Handler Labs
This is the privacy policy for Diabetic Alert Dog Log. It incorporates the Handler Labs baseline policy and adds disclosures specific to this app. View the master policy.

Diabetic Alert Dog Log · Privacy Policy

Effective date: May 24, 2026

1. Who we are

Handler Labs is an independent iOS software studio that builds training-log apps for service dog handlers. We can be reached at [email protected]. This policy covers Diabetic Alert Dog Log.

We are the data controller. Your records are stored on your device and synced to your own private iCloud, which we cannot access. Apple acts as our processor for that storage.

2. Our privacy principle

Your data lives in your iCloud account. We cannot see it, access it, or sell it.

Every record you log stays in your private Apple CloudKit database, which is the same infrastructure Apple uses for your own iCloud data. Handler Labs has no server, no database, and no account system. We have no technical means of accessing your records even if we wanted to.

3. What data the app stores

Depending on the app, this may include:

  • Dog profiles (name, breed, date of birth, photo)
  • Training session records (date, task type, duration, outcome, notes)
  • Alert events (timestamp, result, the single glucose value at the moment of the alert, notes)
  • A single HealthKit-sourced reading per alert event (a snapshot value, not a continuous trace)
  • Scent sample inventory records
  • Handler notes and custom fields

All of this is stored with iOS Data Protection (encrypted at rest when your device is locked) and synced via your private CloudKit database. Only devices signed in with your Apple ID can access it.

4. HealthKit data

Diabetic Alert Dog Log requests read-only access to the following HealthKit data type:

  • Blood Glucose

The app never writes to HealthKit. It reads HealthKit only when you log an alert event (to capture the value at that moment) or when you open a report view that shows context around an alert.

How HealthKit data is handled:

  • Single values at the moment of an alert are stored alongside the alert record so the record stands on its own. These single values sync via your private CloudKit database.
  • The continuous CGM trace (the curve over time) is never copied or persisted. It is re-fetched on demand from HealthKit when you view or export a report and remains on your device. It is never synced to CloudKit and never leaves your device.
  • HealthKit data is never transmitted to Handler Labs or any third party. It is not used for advertising, marketing, data mining, or any purpose other than displaying information within the app to you. This complies with Apple's HealthKit guidelines.

You can revoke HealthKit access at any time: Settings → Health → Data Access & Devices → Diabetic Alert Dog Log.

5. What we do not collect

  • No user accounts or registration; there is no Handler Labs account system
  • No names, email addresses, or contact information sent to us
  • No location data
  • No advertising identifiers (IDFA/IDFV)
  • No device fingerprinting
  • We do not sell or share personal data for cross-context behavioral advertising. We do not sell, license, or broker any data to third parties, ever.

6. Analytics

This app currently does not transmit any analytics. Nothing leaves your device. If we add anonymous analytics in the future, we will update this policy and Apple's App Privacy Label first, and the events will never include health data, dog names, or record content of any kind.

7. In-app purchases

Pro upgrades are processed entirely by Apple through Apple StoreKit. We receive a confirmation that a purchase was made and its entitlement status. We never receive your payment details, Apple ID, or billing information. Purchase receipts are validated locally on-device or via Apple's servers; no purchase data passes through Handler Labs infrastructure.

8. Data sharing and export

When you export a PDF summary or a JSON backup, that file is created entirely on your device and shared only when you choose to, using the iOS share sheet. Nothing is automatically uploaded or sent anywhere. You control every export.

9. Your control and data deletion

  • Export your records: Settings → Export All Data exports a JSON backup of every record in your account.
  • Delete records: Delete individual records or all data from within the app. Settings → Delete All Data wipes every record and propagates the deletion to your iCloud private database.
  • Delete the app: Deleting the app removes local data. To also remove iCloud data, use Delete All Data first, or go to Settings → [your name] → iCloud → Manage Account Storage and remove app data there.
  • Revoke HealthKit access: Settings → Health → Data Access & Devices → Diabetic Alert Dog Log. This does not delete previously associated readings from your training log, but the app will no longer read new data from HealthKit.

10. Your privacy rights

If you are in the European Economic Area, the United Kingdom, or any jurisdiction with comparable data protection rights, you have the following rights regarding your personal data under the EU General Data Protection Regulation (GDPR) and equivalent laws:

  • Right of access: use Settings → Export All Data to obtain a complete copy of your records in JSON format.
  • Right to rectification: edit any record directly in the app to correct inaccurate information.
  • Right to erasure ("right to be forgotten"): use Settings → Delete All Data to remove all your records from the app and from your iCloud private database.
  • Right to data portability: the JSON export from Settings → Export All Data is in a structured, machine-readable format you can take to another service.
  • Right to restrict or object to processing and right to withdraw consent: you can revoke HealthKit access in iOS Settings at any time, stop using the app, and request deletion. To submit a written data subject request (for example, a record of processing or formal confirmation of erasure), email [email protected]. We will respond within 30 days.

HealthKit and Article 9 special-category data. Where applicable, health data read from HealthKit is processed only with your explicit consent, granted when you authorize HealthKit access on first launch. You may withdraw consent at any time through iOS Settings as described above; withdrawal does not affect processing performed before withdrawal.

Age requirement. The app is intended for users aged 16 and older. If you are under 16, do not use the app or provide any information through it. See also Children's Privacy below.

11. State-specific notices for US residents

California residents (CCPA/CPRA). Handler Labs does not currently meet the revenue or volume thresholds that trigger CCPA/CPRA applicability. Even so, we voluntarily honor the core California rights:

  • Right to know what personal information we hold: see Section 3. (We hold what is in your private iCloud, which we cannot read.)
  • Right to delete: Settings → Delete All Data.
  • Right to opt out of sale or sharing for cross-context behavioral advertising: not applicable. We do not sell or share personal data for cross-context behavioral advertising, ever.
  • Right to non-discrimination for exercising any of the above.

California CMIA. For California users, Handler Labs treats your training records as confidential medical information under the California Confidentiality of Medical Information Act (Civil Code §56 et seq., as expanded by AB 254) and does not disclose them without your express authorization.

Washington residents (My Health My Data Act). Washington's MHMDA (RCW 19.373) requires a separate Consumer Health Data Privacy Policy. See our Consumer Health Data Privacy Policy for the disclosures and rights specific to Washington residents.

12. Security and breach notification

We protect your data using Apple's built-in security: iOS Data Protection encryption, CloudKit private-database isolation, and the App Sandbox. Because we hold no server-side copy of your records, the surface area for a breach on our side is effectively zero.

If we become aware of a security breach affecting your data, we will notify you by email or in-app message within 60 days as required by 16 CFR Part 318 (the FTC Health Breach Notification Rule, expanded in 2024 to cover health and wellness apps).

13. App Privacy Label

Apple requires every app to declare what data it collects. For Diabetic Alert Dog Log, our current declaration is Data Not Collected. Nothing about you or your records leaves your device or your private iCloud. If we add analytics or any other data transmission in the future, we will update this declaration and Apple's App Privacy Label before the change ships.

14. Children's privacy

The app is intended for users aged 16 and older. Some apps in the Handler Labs portfolio may be used by parents or caregivers to log work performed by a service dog assigned to a minor (for example, an autism service dog). In that case, the parent or caregiver is the user of the app, and the minor's information stays in the parent's iCloud account, under the parent's control. Handler Labs does not knowingly collect personal information directly from anyone under 16.

If you believe we have inadvertently received personal information about a child, contact us at [email protected] and we will address it promptly.

15. Changes to this policy

If we make material changes to this policy, we will update the effective date above and, where feasible, provide notice within the app. Continued use of the app after the updated policy is posted constitutes acceptance of the changes. For changes that materially expand data collection, we will require fresh consent before the new collection begins.

16. Contact

Questions about this policy or your data? Email us at [email protected]. We aim to respond within 3 business days, and within 30 days for any formal data subject request.