Privacy Policy

buddy · last updated April 23, 2026

buddy (“buddy,” “the app,” “we,” “us”) is a territory-management application for field-sales professionals. buddy is owned and operated by Anna Baker, an individual located in Florida, United States. This policy explains what information buddy collects, how it is used, how it is stored, and the choices you have.

By using buddy you confirm you have read and accepted this policy and the Terms of Use.

1. Information buddy collects

Account and identity. First name, role (Associate Rep, Territory Manager, Regional Manager, Division Admin), title, tier, company and division identifiers, team identifier, selected U.S. states of coverage, an optional personal “buddy code,” an optional birthday month and day (used only for account recovery as a second factor), and a SHA-256 hash of your 4-digit PIN with a per-device salt. buddy does NOT collect your last name, email, phone number, physical address, government ID, full date of birth, or any payment information.

Content you enter. Account records, contact records, visit logs, opportunity pipeline, MBO and quota metrics, planner events, brag-book wins, private voice or text notes, personal and team library content, buddy-AI chat history, bug reports, and PIN-reset or help-request issues.

Device and usage. Browser user-agent string, timezone, app version, last sync timestamp, error stack traces (personal content is redacted where feasible), and push-notification delivery acknowledgments. Your IP address may be observed transiently by our cloud provider in the course of routing a request; buddy does not retain IP addresses.

Push-notification tokens. If you opt in to push, buddy stores the opaque push-subscription token issued by your browser or operating system so the server can deliver a notification to your device. Tokens contain no personal information and are invalidated automatically when you revoke permission.

buddy does NOT collect location, contact lists, photos, camera, microphone, calendar events outside those you enter, browsing history, advertising identifiers, or behavioral fingerprints.

2. How buddy uses information

To provide, maintain, and improve the service; to authenticate you using your first name plus PIN plus, where enabled, Face ID or Touch ID; to synchronize your data between the devices you sign in from; to route approval and team-visibility rules according to your role; to generate AI responses in the buddy-AI feature; to deliver push notifications you have opted into; to diagnose errors; to enforce acceptable-use limits; and to comply with legal obligations.

3. What managers, admins, and division admins can see

Regional Managers see team-summary data for their own team (accounts, visits, pipeline, MBO and quota progress) but NOT your private notes, AI chat history, personal library content, or quiz streaks. Division Admins see aggregate division data for their own division only. Two platform administrators (Anna Baker and a designated operator) have operational support access to assist with account recovery, bug investigation, and abuse enforcement; this access is logged and is not used for commercial purposes. No manager, admin, or administrator can see another company’s or another division’s data.

4. AI features

The buddy-AI feature routes your request through a secure server-side proxy to the Anthropic Claude API. The prompt sent to Anthropic is assembled from YOUR data alone; another user’s data is never included in your prompt, and your data is never included in another user’s prompt. buddy stores the last 50 messages of your chat history in your own user document. Anthropic processes API requests under its commercial-terms data policy, which by default does not use API inputs or outputs to train Anthropic’s models. See anthropic.com/legal/privacy.

5. Medical information

6. How buddy protects information

Your data in transit is encrypted using TLS 1.2 or later. Your data at rest is stored in Google Firestore, which applies AES-256 encryption to stored data. PIN values are never stored; only a salted SHA-256 hash is stored. Access to the Firebase project is restricted to authenticated administrator accounts with two-factor authentication. buddy does not use third-party analytics, advertising SDKs, or behavioral tracking.

7. Third parties

buddy uses the following service providers to operate the app. None of them sell your data:

• Google Firebase · anonymous authentication, Firestore database, Cloud Functions, Cloud Messaging. firebase.google.com/support/privacy
• Anthropic · Claude API for the buddy-AI feature. anthropic.com/legal/privacy
• Vercel · static hosting for the web app and landing page. vercel.com/legal/privacy-policy
• GitHub Pages · fallback hosting. docs.github.com/en/site-policy
• CMS (U.S. federal) · public physician directory data pulled read-only from the NPI Registry. No data about you is sent to CMS.
• Polygon.io · live market data (stock and index quotes, currency pairs for precious metals) routed through our server-side proxy. Only your watchlist symbols are sent; no personally identifying information. polygon.io/privacy
• FRED (Federal Reserve Economic Data) · public macroeconomic series (treasury yields, gold, oil) pulled read-only. No data about you is sent. fred.stlouisfed.org/legal
• Finnhub · backup equities data provider, called only when Polygon is unavailable. Same minimal data flow as Polygon. finnhub.io/policies/privacy
• CollectAPI · supplementary feeds (precious-metals fallback, gas prices, news headlines). Server-side proxy only; no personal data sent. collectapi.com/privacy
• ElevenLabs · text-to-speech for the On Air clinical audio feature. Only the public product script text is sent for synthesis. No identifying information. elevenlabs.io/privacy
• Google Routes API · route optimization for field-sales users (only). When you tap "optimize route," your route's stop addresses are sent server-side. policies.google.com/privacy
• Cloudflare cdnjs · loads the PDF.js library used to read PDFs you upload to your library. Your IP is visible to Cloudflare on first load. cloudflare.com/privacypolicy

8. Your rights

Access. You can view and export everything buddy stores about you from Settings › Export data.

Correction. You can edit every field you entered, at any time, from the app.

Deletion. You can delete all of your data permanently from Settings › Delete everything forever. Deletion removes the data from the app and from the cloud within seven business days, subject to legal retention obligations (for example, fraud-prevention logs). You do not need a reason, and you will not be asked for one.

Portability. The export provides a JSON file you can import into another instance of buddy or archive offline.

California residents (CCPA/CPRA). You have the right to know, delete, correct, and opt out of sale. buddy does not sell personal information. Exercise your rights by using the in-app controls or by contacting us at the address below.

EU/UK residents (GDPR/UK-GDPR). The lawful basis for processing is your consent and the performance of a contract (your use of the app). You may withdraw consent at any time by deleting your account. You have the right to lodge a complaint with a supervisory authority.

9. Retention

buddy retains your data for as long as your account is active. When you delete your account, operational data is removed within seven business days. Error logs and security logs are retained for up to 90 days for diagnostic purposes and then purged. Backups are rotated out within 30 days.

10. Children

buddy is not directed to children under 13 and does not knowingly collect information from children under 13. If you believe we have collected such information, contact us and we will delete it.

11. Changes to this policy

Material changes will be announced in-app and on the hosted landing page. The “last updated” date at the top reflects the most recent version. Continued use after the effective date constitutes acceptance.

12. Contact

Anna Baker, operator of buddy · Florida, United States. For privacy questions, data requests, or the HIPAA-safety notice above, reach out through the in-app feedback form in Settings › Report a bug. Requests requiring verification of identity may ask for information sufficient to confirm you are the account owner.

buddy is a solo-operator product. Every line of code, every server configuration, and every policy document is maintained by one person. This policy is written in plain English on purpose. If anything here is unclear, please ask.