Ticked Bucket List • Privacy Policy
No medical data leaves your device unless you choose to share it. Most TBL tools run locally in your browser using localStorage and on-device sensors (only with your permission).
On this page
10-second summary
- Privacy-first. No medical data leaves your device unless you choose to share it.
- Most tools run locally using localStorage and on-device sensors (with permission).
- We do not sell data and we do not run ads.
- Basic account, payments, emails, and security are handled by trusted providers.
- Controls below let you clear local data or set cookie preferences.
Who we are & scope
Ticked Bucket List (TBL) helps travelers living with chronic pain plan and enjoy trips through educational content and interactive tools. This Policy covers tickedbucketlist.com, our service providers, and embedded Ticked Bucket List tools. If a feature links to a different privacy notice, that notice governs for that feature.
Our privacy promise
A. Data that stays on your device (default)
| Data | Examples | Purpose | Where it lives | Retention | Your controls |
|---|---|---|---|---|---|
| Tool inputs | Ratings, checklists, notes, preferences (e.g., Energy-Bank Dial, Flare/Rescue planners, QoL Companion, Pre-Trip Protocol) | Personalisation for you | Browser localStorage only | Until you clear storage or reset tool | In-tool Reset/Clear; clear site data in your browser |
| On-device sensors (permission-based) | Motion for Pace-Guard & Ride Vibration Meter; microphone level only (no audio) for Noise Shield; ambient light & coarse location for Sun-Savvy Seat; optional tap/NFC for med adherence | Real-time guidance | Processed in-browser; not uploaded | Ephemeral; not stored unless a tool lets you export | Deny/revoke permissions in browser/OS; don’t use sensor features |
| Exports you create | JSON/CSV/PDF you save or share | Your own records or to share with a clinician | Files saved by you | Until you delete them | Delete files; don’t share if you don’t want to |
B. Data we process on our servers (limited)
| Category | Examples | Purpose | Legal basis | Retention | Notes |
|---|---|---|---|---|---|
| Account & membership (if you create one) | Name, email, password hash, subscription tier | Create and manage your membership | Contract | While account is active; then limited backups | Passwords are hashed; use a strong unique password |
| Payments (via processor) | Card details, billing info | Process payments, refunds, invoices | Contract & Legal obligation | Per processor policy | We never see full card numbers; PCI-DSS provider |
| Support & feedback | Emails, form messages | Respond to you; improve tools | Legitimate interests / Consent | ~24 months unless law requires longer | Avoid including medical details if you don’t want them processed |
| Basic analytics & security logs | Page views, referrers, coarse region, device type, error logs, anti-abuse events | Improve reliability; detect fraud/abuse | Legitimate interests | Aggregated after ~14 months | No cross-site tracking or ad tech |
C. Data we do not collect or use
- We do not sell data.
- We do not run targeted advertising or share data with data brokers.
- We do not ingest your tool inputs to train general AI models.
- We do not require you to enter medical records or diagnoses to use TBL.
Sensors & permissions (plain English)
- Motion (accelerometer/gyroscope): used to estimate ride vibration or pacing; not stored or uploaded.
- Microphone level (dB meter): measures loudness only; no audio recording or speech capture.
- Location (coarse): used for sun position or time-zone hints only when you allow; no background tracking.
- Ambient light/brightness: used as a glare proxy on compatible browsers.
- NFC/checkbox taps: optional, for your own med reminders; stays local.
You can revoke any permission at any time in your browser/OS settings.
Service providers (processors)
We work with a small number of providers to run TBL. Examples include: hosting/website, payments, email/newsletters, and privacy-respecting analytics. Each provider processes only limited personal data under our instructions and is prohibited from using it for their own marketing purposes. An up-to-date list of core processors is available on request.
Legal bases for processing (EEA/UK/Kenya)
- Consent: sensors, cookies/analytics, newsletters.
- Contract: membership and paid services you request.
- Legitimate interests: reliability, security, product improvement, fraud prevention.
- Legal obligation: tax, accounting, compliance.
Data retention
- Local tool data: remains until you clear it or reset the tool.
- Accounts & subscriptions: kept while active; then archived in backups for a limited period.
- Payments: retained per financial law.
- Support: typically ~24 months.
- Security logs: typically ~14 months.
Security
We use industry-standard technical and organisational measures to protect data (encryption in transit, hardened hosting, role-based access, least-privilege, periodic access reviews). No method is 100% secure; please use unique, strong passwords and keep your devices updated.
Your rights
Depending on your region, you may have rights to access, correct, delete, port, restrict, object, or withdraw consent. You also have the right to complain to a data protection authority.
- Email info@tickedbucketlist.com with your request.
- We may ask you to verify your email or identity.
- We will respond within the timeframe required by law (usually 30–45 days).
We do not discriminate against you for exercising privacy rights.
International transfers
If we transfer your data outside your country (for example, to providers in the EU, UK, or US), we rely on appropriate safeguards (Standard Contractual Clauses or equivalent) as required by law.
Children
TBL is designed for adults and older teens traveling with guardian oversight. We do not knowingly collect personal data from children under the age where consent requires a parent/guardian. If you believe a child provided us data, contact us to delete it.
Changes to this Policy
We may update this Policy to reflect improvements or legal requirements. Material changes will be highlighted on this page and, if appropriate, emailed to account holders. The “Last updated” date above shows the latest version.
Contact us
Ticked Bucket List (TBL)Email: info@tickedbucketlist.com
Annex A — Region-specific rights (plain language)
European Economic Area (EEA) & United Kingdom (UK)
- Rights under GDPR/UK GDPR: access, rectification, erasure, portability, objection, restriction.
- When we rely on legitimate interests, you can object if your situation warrants.
- You may complain to your local authority (e.g., ICO in the UK or your country’s DPA).
California (USA)
- Under CCPA/CPRA, you can request access/portability, deletion, and to opt out of “selling” or “sharing” personal information for cross-context behavioural advertising.
- We do not sell or share data. We aim to honour Global Privacy Control (GPC) signals.
Kenya
- Under the Data Protection Act, 2019, you have rights to be informed, access, correction, objection, erasure, portability, restriction, and to complain to the Office of the Data Protection Commissioner (ODPC).
Annex B — Cookies & local storage detail
- Strictly necessary: session integrity, load balancing, page routing.
- Functional: display choices (e.g., light/dark mode) in localStorage.
- Analytics: site usage (page views, approximate country, device type), configured without cross-site tracking.
You can block non-essential cookies and clear localStorage from your browser settings. Tool “Reset” buttons also clear local data for that tool.
Annex C — Sensor permissions cheat-sheet
| Sensor | Why we ask | Stored? | Shared? | How to revoke |
|---|---|---|---|---|
| Motion (accelerometer/gyroscope) | Pace-Guard / Ride Vibration Meter | No | No | Browser/OS settings; close the tool |
| Microphone level (dB) | Noise Shield loudness meter | No audio recorded | No | Browser/OS mic permission |
| Location (coarse) | Sun-Savvy Seat, time-zone hints | No background tracking | No | Browser/OS location permission |
| Ambient light | Glare proxy | No | No | Browser permission (where applicable) |
| NFC / taps | Optional med adherence cues | Local only | No | Don’t tap / disable in OS |