually created by their family. When a family adds a member, they represent to us that they have authority to share the member's information and to authorize visits on their behalf. Members can ask us directly for access to their own information.
• Kin (companions): the independent contractors who apply, are vetted, and provide visits.

This policy covers all three. We note below where a rule applies only to one group.

From families

• Name, email, phone number, and authentication credentials (via Clerk, our identity provider).
• Billing information: Stripe processes your card; we do not store card numbers or CVVs.
• Information you give us about the member you're caring for (see below).
• Anything you tell us in support conversations.

From members (seniors)

• Name, preferred name, phone number, home address (including buzzer codes when provided).
• Languages, interests, dietary needs, allergies, pet information, mobility notes.
• Non-clinical health context (e.g., hearing, vision, chronic conditions) that helps us match the right Kin and keep the visit safe.
• Emergency contacts.
• Visit-time observations: companion notes, photos (only with explicit member or family consent), wellbeing and mood observations, home-safety observations.
• Loneliness and wellbeing scores from optional periodic surveys.

We are not a health information custodian. We do not collect or provide medical records, diagnoses, or treatment. If your parent needs clinical care, please engage a regulated health professional.

From Kin (companions)

• Name, email, phone, date of birth, home address.
• Bio, languages, skills, interests, photo, vehicle information.
• Vulnerable Sector Check results (consent-based; see §3).
• Banking + tax information needed to pay you (handled by Stripe Connect; we see status flags, not account numbers).
• GPS location during visits (check-in, check-out, and en-route while a visit is active).
• Visit logs, notes, and observations you record.

Automatically collected from everyone

• Device type, browser, operating system, IP address, and general approximate location based on IP.
• Usage data: pages visited, features used, errors encountered (via Sentry).
• Push notification subscription identifiers, when you opt in.
• Cookies and similar technologies strictly needed to keep you signed in and the platform working. We do not use advertising cookies.

PIPEDA requires us to identify the purposes of collection at or before the time of collection, and to limit collection to what is reasonably necessary for those purposes.

• To deliver visits. Match Kin to members, schedule, route, check-in/out, record what happened. Legal basis: performance of the service you asked for.
• To keep people safe. GPS verification at check-in, background checks for Kin, incident tracking, safety observations about the home. Legal basis: our legitimate interest in the safety of vulnerable members and the Kin in their homes.
• To charge you and pay Kin. Billing, payouts, tax records. Legal basis: contract performance and legal obligation (Canada Revenue Agency retention rules).
• To send notifications you expect. Visit reminders, visit summaries, payment receipts, payout confirmations. Legal basis: performance of the service. These messages are transactional and are not governed by CASL consent rules.
• To send occasional marketing. Only with your express consent, and always with an unsubscribe link. See §12.
• To improve the service. Anonymized or aggregated usage data, and opt-in outcome surveys (e.g. loneliness trends). Legal basis: your consent to the outcome program; legitimate interest for anonymized product telemetry.
• To comply with law. Responding to valid legal process, cooperating with regulators, preventing fraud.

You give us consent explicitly when you create an account, complete onboarding, authorize a Vulnerable Sector Check (Kin only), or tick an opt-in checkbox (e.g. marketing emails, photo capture, outcome surveys). You can withdraw consent at any time; see §9.

For members who lack capacity to give consent directly, the family account holder represents to us that they have authority (as a power of attorney, substitute decision-maker, or practical caregiver) to share the member's information with us and authorize visits. If that changes, please let us know so we can update how we handle the account.

Implied consent: some processing is necessary to deliver the service (for example, sharing a member's address with the Kin assigned to their visit). By using Halekin you consent to processing reasonably necessary to carry out the service.

We share personal information with service providers only to the extent needed for them to do their job, and we contractually require that they handle it with at least the same safeguards we do. We do not sell personal information. We do not share member health observations with insurance companies, employers, or government without your explicit consent or a valid legal order.

Service providers (sub-processors)

We review this list and update it when it changes. The most current list is on this page.

In specific situations

• To the Kin assigned to a visit: the member's first name, address, any information needed to complete the tasks requested, and preferences we've learned.
• To the family: visit summaries, photos (when the Kin took any with consent), notes, and any safety observations.
• To emergency services: if we believe there is a serious risk of harm to a member or Kin, we may share information with 911, police, fire, paramedics, or a family emergency contact.
• Legal process: to comply with a court order, subpoena, or other valid legal demand.
• Business transfer: if Halekin is sold, merged, or reorganized, personal information may transfer to the successor, subject to the commitments in this policy.

Some of our service providers are located in the United States or process data globally. When personal information leaves Canada, it becomes subject to the laws of the country where it is processed, including laws that may permit access by foreign governments under their own legal processes.

We limit cross-border processing to what is operationally necessary, and we sign contractual data-processing agreements with each U.S. provider that include security, confidentiality, and breach-notification obligations. If this concerns you, email our Privacy Officer and we will explain the specific flows involved in your use of the service.

• Account + profile data. Kept while your account is active, and for up to 24 months after closure to handle disputes, support follow-ups, and regulatory inquiries. Then deleted or de-identified.
• Visit records. Retained for as long as needed to support the service, outcomes research (de-identified), and any legal obligation. Identifiable visit records are purged or de-identified no later than 7 years after the last visit in the record unless longer retention is required by law.
• Photos taken during visits. 90 days, then permanently deleted.
• Kin compliance documents (government photo ID, driver's licence, insurance declaration page, Vulnerable Sector Check certificate). Retained while the Kin is actively working with us. After a Kin's account is closed, these documents are kept for 7 years to satisfy CRA records-retention norms and the Ontario civil-claim window, then the document files are permanently deleted from storage. The metadata record (document type, when it was uploaded, when it was reviewed, by whom) is retained as an audit trail. First Aid / CPR certificates are kept until 1 year past expiry.
• Document review record. When an admin approves or rejects an uploaded document, the action is logged with timestamp + reviewer. These metadata records are retained for 7 years post-account-closure even after the underlying document files have been purged.
• Financial records. 7 years, to meet Canada Revenue Agency requirements for tax records.
• Notifications. 90 days in-app; delivery logs for longer where needed to diagnose failures.
• Backups. Encrypted backups may retain information for a short additional period after deletion from production. Backups are purged on a rolling basis.

We use reasonable safeguards proportionate to the sensitivity of the information, including:

• Encryption in transit (TLS) and at rest for the database and file storage.
• Access controls: staff access is limited to what they need for their role, logged, and reviewed.
• Secrets (API keys, webhook secrets) stored in the platform secret manager, never in code.
• Audit logs for sensitive actions.
• Vulnerable Sector Checks for all active Kin.
• Signed contracts with every sub-processor covering confidentiality, security, and breach notification.

No system is perfectly secure. If a breach happens, we follow §10.

You can exercise any of these rights by emailing our Privacy Officer (§14). We will respond within 30 days.

• Access. Ask us what personal information we hold about you, how we use it, and who we've disclosed it to. We will provide a copy in a usable format, subject to narrow exceptions (e.g. information about another identifiable individual).
• Correction. If something is inaccurate, tell us and we'll correct it and notify anyone we shared the incorrect information with where practical.
• Withdraw consent. For any processing that relies on consent (e.g. marketing, optional outcome surveys, photo capture). Withdrawing consent may affect our ability to continue providing some features, and we'll tell you if so before you withdraw.
• Deletion. You can ask us to delete your account and personal information. We will do so subject to legal retention obligations (e.g. tax records), visit records that would break referentially (we may de-identify instead), and the retention periods in §7.
• Data portability. A reasonable machine-readable export of the information you've provided to us.
• Complain to the regulator. If you're not satisfied with our response, you can file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca. If you live in Quebec, Alberta, or British Columbia, you may also have rights under a provincial equivalent and a provincial commissioner.

If there is a breach of security safeguards involving your personal information that creates a real risk of significant harm, we will notify you and the Office of the Privacy Commissioner of Canada as soon as feasible, as required by PIPEDA. We keep records of every such incident for at least 24 months.

Halekin is not intended for children under the age of 18. Accounts must be held by adults. If a family has children in the home where a visit takes place, we do not collect information about those children beyond what's incidentally recorded in a visit summary (e.g. "the grandchildren were visiting"). We delete any inadvertently collected personal information about a minor on request.

Transactional messages (visit reminders, visit summaries, payment receipts, payout notices, account alerts) are not marketing and are sent as part of providing the service you asked for.

Commercial electronic messages (product updates, promotions, newsletters) are governed by Canada's Anti-Spam Legislation (CASL). We will only send these with your express or implied consent under CASL, each message will clearly identify us and include a working unsubscribe link, and we will honour unsubscribe requests within 10 business days as required.

We may update this policy to reflect changes in our service, our sub-processors, or the law. If we make a material change, we will post the updated policy here and notify active account holders by email at least 14 days before the change takes effect.

Privacy Officer: (to be designated before launch)
Email: privacy@halekin.ca
Mailing address: Halekin Inc., (to be added)
Support: /contact

If you believe we've mishandled your personal information, please reach out to us first. We'll take it seriously. You can also contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.