Skip to main content
Crucible Care

Legal

Privacy Policy

Last updated: April 25, 2026

Crucible Care (“Crucible Care,” “we,” “us”) delivers a coach-led strength and balance program for residents in senior living communities. This Privacy Policy explains what information we collect, how we use it, and the choices available to you.

This policy covers: (a) visitors to crucible.fit, (b) facility staff and administrators who use our platform, and (c) residents (“Participants”) enrolled in our program through a partner facility.

1. Information We Collect

Website visitors

  • Contact-form submissions: when you submit the lead form on crucible.fit, we collect the name, work email, phone (if provided), facility, approximate resident count, message, the referring page (“source”), browser user-agent, and IP address. This information is used to follow up with you, evaluate fit, and prepare a tailored pilot plan.
  • Basic analytics: pages viewed, referrer, approximate region (derived from IP), device type, and aggregated funnel events (form viewed, form started, form submitted). We use a privacy-first analytics provider that does not use cross-site tracking cookies.
  • Functional cookies: a short-lived session identifier stored in your browser’s sessionStorage to connect page-views during the same visit. No third-party advertising cookies.

Facility staff and coach accounts

  • Name, work email, role, facility affiliation
  • Authentication data (password hashes, session tokens)
  • Activity logs (sign-ins, actions taken on the platform)

Program participants (residents)

  • Intake information provided by the facility: age, mobility level, fall history, pain or limitations, physician clearance status, self-reported confidence
  • Functional assessment results: sit-to-stand repetitions, timed up-and-go, grip strength, single-leg balance, confidence score
  • Attendance records

We do not collect Protected Health Information (PHI) under HIPAA.We do not collect Social Security numbers, insurance identifiers, diagnoses, medications, or medical records. If a facility needs to exchange PHI with us, we will first execute a separate Business Associate Agreement.

2. How We Use Information

  • Deliver program sessions, assessments, and outcome reports
  • Track Participant progress and generate individual and aggregate reports
  • Administer facility accounts and authenticate users
  • Improve our program and platform
  • Use de-identified, aggregated outcome data in research and marketing (e.g., average improvement across cohorts). We never name a Participant or facility in public materials without prior written consent.
  • Comply with legal obligations

3. How We Share Information

We share personal information only with:

  • The facility that enrolled the Participant (they see their own Participants’ data)
  • Service providers under contract: hosting (Vercel), database (Supabase), transactional email (Resend), incoming-webhook notifications (Slack), Google Workspace for human correspondence, Cal.com for scheduling, and a privacy-first website analytics provider. Each processes data on our behalf and is bound by confidentiality.
  • Legal authorities when required by law, subpoena, or to protect rights or safety

We do not sell personal information. We do not share personal information with advertisers.

4. Data Retention

Participant assessment data is retained for up to 36 months after the program ends, then de-identified or deleted. Facility staff account data is retained while the account is active and deleted within 90 days of account closure. Website contact-form submissions are retained for up to 24 months.

5. Security

We store data in encrypted form in transit (TLS) and at rest. Database access is restricted by row-level security and limited to personnel with a need to know. Passwords are hashed. We log administrative access. No system is perfectly secure; we cannot guarantee absolute security but will notify affected users and facilities of any material breach consistent with applicable law.

6. Your Rights (California Residents)

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have the right to:

  • Know what personal information we collect and how we use it
  • Request a copy of your personal information
  • Request deletion of your personal information
  • Request correction of inaccurate personal information
  • Opt out of “sale” or “sharing” of personal information (note: we do not sell or share for cross-context behavioral advertising)
  • Not be discriminated against for exercising these rights

To exercise these rights, email care@crucible.fit with the subject “Privacy Request.” We will verify your identity before responding and will respond within 45 days.

For Participants enrolled through a facility, please contact the facility first; they are the primary controller of your program data under our agreement with them.

7. Children

Our services are directed at adults 60 years and older. We do not knowingly collect personal information from children under 18.

8. International Users

Crucible Care operates in the United States. If you access our services from outside the United States, you consent to the transfer and processing of your information in the United States.

9. Changes to This Policy

We will post any material changes to this policy on this page and update the “Last updated” date. Continued use of our services after a change constitutes acceptance of the updated policy.

10. Contact Us

Crucible Care
Email: care@crucible.fit
Phone: (909) 552-0343

This policy is provided for informational purposes and is not legal advice. Crucible Care is a fitness and wellness provider, not a medical provider or a HIPAA-covered entity unless expressly designated as such by written agreement.