Data Protection

Scope and Status

This Data Protection Notice explains how Quartz Scheduler Health Hub (quartzscheduler.org) processes personal information in connection with our website, wellness planners, and educational resources about medication schedules, diseases, and supplements. This Notice is intended to address requirements of the European Union General Data Protection Regulation (GDPR) and applicable United States privacy laws. Where state or national laws provide stronger protections, we will apply those protections to the extent required.

Our content is informational and educational. It is not medical advice and is not a substitute for consultation with a licensed healthcare professional.

Controller and Contact

Controller/Business: Quartz Scheduler Health Hub (quartzscheduler.org), United States of America.

Primary contact for privacy inquiries and rights requests: contact us by email.

If you send us a request, please include enough information for us to identify you and your request, and do not include sensitive information beyond what is necessary to verify your identity. If Article 27 GDPR (EU/UK representative) becomes applicable to our operations, we will appoint a representative and update this Notice accordingly.

Categories of Personal Data Processed

• Identifiers and contact information (e.g., IP address, device identifiers; if you provide it, name or email address).
• Internet or electronic activity (e.g., page views, clicks, referral URLs, approximate location derived from IP, browser type, and similar diagnostic data).
• Account and preference data (e.g., saved wellness planning preferences, reminder settings if offered).
• User content (e.g., queries you submit through forms, feedback, or survey responses).
• Inferences drawn from the above to personalize content or improve user experience.
• Sensitive data: We do not require health data; however, you may voluntarily provide wellness- or medication-related notes for your personal planning. Treat such information as sensitive and share only what you are comfortable providing.

Sources of Personal Data

• Directly from you (e.g., forms, preferences, emails).
• Automatically from your device and browser via cookies and similar technologies.
• From service providers and processors that support analytics, security, and website functionality.

Purposes and Legal Bases for Processing

Consent

We rely on consent for optional cookies/trackers, email communications you opt in to, and for processing any sensitive information you voluntarily provide (where required). You may withdraw consent at any time, without affecting processing prior to withdrawal.

Contractual Necessity

We process data as necessary to provide requested services or features (e.g., saving planning preferences or responding to inquiries).

Legitimate Interests

We process data to secure our services, prevent fraud, measure and improve site performance, and develop new features, provided these interests are not overridden by your rights and freedoms.

Legal Obligations

We may process data to comply with applicable laws, regulatory requests, or enforce our terms.

Vital Interests

In rare circumstances, we may process data to protect vital interests, such as security incidents impacting individuals.

Cookies and Similar Technologies

We use cookies, local storage, and similar technologies to operate the site, remember preferences, and understand aggregate usage. Where required, we seek consent for non-essential cookies. You can manage cookies via your browser settings and, where available, our on-site controls. Blocking certain cookies may impact functionality.

U.S. State Privacy Disclosures

Categories Collected

In the preceding 12 months, we may have collected the following categories as defined by state laws such as the California Consumer Privacy Act (CCPA/CPRA): identifiers; internet/electronic activity; geolocation (approximate); inferences; and, if provided by you, sensitive personal information (e.g., health-related notes for planners).

Purposes of Collection and Disclosure

We collect and disclose personal information for business purposes, including: providing and maintaining services; debugging and security; analytics and service improvement; communicating with you; and compliance.

Disclosures for Business Purposes

We may disclose personal information to processors/service providers that perform services on our behalf (e.g., hosting, analytics, security). We require such parties to use data only as instructed and to protect it appropriately.

Sale/Share and Targeted Advertising

We do not sell personal information for monetary consideration. Some states define “share” to include cross-context behavioral advertising. To the extent our use of analytics or advertising technologies constitutes “sharing” or “targeted advertising,” you may exercise your right to opt out by using available on-site controls or by contacting us at our email.

Your U.S. State Privacy Rights

• Right to know/access and data portability.
• Right to correct inaccuracies.
• Right to delete personal information.
• Right to opt out of sale/share/targeted advertising (as defined by applicable law).
• Right to limit the use and disclosure of sensitive personal information (where applicable).
• Right to non-discrimination for exercising your rights.

Residents of California, Colorado, Connecticut, Utah, and Virginia (and other states with similar laws) may exercise these rights as applicable by contacting us at our email. Virginia and Colorado residents may appeal a denial by replying “Appeal” to our response; if denied, you may contact your state Attorney General.

Notice of Financial Incentive

We do not offer programs that provide discounts or rewards in exchange for personal information. If that changes, we will describe material terms before enrollment.

GDPR Rights for EEA, UK, and Swiss Individuals

• Right of access to your personal data.
• Right to rectification of inaccurate data.
• Right to erasure (right to be forgotten) subject to legal exceptions.
• Right to restriction of processing.
• Right to data portability.
• Right to object to processing based on legitimate interests or direct marketing.
• Right to withdraw consent at any time where processing is based on consent.

You may exercise these rights by contacting our email. If we cannot resolve your concern, you may lodge a complaint with a supervisory authority where you live or work.

Exercising Rights, Verification, and Response Timelines

We will verify your request to a reasonable degree of certainty, which may include matching information you provide with our records or requesting additional details. We will respond within the timelines required by applicable law. Authorized agents may submit requests where permitted, subject to proof of authorization and identity verification.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Notice, including providing services, maintaining security, complying with legal obligations, and resolving disputes. Retention periods vary by data category and context, and we apply criteria such as the nature of the data, the risks of retention, and our legal obligations.

International Transfers

We are based in the United States. If personal data is transferred from the EEA, UK, or Switzerland to the U.S. or other countries lacking an adequacy decision, we use appropriate safeguards such as Standard Contractual Clauses, and implement additional measures as needed. You may contact us for more information.

Security Measures

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction. No method of transmission or storage is fully secure, and we cannot guarantee absolute security.

Children’s Privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child under 13 has provided us with personal information, please contact us so we can take appropriate action. For residents subject to higher age thresholds, we comply with applicable law.

Health Information and HIPAA

We are not a healthcare provider or insurance plan, and we are generally not subject to HIPAA. Do not submit protected health information you would not want stored on non-HIPAA systems. Our wellness tools are for informational purposes only and do not provide medical diagnosis or treatment recommendations.

Processors and Other Disclosures

We engage processors/service providers for hosting, security, analytics, communications, support, and similar functions. We may disclose data if required by law, to protect our rights or the rights and safety of others, or in connection with a corporate transaction (e.g., merger or acquisition) subject to appropriate safeguards.

Automated Decision-Making and Profiling

We do not engage in automated decision-making that produces legal or similarly significant effects about you. We may use limited profiling to personalize content or measure engagement; you may object where permitted by law.

Do Not Track and Global Privacy Controls

Our services may not respond to Do Not Track signals. Where legally required, we treat recognized, browser-enabled opt-out preference signals as requests to opt out of sale/share or targeted advertising.

Changes to This Notice

We may update this Notice to reflect changes in our practices or legal requirements. Material changes will be indicated by updating the Effective Date and, where appropriate, by additional notice.

Contact Information

For questions or requests regarding this Notice or your data: contact us by email. Postal location: United States of America.

Effective Date

This Notice is effective as of the date it is posted or last updated on the website.