Privacy Policy.

Who We Are

This Privacy Policy is issued by RobotCare, LLC, an Arizona limited liability company ("RobotCare", "we", "us", or "our"). It governs the website at robothealthpassport.app (the "Site") and any associated forms, email inquiries, and pre-launch services delivered through the Site.

RobotCare is the data controller for personal information processed through the Site. Our principal place of business is in Sun Lakes, Arizona, United States. The founder and responsible contact for privacy inquiries is Ken Mushet, reachable at ken@robotcare.app.

RobotCare is a pre-launch company. General availability of the public Robot Health Passport™ registry and HR IV™ Report platform is targeted for Q3 2026. This policy reflects current pre-launch practices and will be updated at or before general availability to reflect production operations.

Information We Collect

We collect three general categories of information: information you provide directly, information collected automatically when you use the Site, and a limited amount of information from third-party services we rely on to operate the Site.

Information you provide to us

When you fill out a form, send an email, or request a report, you may provide us with information such as:

• Identity and contact details: Your name, business email, company or organization, professional role or title, and phone number if provided.
• Purpose information: Details about why you are contacting us, the report or record you are requesting, and your intended use of information we provide.
• NDA acknowledgments: Confirmation that you have read and agree to our non-disclosure terms when requesting HR IV™ Reports or other sensitive materials.
• Email correspondence: The contents of messages you send to us at ken@robotcare.app or other RobotCare addresses.
• Partnership or investment inquiry data: If you contact us as a prospective investor, acquirer, OEM partner, or trade school, any business or transactional context you share.

Information collected automatically

When you visit the Site, our hosting provider and any analytics tools we use may automatically collect:

• Device and connection information: IP address, browser type and version, operating system, device type, and screen size.
• Usage information: Pages viewed, time spent on pages, referring website or search terms, clicks on navigation or links, and access date and time.
• Server logs: Standard web server access records, which may include the above information along with requested URLs and response codes.

This information is typically aggregated and used for site performance, troubleshooting, and understanding general traffic patterns. In some circumstances, IP addresses alone are treated as personal information under applicable law, and we treat them accordingly.

Information from third parties

If you interact with our content on third-party platforms such as LinkedIn, we may receive limited information that those platforms share about your interactions, according to your privacy settings on those platforms. We do not purchase personal information from data brokers.

How We Use Your Information

We use the information we collect for the following purposes:

• To respond to your inquiries. When you contact us, we use your contact and message information to respond and follow up.
• To deliver requested materials. If you request an HR IV™ Report, sample record, investor deck, or other material, we use your information to prepare and deliver it, and to confirm receipt.
• To operate and improve the Site. Technical and usage information helps us maintain performance, identify bugs, understand what content is useful, and plan the pre-launch and general availability phases.
• To develop business relationships. If you contact us as a prospective investor, acquirer, OEM partner, insurer, or trade school, we use your information to evaluate and develop that relationship, subject to any applicable NDA.
• To comply with legal obligations. We may process information as required by law, including responding to lawful requests from public authorities, enforcing our rights, and complying with tax, corporate, and regulatory requirements.
• To prevent fraud and protect security. We may process information to detect and prevent fraudulent activity, abuse of the Site, and security incidents.
• With your consent. For any other purpose for which we obtain your clear consent.

Legal bases under GDPR

If you are located in the European Union, United Kingdom, or European Economic Area, we process your personal information on one or more of the following legal bases:

• Consent: Where you have provided clear consent, for example by submitting a form or opting into communications.
• Contract: Where processing is necessary to perform our agreement with you, such as delivering a requested report.
• Legitimate interests: For purposes such as operating and improving the Site, preventing fraud, and developing our business, where these interests are not overridden by your rights.
• Legal obligation: Where we are required to process information to comply with the law.

How We Share Information

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We do not allow third parties to serve advertisements on the Site.

We may share limited information in the following circumstances:

• Service providers. We share information with vendors who help us operate the Site and our business, including our website hosting provider, email service providers, and any analytics tools we use. These providers are bound by confidentiality obligations and are permitted to process information only on our instructions and for limited purposes.
• Legal compliance and protection. We may disclose information if required by law, subpoena, court order, or other valid legal process, or where disclosure is necessary to protect our rights, enforce our agreements, prevent fraud, or protect the safety of others.
• Business transfers. If RobotCare enters into a merger, acquisition, reorganization, or sale of assets, personal information may be transferred as part of that transaction. Any successor entity will be bound by commitments materially consistent with this policy, or will notify you of changes as described in section 13.
• With your consent. We may share information with other parties when you give us clear consent to do so.

Cookies and Similar Technologies

Cookies are small text files stored on your device by websites you visit. We use a limited set of cookies and similar technologies on the Site:

• Strictly necessary cookies. Required for the Site to function. These include session cookies, security cookies, and cookies that remember your preferences within a visit. You cannot opt out of these without the Site failing to work properly.
• Functional cookies. Remember choices such as language preference, improving your experience. Our GTranslate language widget uses functional cookies.
• Analytics cookies. Help us understand how visitors use the Site in aggregate, so we can improve content and performance. We configure analytics to minimize data collection where possible.

You can control cookies through your browser settings. Most browsers allow you to block or delete cookies, receive notifications when cookies are set, or browse in a private or incognito mode that does not store cookies after your session. Blocking cookies may affect how the Site functions.

We will respond to Global Privacy Control (GPC) browser signals where applicable. When a GPC signal is detected, we will treat it as a request to opt out of sale or sharing of personal information for California residents, even though we do not currently sell or share personal information for cross-context behavioral advertising.

Third-Party Services

The Site relies on a small number of third-party services to operate. These services have their own privacy practices, which we encourage you to review.

• GoDaddy (hosting provider). The Site is hosted on GoDaddy Managed WordPress. GoDaddy processes server logs and technical data necessary to host the Site.
• Google Fonts. We load web fonts from fonts.googleapis.com. This causes your browser to make a request to Google's servers, which may receive your IP address and browser information.
• Content Delivery Networks. We load certain JavaScript libraries (such as Chart.js and jsPDF) from public content delivery networks including jsDelivr and Cloudflare CDN. These requests may reveal your IP address to the CDN operator.
• GTranslate. We offer on-page translation through the GTranslate widget. If you use it, translation requests may be processed by GTranslate and, in turn, by an underlying machine translation provider.
• Email and calendar services. Email communications sent to and from ken@robotcare.app are routed through our email service provider.

We do not control the practices of these third parties. Links to the privacy policies of major third parties are available on their websites.

Data Retention

We retain personal information for as long as needed for the purposes described in this policy, or as required by law. Typical retention periods include:

• Form submissions and inquiry data: Up to twenty-four (24) months following your most recent interaction with us, or until you request earlier deletion.
• Email correspondence: Up to thirty-six (36) months, or longer where required by law or where we have an ongoing business relationship.
• Server logs and automatically collected data: Typically ninety (90) days, after which logs are aggregated or deleted.
• Analytics data: Configured to a maximum retention period of twenty-six (26) months where the analytics provider supports configurable retention.
• Records required to comply with legal obligations: Retained for the period required by applicable law.

At the end of the applicable retention period, we delete or anonymize the information so that it can no longer be associated with you.

Data Security

We take reasonable and appropriate measures to protect personal information against unauthorized access, alteration, disclosure, or destruction. These measures include transport encryption (HTTPS) across the Site, limited access to personal information, strong authentication for administrative access, and ongoing review of security practices.

The Robot Health Passport™ and HR IV™ production platforms, entering general availability in Q3 2026, are being built with stronger structural security measures, including PKI-signed event records, blockchain anchoring for tamper-evidence, tenant isolation, and alignment with the NIST Cybersecurity Framework 2.0. Full security documentation will accompany general availability.

No security measure is perfect. While we work to protect your information, no method of transmission over the Internet or method of electronic storage is completely secure. We cannot guarantee absolute security. You are responsible for keeping your own account credentials and devices secure.

Your Privacy Rights

Depending on where you live, you may have the following rights regarding your personal information.

For residents of the European Union, United Kingdom, and European Economic Area (GDPR)

Under the General Data Protection Regulation and UK GDPR, you have the right to:

• Access: Request a copy of the personal information we hold about you.
• Rectification: Request correction of inaccurate or incomplete information.
• Erasure: Request deletion of your information, subject to legal and operational retention requirements.
• Restriction: Request that we limit the processing of your information in certain circumstances.
• Portability: Receive your information in a structured, commonly used, machine-readable format.
• Objection: Object to processing based on our legitimate interests, or to direct marketing.
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time.
• Lodge a complaint: File a complaint with your local supervisory authority. A list of European data protection authorities is available at edpb.europa.eu.

For California residents (CCPA and CPRA)

Under the California Consumer Privacy Act and California Privacy Rights Act, California residents have the right to:

• Know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for collection, and the categories of third parties with whom we share information.
• Delete: Request deletion of personal information we have collected from you, subject to exceptions.
• Correct: Request correction of inaccurate personal information we maintain about you.
• Opt out of sale or sharing: We do not sell personal information and do not share it for cross-context behavioral advertising. You may still submit an opt-out request, which we will honor.
• Limit use of sensitive personal information: We do not use sensitive personal information to infer characteristics about you.
• Non-discrimination: We will not discriminate against you for exercising any of your CCPA or CPRA rights.

California residents may also designate an authorized agent to make requests on their behalf. We may require the agent to provide proof of your permission and may require you to verify your identity directly in certain cases.

For residents of other US states with comprehensive privacy laws

Residents of Virginia, Colorado, Connecticut, Utah, and other US states with comprehensive privacy laws in effect at the time of your request have rights that may include access, correction, deletion, portability, and opt-out of targeted advertising, sale of personal information, or profiling with legal effects. We honor these rights consistent with applicable state law.

How to exercise your rights

To exercise any of these rights, please email ken@robotcare.app with the subject line "Privacy Rights Request" and a description of your request. We may need to verify your identity before acting on your request. We will respond within the timeframes required by the applicable law, typically within thirty (30) to forty-five (45) days. There is no fee to exercise your rights unless your request is manifestly unfounded, excessive, or repetitive.

Children's Privacy

The Site is directed to professionals in the humanoid robotics, insurance, finance, industry, and education sectors. It is not directed to children under the age of sixteen (16), and we do not knowingly collect personal information from children under sixteen.

If we become aware that we have collected personal information from a child under sixteen without appropriate parental consent, we will delete that information. If you are a parent or guardian and believe your child has provided personal information to us, please contact ken@robotcare.app and we will take steps to delete it.

International Data Transfers

RobotCare, LLC is based in the United States. Some of our service providers are also based in the United States or in other jurisdictions. If you access the Site or communicate with us from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those of your jurisdiction.

For transfers from the European Economic Area, United Kingdom, or Switzerland, we rely on legally recognized transfer mechanisms such as the Standard Contractual Clauses where applicable, and we implement additional technical and organizational safeguards consistent with applicable law.

Accessibility Commitment

RobotCare is committed to making robothealthpassport.app accessible to as many people as possible, including people with disabilities. We are working toward conformance with the Web Content Accessibility Guidelines (WCAG) 2.2 Level AA, and we consider accessibility an ongoing priority rather than a one-time project. A fuller description of our conformance target, current practices, known limitations, and feedback process is available in our Accessibility Statement.

Current pre-launch accessibility practices on this Site include:

• Semantic HTML structure with proper landmarks, headings, and document outlines.
• Text color contrast meeting or exceeding WCAG 2.2 AA minimum ratios for body text and interactive elements.
• Keyboard-navigable interfaces, with visible focus indicators on links, buttons, and form fields.
• Alternative text and accessible names for images and icons where they convey information.
• A "Skip to main content" link for keyboard and assistive-technology users at the top of each page.
• Responsive typography and layout that remains usable at common zoom and text-resizing levels.

Accessibility is an active project, and some legacy content or third-party components on the Site may not yet meet our target standards. If you experience an accessibility barrier, or if you need information from the Site provided in an alternative format, please contact us at ken@robotcare.app with "Accessibility" in the subject line. We aim to respond within five (5) business days.

This commitment applies alongside our obligations under applicable laws, including the Americans with Disabilities Act (ADA) and the European Accessibility Act (EAA) where relevant to our activities.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our services, applicable law, or for other operational reasons. When we make changes, we will update the "Last updated" date at the top of this page and, where changes are material, provide additional notice through the Site or, where appropriate, by other means.

We expect to issue a substantively updated Privacy Policy at or before the general availability launch of the Robot Health Passport™ registry in Q3 2026, reflecting the additional data processing required to operate the public registry, CHRT™ directory, HR IV™ Report delivery, and related services.

Your continued use of the Site after the effective date of any updated policy constitutes your acceptance of the updated terms.

Contact Us

For any question about this Privacy Policy, to exercise a privacy right, or to raise an accessibility concern, please contact us using one of the methods below.

We will do our best to respond promptly and in any case within the timeframes required by applicable law.