Legal

Privacy Policy

Last updated: Not yet finalized ยท Effective date: Not yet effective

DRAFT โ€” Not reviewed by legal counsel

This policy describes how Dr. Prison handles your data today, but the language has not been reviewed or approved by counsel. A reviewed version will supersede this draft once published with an effective date.

1. Introduction

This Privacy Policy explains what personal information Dr. Prison collects, how we use it, how we share it, and the choices you have. It applies to sponsors, the incarcerated people they sponsor, and visitors to our websites. This policy should be read together with the Terms of Service and the Confidentiality Notice.

2. What we collect

  • Sponsor account: email, preferred name, mobile phone, password (stored only as an Argon2id hash), two-factor-authentication secret.
  • Inmate account: legal name, Federal Register Number, date of birth, current facility, PIN (stored only as an Argon2id hash), profile photo (encrypted at rest).
  • Profile: pronouns, gender identity, primary/other languages, religious affiliation, pre-incarceration occupation and education, dietary and medical accommodations, family and emergency contacts, sentencing district, judge, case number and date, current BOP region.
  • Service records: presentence-report copies you upload, CorrLinks messages, draft filings and their versions, disciplinary and furlough records you log, FSA/SCA calculator inputs and outputs.
  • Activity: audit-log entries (who did what, when, from which IP), login attempts, session tokens, user-agent strings.
  • Billing: payment-method tokens issued by our processor. We never store full card numbers, CVVs, or bank-account numbers on our systems.

3. How we collect it

We collect information directly from you when you sign up, complete your profile, upload a document, or interact with the dashboard. Sponsors provide initial data for mail-only inmates; those inmates can correct or replace that data once they gain direct access. We cross-reference the BOP Inmate Locator โ€” a public record โ€” to verify Federal Register Numbers. We receive payment events from our processor. We receive physical mail correspondence you send to us.

4. How we use it

We use your information to deliver the services you have engaged us for, bill you, keep the platform secure, detect fraud, maintain audit records, comply with legal obligations, and โ€” when you are in the post-release reputation program โ€” conduct quarterly E-E-A-T content audits. We do not use client data to train AI models, we do not sell data to brokers, and we do not build advertising profiles on you.

Where a legal basis framework applies to you, we rely on: (a) performance of a contract (delivering the services you ordered); (b) legitimate interests (securing the platform, preventing fraud, maintaining an audit trail); (c) consent (for sensitive items such as medical accommodations, profile photos, and other clearly optional fields); and (d) legal obligation (responding to subpoenas, court orders, lawful BOP requests, and tax-retention rules).

6. Who we share it with

Internally, your information is accessible only to Dr. Prison staff and contractors under role-based access controls. Externally, we share information with: (a) a partner attorney, when you engage one through us and only for the matter at hand; (b) our payment processor, to process your payments; (c) our hosting and encrypted-storage providers under written data-processing agreements; and (d) courts, the BOP, or government agencies when compelled by subpoena, court order, or lawful request. We do not share data with marketing partners, data brokers, or advertising networks.

7. Retention

Active-account data is retained while your account is active. When an account closes, we retain communications, filings, and service records for seven (7) years โ€” the federal records standard โ€” and then purge them. Audit-log entries are retained indefinitely as tamper-evident records of platform activity. Payment and tax records are retained for the period required by law (typically seven years). You may request earlier deletion of items not subject to a legal retention requirement by emailing the address in ยง15.

8. Security

We protect your data with TLS 1.2 or higher in transit, HSTS enabled site-wide, Argon2id for password and PIN hashing, libsodium (NaCl secretbox) per-file encryption for sensitive documents at rest, master keys stored outside the web root with file-system permissions that exclude the web user, an immutable audit log whose UPDATE and DELETE grants are revoked at the database-user level, rotating session tokens on privilege change, and concurrent-session limits per account. No security is absolute. In the event of a confirmed breach affecting your personal data, we will notify you within the timelines required by applicable state law, and generally no later than 72 hours after confirmation.

9. Children's privacy

Dr. Prison services are not directed to children under 13, and sponsors must be 18 or older. If we discover that a child's personal information has been submitted to us without parental consent, we will delete it promptly upon learning of it. Contact us at the address in ยง15 to report such a case.

10. Your rights and choices

You have the right to access, correct, delete (within legal retention limits), and export your data. To exercise these rights, email privacy@drprison.org from the address on file, or use the in-product account tools where available. Inmate clients exercise these rights directly once they have tablet access; sponsors may exercise them on behalf of mail-only inmates with the inmate's written consent. We will respond within 30 days. State-specific rights under CCPA/CPRA (California), the Virginia CDPA, the Colorado CPA, and similar laws are additive; where those laws apply, you also have the right to opt out of sale or sharing of personal information, to limit use of sensitive personal information, and to appeal a denied rights request โ€” but note that Dr. Prison does not sell or share personal information for cross-context behavioral advertising.

11. Cookies and similar technology

The platform uses one essential session cookie (DRPRISON_SID) for authenticated dashboard access. We do not use advertising cookies, tracking pixels, or third-party analytics SDKs by default. If a given public page loads fonts from a CDN (e.g., Google Fonts), the CDN will see the requesting IP address; no identifier is shared. We are migrating to self-hosted fonts to eliminate that residual data flow.

12. Third-party services

We rely on a small set of third-party services to operate the platform. As of this draft, they include: a PCI-compliant payment processor for card transactions, a hosting provider for the application servers, an email infrastructure provider for transactional email, and the BOP Inmate Locator (a public-record tool). Each provider operates under a contract that limits their use of your data to providing the service we engaged them for. A current list with links to each provider's privacy notice will be published alongside the final version of this policy.

13. International users

Dr. Prison is a U.S. service whose subject matter is U.S. federal incarceration. Our servers and backups are located in the United States. Visitors from outside the United States consent to the transfer and storage of their information in the United States as a condition of using the service. We do not currently offer service in languages other than English, and we do not market to users outside the United States.

14. Changes to this policy

We may update this policy from time to time. Material changes will be announced to sponsors by email at the address on file and posted on-platform at least 30 days before they take effect. Once this policy is finalized, we will maintain a versioned changelog at the bottom of this page so you can see what changed and when.

15. Contact

Dr. Prison โ€” Privacy Team
c/o the address published at drprison.org/contact
Email: privacy@drprison.org

We aim to acknowledge privacy-rights requests within 5 business days and to substantively respond within 30 days.