Plain language. No legalese where we can avoid it. Last reviewed April 2026.
Last updated: April 2026
The short version: We collect only what's needed to run the service. We don't sell your data. We don't share it with advertisers. Your emergency profile information is used for one purpose — helping you be found and helped.
When you create a Helper-ID account or profile, we collect:
Your hosted profile is accessible only via the correct CODE and PIN combination. Anyone with both can view it — that's by design. The CODE and PIN are yours to share or keep private. You control who has them.
Your profile data is stored in an encrypted database hosted on infrastructure managed by industry-standard cloud providers. Data is encrypted at rest — meaning it is unreadable at the storage layer without the encryption keys managed by our hosting environment. All connections to and from Helper-ID are encrypted in transit over HTTPS.
Your profile data is retained as long as your membership is active. If your membership lapses, your profile is deactivated immediately — your CODE and PIN will no longer work. Your data is retained for 30 days to allow reactivation. If no renewal occurs within 30 days, your profile and all associated data are permanently deleted. You will receive an email with a copy of your profile data before deletion.
Access logs (records of when your profile was viewed) are retained for 90 days, then automatically purged.
If you request account deletion at any time, your data is removed within 30 days. Email [email protected] with the subject "Delete My Account."
We use the following third-party services to operate Helper-ID:
Each of these services has their own privacy policies. We've chosen providers with strong data practices, but we encourage you to review their policies if you have questions.
Last updated: April 2026
The short version: Use Helper-ID honestly. Don't misuse other people's profile access. We provide this service in good faith and ask the same from you.
Helper-ID is an emergency identification and information service operated by Empathy Lab, Inc. We provide NFC tags, hosted emergency profiles, and related tools for individuals and communities.
We commit to keeping your profile accessible, your data secure, and the service operational. We provide support for members and work to resolve issues promptly.
[PLACEHOLDER] Add specific uptime commitments, SLA language, or any service level expectations you want to set here.
Helper-ID is an information access tool — not a medical device, emergency dispatch system, or substitute for 911. We are not liable for outcomes that occur during emergency situations. The accuracy of your profile depends entirely on the information you provide.
We may update these terms from time to time. We'll notify active members by email of material changes. Continued use of Helper-ID after changes constitutes acceptance of the updated terms.
[PLACEHOLDER] Specify jurisdiction — Oregon, USA, or wherever Empathy Lab, Inc. is incorporated.
Last updated: April 2026
Every time your profile is accessed — whether by NFC tap or CODE+PIN entry — we log the date and time, access method (NFC or CODE+PIN), and the IP address of the request. Failed PIN attempts are also logged. Logs are retained for 90 days, then automatically purged.
You can view your access history in your member dashboard, including any failed attempts. This gives you full visibility into when and how your profile has been seen — and whether anyone has tried to access it incorrectly.
Headshot photos you upload are stored in a private, encrypted storage bucket. They are not publicly accessible — they are only served when a valid CODE+PIN lookup is completed.
Medical data (allergies, medications, conditions, blood type) is stored encrypted at rest and is only displayed to someone who has successfully completed a CODE+PIN lookup. We treat this data with the highest level of care in our system.
You can request a copy of all data we hold about you at any time. Email [email protected] with the subject "Data Request" and we'll respond within 7 business days.
You can request full deletion of your account and all associated data at any time. Email us with the subject "Delete My Account." Deletion is permanent and cannot be undone.
Last updated: April 2026
The short version: We don't just say we take security seriously — we've built specific protections into every layer of the platform. Here's what that means in plain language.
Every interaction with Helper-ID travels over an encrypted connection. Your browser is permanently instructed to use encryption when connecting to Helper-ID, even if you type a plain web address.
Your profile information — including any medical details you've added — is stored encrypted. The underlying data is unreadable without the encryption keys managed by our infrastructure provider.
Your profile data cannot be queried directly from our database. Every lookup goes through our application server, which enforces authentication before any data is returned. This protection lives at the database layer — it cannot be bypassed at the application level.
When you set a PIN, we immediately convert it into a one-way cryptographic value and discard the original. We never store your PIN in a readable form — not in our database, not in our logs, nowhere.
The profile lookup system is protected against automated attempts to guess PINs. Repeated failures — whether from one location or many — are detected and blocked. Every failed attempt is logged.
Any time your profile is viewed, we record the date, time, and access method. You can see this history in your member dashboard. You always know when your information has been accessed.
Billing is handled entirely by Stripe, a PCI-DSS certified payment processor. Helper-ID never sees, receives, or stores your card number or banking details.
If you use a self-sovereign NFC tag, your profile data is read directly from the tag by the person scanning it — it never passes through our servers. Your information goes from your tag to their screen and nowhere else.
Questions about our security practices? [email protected]
Last updated: April 2026
Digital download purchases ($9) are non-refundable once the profile URL has been generated and delivered. If you have an issue with your purchase, contact us and we'll make it right.
Physical NFC tag orders ($35) can be refunded within 14 days of purchase if the tags have not been written. Once an NFC tag has been written with your profile data, it cannot be refunded. Contact us if your tags arrive damaged.
Annual memberships ($55/yr) can be refunded within 30 days of purchase if you're unsatisfied for any reason. After 30 days, no refunds are issued but your membership remains active until the end of the billing period.
Email [email protected] with your order details and reason. We respond within 2 business days.
Questions about privacy, your data, or these terms? We're a small team and we respond personally.
Email: [email protected]
Company: Empathy Lab, Inc.
[PLACEHOLDER] Add mailing address if required for legal compliance.