Privacy Policy

1. About This Policy

Zipline Health, Inc. ("Zipline Health," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

This policy applies to all users of the Zipline Health website (ziplinehealth.com) and the Zipline Health mobile application. It covers our obligations under United States privacy law, the European Union General Data Protection Regulation (EU GDPR), the United Kingdom General Data Protection Regulation (UK GDPR), and the Swiss Federal Act on Data Protection (Swiss FDPA).

2. Information We Collect

When you place a pre-order

• Name and email address
• Shipping address
• Payment information — processed securely by Stripe. We never see or store your full card number.
• Order details and transaction ID

When you join our waitlist

• Email address
• Date and source of signup

When you visit our website

• Browser type and device information
• Pages visited and time spent on site
• Referring website or search terms
• General geographic location (city/country level — not precise)

Website analytics are collected through Google Analytics. This data is aggregated and anonymous — we cannot identify individual visitors from analytics data.

When you contact us

• Your email address and the contents of your message

When you use the Zipline app

The Zipline app allows you to capture, store, and organize health-related images and notes for yourself and your family members. This data is stored in your private, encrypted account and is accessible only to you. Zipline Health does not access, review, or use your health imaging data for any purpose.

• Account information (email address, display name)
• Health images and notes you create — stored in your private account only
• Device information (device model, OS version) used to manage authorized devices on your account
• Usage data (session timestamps, feature interactions) used to improve the app

3. How We Use Your Information

• To process and fulfill your pre-order
• To communicate order status, milestone notifications, and shipping updates
• To send you the app launch notification you signed up for
• To send occasional product updates and announcements if you opted in — you can unsubscribe at any time
• To respond to your questions and support requests
• To operate and improve the Zipline app and website
• To maintain security, detect fraud, and enforce our Terms of Service
• To comply with legal obligations

We do not use your information for any purpose beyond what is listed above without your explicit consent. We do not use your health imaging data for any purpose — it exists solely in your private account for your personal use.

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We share your data only with the following trusted service providers who help us operate our business:

• Stripe — payment processing. Stripe's privacy policy governs how they handle your payment information. See stripe.com/privacy.
• Mailchimp — email list management and communications. See mailchimp.com/legal/privacy.
• Google Analytics — anonymous website analytics. See policies.google.com/privacy.
• Netlify — website hosting. See netlify.com/privacy.
• Firebase / Google — app backend and data storage. See firebase.google.com/support/privacy.

We may disclose your information if required by law or to protect the rights and safety of Zipline Health or others.

5. Data Security

We take reasonable measures to protect your personal information. Payment processing is handled entirely by Stripe — we never store your credit card information on our servers. Email addresses are stored securely in Mailchimp. App imaging data is stored with end-to-end encryption in Firebase.

No method of transmission over the internet is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security.

6. Email Communications

If you joined our waitlist or placed a pre-order, you will receive transactional emails related to your order and the app launch. You may also receive occasional product updates if you opted in.

You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email or contacting us at info@ziplinehealth.com. Unsubscribing from marketing emails will not affect transactional order notifications.

7. Cookies

Our website uses cookies for analytics purposes through Google Analytics. These cookies collect anonymous data about how visitors use our site. They do not store personal information and cannot identify you individually.

You can disable cookies in your browser settings. Disabling cookies will not affect your ability to browse our site or place an order.

8. Your Rights

You have the right to:

• Access — request a copy of the personal information we hold about you
• Correction — request correction of inaccurate or incomplete information
• Deletion — request deletion of your personal information, subject to legal obligations (you may also delete your account and all associated data directly within the app)
• Opt out of marketing — unsubscribe from marketing communications at any time
• Pre-order refund — as outlined in our Terms of Service

EU, UK, and Swiss residents have additional rights under the GDPR, UK GDPR, and Swiss FDPA — see Section 13 below.

To exercise any of these rights contact us at info@ziplinehealth.com.

9. Children's Privacy

Our website and purchasing process is intended for adults 18 years of age and older. We do not knowingly collect personal information from children under 13. The Zipline device is intended for use by adults on themselves and family members including children, under adult supervision.

10. Geographic Scope & International Data Transfers

Zipline Health, Inc. is based in the United States. The Zipline website and app are accessible to users globally, including in the European Union, United Kingdom, and Switzerland.

Your personal information is stored and processed in the United States. If you are located outside the United States, your data will be transferred to and processed in the US. We ensure appropriate safeguards are in place for such transfers:

• Google Cloud / Firebase: We have executed Google's Cloud Data Processing Addendum, which incorporates Standard Contractual Clauses (SCCs) for international data transfers. Google is certified under the EU–US Data Privacy Framework.
• Stripe: Certified under the EU–US Data Privacy Framework. See stripe.com/privacy.
• Brevo (email / SMS notifications): Compliant with GDPR. See brevo.com/legal/privacypolicy.

11. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this policy:

• Pre-order and waitlist data — retained for the duration of your pre-order and for up to 3 years after fulfillment for legal and accounting purposes, then deleted
• App account data — retained for the life of your account. When you delete your account, all associated data (profile, images, notes) is permanently deleted within 30 days
• Website analytics — retained per Google Analytics default data retention settings (up to 26 months)
• Email communications — retained until you unsubscribe or request deletion
• Support correspondence — retained for up to 2 years after your last contact

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. We will notify pre-order customers and app users of any material changes by email.

13. GDPR, UK GDPR & Swiss FDPA — Additional Rights

If you are located in the European Union, the United Kingdom, or Switzerland, the following additional provisions apply to you.

Data Controller

Zipline Health, Inc. is the data controller for personal data collected through our website and app. You can contact us at info@ziplinehealth.com.

Legal Basis for Processing

• Contract performance (Art. 6(1)(b) GDPR) — processing your order, shipping information, and account registration
• Consent (Art. 6(1)(a) GDPR) — marketing emails and optional notifications. You may withdraw consent at any time by unsubscribing
• Legitimate interests (Art. 6(1)(f) GDPR) — website security, fraud prevention, improving our services, and analytics. We have assessed that these interests do not override your fundamental rights
• Legal obligation (Art. 6(1)(c) GDPR) — complying with applicable laws including financial record-keeping requirements
• Explicit consent (Art. 9(2)(a) GDPR) — processing health-related imaging data in the Zipline app. You provide explicit consent during app account creation, and you may withdraw this at any time by deleting your account and data

Your Rights Under GDPR / UK GDPR / Swiss FDPA

In addition to the rights in Section 8, you have the right to:

• Data portability (Art. 20 GDPR) — receive your personal data in a structured, machine-readable format and transfer it to another controller
• Restriction of processing (Art. 18 GDPR) — request that we restrict processing of your data in certain circumstances
• Object to processing (Art. 21 GDPR) — object to processing based on legitimate interests, including objecting to direct marketing at any time
• Not be subject to automated decision-making — we do not make automated decisions with legal or similarly significant effects based solely on automated processing

Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with your local data protection supervisory authority:

• EU residents: Contact your national Data Protection Authority (DPA). A list is available at edpb.europa.eu
• UK residents: The Information Commissioner's Office (ICO) at ico.org.uk
• Swiss residents: The Federal Data Protection and Information Commissioner (FDPIC) at edoeb.admin.ch

We encourage you to contact us first at info@ziplinehealth.com so we can try to resolve your concern directly.

14. Contact

Questions about this Privacy Policy or how we handle your data? Contact us at info@ziplinehealth.com. We are a small team and will respond as quickly as possible.

Zipline Health, Inc.
info@ziplinehealth.com