Last Updated: July 11, 2025
Effective Date: July 11, 2025
This Privacy Policy explains how Orbitem Corp. ("we," "our," or "us"), the developer of the RettConnect mobile application ("RettConnect" or "the App"), collects, uses, stores, and protects your information. We are committed to protecting your privacy and ensuring you understand how your data is handled when you use RettConnect, a social community platform for individuals, families, and professionals connected to Rett Syndrome.
1. Introduction to RettConnect
RettConnect is a social media application designed to foster a supportive community for individuals, parents, guardians, caregivers, advocates, and professionals engaged with Rett Syndrome. It provides a platform for sharing personal progress, new studies, educational resources, and connecting with others in the Rett Syndrome community.
IMPORTANT NOTE ON HEALTH INFORMATION: RettConnect is a social community platform and is not intended to be, nor does it provide, medical advice, diagnosis, or treatment. It is not a medical record system. Any health-related information you choose to share on RettConnect is for community support and informational purposes only. We are not a "Covered Entity" or "Business Associate" under the Health Insurance Portability and Accountability Act (HIPAA). Users are solely responsible for the health information they choose to disclose and should always consult with qualified healthcare professionals for medical advice.
2. Information We Collect About You
We collect information to provide, maintain, and improve RettConnect, and to enable its social features.
A. Information You Provide Directly:
Account Registration Data: When you create an account, you provide your:
Name (First and Last)
Email Address (used for verification and account recovery)
Username
Password (encrypted)
User Role (e.g., Parent, Guardian, Patient, Caregiver, Advocate)
Profile Information: You may optionally provide additional information for your profile, such as a "Bio" or description.
User-Generated Content (UGC): When you use RettConnect's social features, you provide content, including:
Posts: Text, photos, and videos you share on your profile feed (which can be set to public, friends-only, or private for your own tracking). This may include sensitive health information related to Rett Syndrome (e.g., patient progress, symptoms, developmental milestones, therapies, personal experiences, new studies, etc.).
Direct Messages/Chats: Content of messages, photos, and videos sent through private chat functionality.
Comments: Text, photos, and videos you post as comments on others' content.
Communication with Us: Any information you provide when you contact our support team or communicate with us through other channels.
B. Information Collected Automatically:
When you access and use RettConnect, we automatically collect certain information about your device and activity:
Device Information: This includes your device type, operating system, unique device identifiers, and mobile network information.
Usage Data: Information about how you interact with RettConnect, such as the features you use, the time and date of your activity, time spent in the app, and crash logs.
IP Address: Your IP address is collected for security, analytics, and to help identify your general geographic region (e.g., country), but not precise location.
C. Permissions We Request:
RettConnect requests access to specific device functionalities strictly for the following purposes:
Camera and Photo Library: We request access to your device's camera and photo library solely to enable you to:
Upload a profile picture.
Post photos and videos to your profile feed.
Send pictures in direct messages.
We do not access your camera or photo library for any other purpose, such as voice recording, calling, or background data collection.
We DO NOT request access to your Microphone, Contacts, Calendar, or precise Location (GPS).
3. How We Use Your Information
We use the information we collect for the following primary purposes:
To Provide and Operate RettConnect: To deliver the core functionalities of the App, including creating and managing user accounts, enabling profiles, and facilitating social interactions (posting, messaging, connecting with friends and professionals).
To Facilitate the Rett Syndrome Community: To enable users to share information, updates, and connect with other individuals, families, and professionals in the Rett Syndrome community.
To Enable Content Sharing: To allow you to post and share photos, videos, and text content with your selected audience (public, friends-only, or private for personal tracking).
To Connect Users: To facilitate friend requests and connections between users and professionals.
Content Monitoring and Moderation: To monitor, review, and moderate user-generated content to ensure compliance with our Terms of Service and community guidelines, maintaining a safe and respectful environment.
App Functionality and Improvement: To understand how users interact with RettConnect, troubleshoot issues, improve app performance, and develop new features.
Account Management and Security: To verify your email, maintain the security of your account, prevent fraud, and respond to account-related requests.
We do not use your information for any other purposes, such as direct marketing, advertising, or research, unless explicitly stated and with your separate consent.
4. How We Share Your Information
We are committed to maintaining the privacy of your information. We do not sell, rent, or otherwise share your personal information with third parties for their marketing or advertising purposes.
We share your information only in the following limited circumstances:
With Our Service Provider (Google Firebase): All of your data is securely stored within our dedicated Google Firebase account. Firebase provides our backend infrastructure, including database services, authentication, and hosting. Google, as our service provider, processes data on our behalf in accordance with their privacy policies and security standards.
With Other Users (Based on Your Settings): Content you post on your profile feed will be visible to your chosen audience (public or friends-only). Content in direct messages is only visible to the participants of that conversation. Your username and profile information (Name, Bio, Role) are visible to other users within the App.
For Legal Reasons: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:
Comply with a legal obligation.
Protect and defend the rights or property of Orbitem Corp.
Act in urgent circumstances to protect the personal safety of users of RettConnect or the public.
Protect against legal liability.
With Your Consent: We may share your information for any other purpose with your explicit consent.
5. Data Security and Storage
We take the security of your data seriously.
Secure Storage: All data collected by RettConnect is securely stored and processed within our dedicated Google Firebase account. Google Firebase implements robust security measures, including:
Encryption: Data is encrypted in transit (using HTTPS/SSL/TLS) and at rest (using AES-256 by default).
Access Controls: Strict access controls and authentication protocols are in place to limit access to data.
Regular Audits: Firebase undergoes regular security audits and holds certifications such as ISO 27001, SOC 1, 2, and 3.
Internal Access: Access to user data by Orbitem Corp. administrators and authorized personnel is strictly limited and controlled, granted only on a need-to-know basis for app operations and content moderation.
User Responsibility: While we implement strong security, the security of your account also depends on your efforts. Please keep your password confidential and do not share it.
6. Data Retention and Account Deletion
We retain your personal information as long as your RettConnect account is active to provide you with the services.
Account Deletion: You have the right to delete your RettConnect account at any time.
How to Delete: An option to initiate account deletion is provided directly within the RettConnect app (typically found in your profile or settings).
Process: Upon initiating deletion, your account and associated personal data will be marked for removal. We may include confirmation steps to prevent accidental deletion.
Permanent Deletion: Deleting your account is a permanent action. We are not responsible for recovering deleted accounts or data.
Retention after Deletion: While data is immediately removed from the live production system, some data, including backups and system logs, may persist in Google Firebase's backup systems for up to 180 days as part of their standard data retention policies. After this period, your data will be permanently purged from all Google Firebase systems.
7. Your Privacy Rights and Choices
We are committed to providing you with control over your personal information.
Access and Correction: You can access and update most of your profile information (Name, Username, Bio, Role) directly within your RettConnect account settings.
Content Privacy Settings: You can control the visibility of your posts (Public, Friends-Only, Private) directly within the App.
Account Deletion: As detailed above, you can delete your account at any time via the in-app option.
Device Permissions: You can manage or revoke permissions (e.g., Camera, Photos) for RettConnect at any time through your device's operating system settings. Note that revoking essential permissions may impact app functionality.
8. User-Generated Content (UGC) Policy & Moderation
RettConnect encourages open sharing within its community. To maintain a safe and respectful environment, all user-generated content is subject to our Terms of Service and specific moderation policies:
Acceptance of Terms: By using RettConnect and posting UGC, you explicitly agree to our Terms of Service, which clearly state a zero-tolerance policy for objectionable content, abusive behavior, and the promotion of misinformation or harmful content related to Rett Syndrome.
Content Filtering: We employ automated and manual methods to filter and identify objectionable content.
Reporting Mechanism: RettConnect provides a clear and accessible mechanism for users to report any content or users they deem objectionable or violating our Terms of Service.
User Blocking: Users have the ability to block other users to prevent unwanted interactions.
24-Hour Response Protocol: Our dedicated team of administrators and professionals will review all reported objectionable content and abusive user reports within 24 hours. We are committed to taking appropriate action, which may include removing the offending content and/or ejecting (suspending or banning) the user who provided the offending content.
9. Children's Privacy
RettConnect is intended for and marketed to adults (Parents, Guardians, Patients (adults), Caregivers, Advocates).
Age Restriction: RettConnect does not permit direct account creation by, and does not knowingly collect personal information from, children under the age of 13.
If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take immediate steps to delete such information.
10. International Data Transfers (GDPR, CCPA, etc.)
RettConnect is available globally, and your information may be processed and stored in the United States, where Google Firebase servers are located.
General Data Protection Regulation (GDPR) - EU/EEA/UK Users: If you are located in the European Union, European Economic Area, or the UK, you have certain rights under the GDPR. As the "Data Controller" of your personal data, we commit to facilitating these rights:
Right to Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can request that inaccurate personal data be corrected.
Right to Erasure ("Right to be Forgotten"): You can request the deletion of your personal data (as enabled by our in-app account deletion).
Right to Restriction of Processing: You can request that we limit the way we use your personal data.
Right to Data Portability: You can request to receive your personal data in a structured, commonly used, and machine-readable format. While direct downloads are not currently available for all data types, we will work to fulfill reasonable requests for data portability.
Right to Object: You can object to the processing of your personal data in certain circumstances.
To exercise any of these rights, please contact us using the information provided in Section 12.
California Consumer Privacy Act (CCPA/CPRA) - California Residents: If you are a California resident, you have specific rights under the CCPA/CPRA, including:
Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you, the sources from which it is collected, the purposes for collecting it, and the categories of third parties with whom we share it.
Right to Delete: You can request the deletion of personal information we have collected from you (as enabled by our in-app account deletion).
Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information as defined by CCPA/CPRA for cross-context behavioral advertising.
Right to Limit Use of Sensitive Personal Information: We do not use your sensitive personal information for purposes other than those specified in this policy.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.
To exercise any of these rights, please contact us using the information provided in Section 12.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy. If we make material changes, we may notify you through the App or by email. We encourage you to review this Privacy Policy periodically. Your continued use of RettConnect after the updated Privacy Policy is posted will constitute your acceptance of the changes.
12. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
Email Contacts:
General Support: support@orbitem.com
Business Inquiries: contact@orbitem.com
RettConnect Team: rettconnect@orbitem.com
Website:
https://www.orbitem.com/contact
Rettconnect Private Policy
