Data Collection
- Authentication: Email address (Firebase Auth UID) to create and secure accounts, support password recovery, and prevent duplicates.
- Profile Information: User-chosen first name, anonymized last-name noun, profile photo (optional), and “About Me” text to personalize the experience and support sponsor matching.
- Chat Transcripts: Peer-to-peer and AI chatbot dialogs—fully de-identified before analysis—to refine support algorithms and measure engagement.
- Usage & Activity: Feature taps, session timestamps, task completions, daily active usage, and app-open frequency to identify high-value features and monitor engagement.
Data Usage
Collected data powers two core research aims:
1. Predictive Modeling: NLP and machine-learning on anonymized transcripts and sobriety dates to identify markers of sustained recovery or relapse risk.
2. Chatbot Improvement: Continuous retraining of the Dawn AI agent on de-identified logs to enhance empathy, relevance, and guidance.
Data Storage & Security
- Primary Storage: Firebase Realtime Database / Firestore & Cloud Storage.
- LLM Inference: OpenAI API, configured not to train on submitted content—no transcripts are stored on their servers.
- Encryption: Google Cloud default at-rest encryption; TLS/HTTPS in transit.
- Access Controls: Production-DB credentials held only by authorized team members; principle of least privilege enforced.
Confidentiality & De-identification
- UIDs: Random, non-sequential internal identifiers replace personal emails/names in research exports.
- Automated Scrubbing: OpenAI-powered pipeline removes phone numbers, addresses, last names, and other PII from transcripts.
- Timestamps: Original message times retained to preserve behavioral patterns (IRB-approved).
- Quality Checks: Manual spot-checks ensure no residual PII remains before analysis.
Participant Rights
- Voluntary Participation: Use of the app is entirely optional and may cease at any time without penalty.
- Withdrawal: Account deletion via Settings → Delete Account or by emailing support@sponserity.com halts new data collection; existing data remains in fully de-identified form and UID mappings are destroyed.
- Data Access: Requests for personal data exports fulfilled within 30 days via support@sponserity.com.
- Data Correction: Profile updates may be made in-app under Settings → Profile.
- Complaints: Reports of rights violations directed to support@sponserity.com or the University IRB Office at muresearchirb@missouri.edu, (573) 882-3181.
Contact
Privacy Contact: Sponserity Support, support@sponserity.com
