InfoDaddy is operated by Craig Lewis Gillooly, Attorney at Law, licensed in California and New York. This Privacy Policy explains how we collect, use, and protect your information when you use InfoDaddy.com.
Information You Provide
- Account information: When you register, we collect your first name, last name, email address, and password (stored as a secure bcrypt hash โ we never store your plain-text password).
- Profile information: Optional bio, display name, and avatar URL that you choose to provide.
- User-generated content: Tables you create, records you submit, comments you post, and messages you send to other users.
- Communications: When you contact us for support, we retain that correspondence.
Information Collected Automatically
- Log data: IP address, browser type, operating system, referring URL, pages visited, and timestamps.
- Device information: Browser version, screen resolution, and device type.
- Usage data: Which tables you view, search queries you perform, and features you interact with.
- Cookies: Session identifiers and preference cookies. See Section 4 for details.
Information from Third Parties
- NPI Registry: Healthcare provider data displayed on InfoDaddy is sourced from the publicly available National Provider Identifier (NPI) Registry maintained by the Centers for Medicare & Medicaid Services.
- Other public sources: Some table data is sourced from other publicly available datasets (FRED, OpenStreetMap, etc.).
2. How We Use Your Information
We use the information we collect to:
- Create and manage your account
- Provide, operate, and improve the InfoDaddy platform
- Display your contributions and profile to other users
- Send transactional emails (account verification, password reset, notifications)
- Respond to support requests
- Detect and prevent fraud, abuse, and security incidents
- Analyze usage patterns to improve the platform
- Comply with legal obligations
- Display advertising to non-subscriber users (see Section 5)
We do not sell your personal information. We do not use your data to train AI or machine learning models.
We do not sell, rent, or trade your personal information. We may share information in the following limited circumstances:
Publicly Visible Information
When you create a public table or submit a record to a public table, your first name and last initial may be visible to other users as the record submitter. Your profile page (at /u/your-uuid) displays your display name, bio, and public tables if you have created any.
Service Providers
We use the following third-party services to operate InfoDaddy:
- Amazon Web Services (AWS RDS): Database hosting
- Google AdSense: Advertising (for non-subscriber users)
- Google Fonts: Typography
- Anthropic Claude API: Powers the InfoDaddy AI Support Assistant
These providers are contractually obligated to protect your information and may only use it to provide services to us.
Legal Requirements
We may disclose information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of InfoDaddy, our users, or the public.
4. Cookies & Tracking Technologies
InfoDaddy uses the following types of cookies:
- Essential cookies: Authentication tokens stored in your browser's
localStorage to keep you logged in. These are required for the platform to function.
- Analytics cookies: Used to understand how visitors use the site (page views, feature usage). This data is aggregated and not tied to individual identities.
- Advertising cookies: Placed by Google AdSense to serve relevant ads to non-subscriber users. These cookies track browsing behavior across websites. See Section 5.
You can disable cookies in your browser settings, but this may affect your ability to log in and use InfoDaddy.
5. Advertising (Google AdSense)
InfoDaddy displays advertisements served by Google AdSense to users who are not InfoDaddy Plus subscribers. These ads are contextual and behavioral:
- Google may use cookies and web beacons to serve ads based on your prior visits to InfoDaddy and other websites.
- Google's use of advertising cookies enables it and its partners to serve ads based on your visit to InfoDaddy and/or other sites on the Internet.
- You may opt out of personalized advertising by visiting Google Ad Settings or aboutads.info.
InfoDaddy Plus subscribers ($4/month) do not see any advertisements on the platform.
For more information about Google's privacy practices, see the Google Privacy Policy.
6. Data Retention
- Account data: Retained for as long as your account is active. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required by law to retain it.
- User-generated content: Tables and records you create may persist after account deletion if other users have contributed to them, but your name will be removed.
- Log data: Retained for up to 90 days for security and debugging purposes.
- Support correspondence: Retained for up to 2 years.
7. Your Rights & Choices
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Update inaccurate or incomplete information via your account settings at /dashboard.
- Deletion: Request deletion of your account and associated personal data.
- Portability: Request your data in a machine-readable format.
- Opt-out of advertising: Subscribe to InfoDaddy Plus to remove all ads, or use Google's opt-out tools.
- California residents (CCPA): You have the right to know what personal information is collected, to request deletion, and to opt out of the sale of personal information. We do not sell personal information.
- European residents (GDPR): You have the right to object to processing, restrict processing, and lodge a complaint with your supervisory authority.
To exercise any of these rights, contact us at [email protected].
8. Security
We take reasonable technical and organizational measures to protect your information, including:
- HTTPS/TLS encryption for all data in transit
- Bcrypt password hashing (never stored in plain text)
- Bearer token authentication with server-side session validation
- Rate limiting on authentication endpoints
- AWS RDS database with access controls and automated backups
No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
9. Children's Privacy
InfoDaddy is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child under 13, please contact us immediately at [email protected] and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
- Posting the new policy on this page with an updated "Last Updated" date
- Sending an email notification to registered users for material changes
- Displaying a notice on the platform
Your continued use of InfoDaddy after changes are posted constitutes your acceptance of the updated policy.