Carelendr Privacy Policy
Effective date: June 10, 2026
Last updated: July 14, 2026
Carelendr is operated by FY Network, Inc., a Delaware corporation with principal operations in New Jersey. This policy tells you what information we collect when you use the Carelendr app, how we use it, and what rights you have over it.
We wrote this for caregivers, not lawyers. If anything is unclear, email us at admin@fynetwork.com.
Who this service is for
Carelendr is a professional tool for adults who work as caregivers, specifically Direct Support Professionals and similar roles. The app is not directed at or intended for anyone under 18 years old. If you are under 18, do not use the app.
What we collect
We collect the following information when you create and use a Carelendr account. Every item in this list is linked to your account. None of it is used for advertising or tracking.
Contact information: your full name; your phone number (used for account identity and verification); your email address (collected if you sign in with Apple; may be used for account communications).
Location: your county; your home location coordinates, if you add them to an authenticated profile; and your GPS coordinates at the time you send an availability ping, only if you grant location permission. The public /caregiver workspace accepts a ZIP code and commute limits for in-browser planning, but it does not send those values to Carelendr.
Account identifiers: your Carelendr user ID (assigned at registration); your device push token (used to send notifications through the Apple Push Notification service).
Security and audit metadata: pseudonymous account or session identifiers; IP address; device identifier; request and event timestamps; agency or record identifiers involved in an audited action; action and outcome details; and integrity hashes used to investigate security events, enforce access controls, and maintain required audit records.
Professional and employment information: your employment type, transportation status, and the services you are qualified to provide; credential metadata from your vault (credential type, status, expiration date, and issuer); and the credential or document file contents, such as PDFs or images, that you choose to upload. Only files you explicitly select can be made available through a caregiver-created profile-package link. We also collect job application tracking records you create; your FCRA authorization record (the disclosure version you accepted and the timestamp of your consent); and professional reference lifecycle metadata (the relationship label you assign and the status of the request). Your reference contact's own personal information is never sent to our servers.
Your availability schedule: your weekly availability pattern and the windows and mode you set, plus any availability overrides you add.
Caregiver work preferences and plans: your Capacity, Compatibility, compliance preferences, and Culture preferences (the Four Cs); weekly earnings goals; target hours; estimated withholding; commute budgets; planned gross and net earnings; planned work time; and employer or opportunity items you add to an authenticated earnings plan. These are planning records, not payroll records or verified wages.
Opportunity and application tracking: opportunities you save; provider and job references; source links; fit explanations; status and next-action dates; application details; and opportunity or application status history. The current public /caregiver workspace does not match you to providers or jobs or submit applications to employers.
Consent and action records: the recipient, purpose, exact action, selected data fields, related profile-package identifier, issue and expiration dates, revocation history, and use events for consent you grant in an authenticated feature; plus caregiver-approved action drafts, structured payloads, payload fingerprints, authority snapshots, status history, and any delivery or adapter receipt returned for an external action. No external action adapter is currently active for the public /caregiver workspace.
Notes you write (optional): short notes you attach to an interest signal, and notes you attach to a job application.
What stays on your device
Some data never leaves your phone. We do not receive it, store it on our servers, or have any access to it.
The current public /caregiver workspace keeps your ZIP, commute limits, availability, work preferences, readiness selections, earnings inputs, provider research history, and in-page action history in browser memory only. Refreshing, closing, or leaving the page clears that workspace. Its Export control downloads a JSON file directly to a location you choose; it does not upload the workspace to a Carelendr account.
Visit notes. The text of every visit note you dictate or edit, including the original transcript, the polished version, and the structured output, stays on your device. Nothing you document about a visit is transmitted to Carelendr. This is a deliberate design choice and a core part of how the app is built.
Voice recordings are stored on your device only, protected by the iOS file protection system, and excluded from iCloud backup. We never receive audio. Mileage entries and paycheck scenarios in the iOS app are also stored on your device only.
This will change only if we add a server-side sync feature for any of these categories. If we do, we will update this policy before that feature ships and notify you.
How we use your information
We use the information above only to operate the app. Specifically:
- To create and maintain your account
- To calculate and display your readiness score and progress
- To store and return caregiver-owned work preferences, plans, opportunities, applications, consents, and action records when you use an authenticated feature that saves them
- To send account, credential, and availability notifications that you enable
- To keep application tracking records you choose to create; the current public /caregiver workspace does not submit applications to employers
- To maintain the professional reference workflow
- To comply with legal obligations, including FCRA requirements for background check authorization records
We do not use your information for advertising. There are no ads in Carelendr and there never will be.
SMS and text messaging
If you provide your mobile number and consent during signup, Carelendr may send one-time passcodes for signing in and account or credential notifications that are enabled for your account. The current public caregiver release does not send provider or job matches, application submissions, or matched shift confirmations by text. We do not send marketing or promotional text messages.
Message frequency varies. Message and data rates may apply. Reply STOP to any message to stop receiving texts, and reply HELP for help. You can also contact us at admin@fynetwork.com.
We do not share your text messaging opt-in data or consent with any third parties or affiliates for any purpose. This information is used only to deliver the Carelendr messages you signed up for. No mobile information is sold, rented, or shared with third parties for their own marketing.
Opting out of text messages does not delete your account. Because one-time passcodes are part of account security, you may still receive sign-in codes when you choose to sign in.
Current caregiver planning and matching status
The current public /caregiver workspace does not match caregivers with providers or jobs, rank caregivers for provider hiring, submit applications, or send workspace data to providers. Its calculations use only the values you enter and run in browser memory. The codebase contains separate authenticated matching and provider-workflow paths, but they are not part of this public workspace or its current public release.
For current provider research, the workspace opens the official NJ DDD Provider Search at irecord.dhs.state.nj.us/providersearch. A provider record in that state service is not a Carelendr job match or a verified job opening. Confirm hiring, pay, services, location, and requirements directly with the provider.
Before Carelendr presents an authenticated caregiver-to-provider or caregiver-to-job matching workflow as released and available, we will complete the required product and legal review, update this policy and applicable consent controls, and make access, export, correction, and deletion coverage available for the data the feature uses.
What we do not do
- We do not sell your personal information to anyone.
- We do not share your information with advertising networks or data brokers.
- We do not use cross-app tracking or build behavioral profiles for advertising purposes.
- We do not use analytics SDKs (no Firebase Analytics, Mixpanel, Amplitude, Segment, or similar tools are in the app).
- We do not collect financial account numbers, credit card data, or bank details.
- We do not collect your contacts list, browsing history, or search history.
Who processes your data
The processor and runtime inventory is a release gate. Carelendr will not activate authenticated caregiver market features unless the deployed services, data flows, contracts, processor register, and this disclosure have been reconciled. The table below describes the currently intended core runtime boundary; it is not a completed production processor register.
| Service | Role | What it receives |
|---|---|---|
| Amazon Web Services | Account authentication and Carelendr application infrastructure | Account identifiers and the server-stored data handled by the enabled Cognito, API, database, object-storage, email, or notification service; each service remains subject to its feature and data-class gate |
| Vercel | Web hosting and web-to-API gateway | Caregiver and provider web traffic, IP address, request headers, and proxied request and response data for authenticated web flows; PHI routes remain disabled pending the separate PHI gate |
| Twilio | Current default text-messaging adapter when configured | Your mobile number and the account or sign-in message being delivered; production messaging remains blocked until the selected account, sender, consent, and processor evidence are approved |
| Apple Push Notification service | iOS notification delivery when enabled | Your device push token and the bounded notification payload required for delivery |
The codebase also contains inactive or gated Telnyx messaging, Stripe billing, and hosted AI paths. They may not receive personal data unless the applicable feature is enabled, contractually approved, entered in the processor register, and disclosed here before activation. The public hosted-AI endpoint is disabled. Carelendr does not authorize analytics, advertising, or data-enrichment processors to use your personal information for their own purposes.
Security
Your data is stored in encrypted databases. Traffic between the app and our servers uses HTTPS. Account endpoints require account authentication. Caregiver-created profile packages and professional-reference forms intentionally use high-entropy, expiring links as their credential and can be opened without an account session; treat those links as sensitive and revoke or stop sharing them when they are no longer needed. Sensitive data, including your Cognito credentials, is stored in the iOS Keychain, which uses hardware-backed encryption on supported devices.
No security system is perfect. If you believe there has been unauthorized access to your account, email us at admin@fynetwork.com immediately.
Data retention
We keep your account data for as long as your account is active. An account-deletion request permanently removes the caregiver-owned application records listed above from the primary database. Authentication and credential-object cleanup must also complete before Carelendr reports the request as fully completed. If either external cleanup step fails, Carelendr returns an incomplete result identifying the unresolved cleanup category; reconciliation remains required before completion can be confirmed.
Security and compliance audit records may be retained after account deletion for the applicable legal and security retention period. Those records can include pseudonymous account identifiers, request metadata such as IP address or device identifier, timestamps, action details, and integrity hashes. They are restricted to security, compliance, incident-response, and legal-retention purposes.
Account deletion does not delete employment, hiring, scheduling, billing, or other operational records that a provider independently created or controls. Those records remain subject to the provider's policies and applicable law. Contact the provider for access, correction, or deletion requests involving its records.
How to delete your account
Open the app, go to Settings, then Account, then Delete Account. You will be asked to confirm. Carelendr removes caregiver-owned application records and attempts the required authentication and credential-object cleanup. The app must not report deletion as complete until those cleanup steps succeed; a failed cleanup returns an incomplete result and requires reconciliation.
Your rights
Access: request a copy of the personal information we hold about you by emailing admin@fynetwork.com with the subject line “Data access request.”
Correction: update most of your profile information directly in the app; for anything you cannot edit yourself, email admin@fynetwork.com.
Deletion: delete your account at any time using the in-app option above, or email admin@fynetwork.com to request deletion.
Portability: request a copy of your data in a portable format by emailing admin@fynetwork.com with the subject line “Data portability request.”
New Jersey residents: under the New Jersey Data Privacy Act, you have the rights above plus the right to opt out of the sale of personal data (we do not sell data) and targeted advertising (we do not run targeted advertising). We respond to rights requests within 45 days and do not charge a fee.
Children
Carelendr is a professional tool for adults employed or seeking employment in caregiving roles. We do not knowingly collect information from anyone under 18. If you believe a minor has created an account, email us at admin@fynetwork.com and we will delete it.
Changes to this policy
When we make material changes to this policy, we will update the Last updated date at the top and, where appropriate, notify you through the app or by email. The most current version is always at carelendr.com/privacy. Continued use of the app after a policy update constitutes acceptance of the updated terms.
Contact
Carelendr is operated by FY Network, Inc. in New Jersey. Email admin@fynetwork.com for all privacy requests. We respond within 45 days. A business mailing address will be published after it is approved for public use.
FY Network, Inc. · New Jersey · admin@fynetwork.com