MedLogAIMedLogAI
EN繁中
Download

Privacy Policy

MedLogAI

# Privacy Policy **Last Updated: March 17, 2026** MedLogAI ("we", "our", or "us") operates the MedLogAI mobile application (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. ## 1. Information We Collect ### 1.1 Personal Information - **Account Data**: Email address, display name, and authentication credentials when you create an account. - **Health Data**: Health passbook (NHI) data that you voluntarily import into the app, including but not limited to lab results, outpatient visit records, hospitalization records, imaging reports, and cancer screening results. - **Profile Data**: Birth year, gender, relationship labels, and health notes you provide for managed profiles. - **Payment Data**: In-app purchase transaction records processed through Apple App Store or Google Play Store. We do not directly collect or store credit card information. ### 1.2 Automatically Collected Information - Device type, operating system version, and unique device identifiers. - App usage analytics and crash reports. - IP address and general location (country/region level only). ## 2. How We Use Your Information We use collected information to: - Provide and maintain the Service, including importing, parsing, and displaying your health passbook data. - Generate AI-powered health summaries and analysis using third-party AI services (Google Gemini API). - Manage your account, profiles, and subscription status. - Process in-app purchases and manage credit balances. - Improve the Service through aggregated, anonymized usage analytics. - Communicate with you about service updates, security alerts, and support. ## 3. AI Data Processing ### 3.1 Third-Party AI Services We use the Google Gemini API to generate health summaries and answer health-related questions. When you request an AI analysis: - Relevant health data is sent to Google's servers for processing. - We send only the minimum data necessary for the specific analysis requested. - Google's data processing is governed by Google's own privacy policy and terms of service. ### 3.2 Important Disclaimer AI-generated health summaries and responses are for **informational and reference purposes only**. They do not constitute medical advice, diagnosis, or treatment. Always consult a qualified healthcare professional for medical decisions. ## 4. Data Storage and Security ### 4.1 Storage - Your data is stored securely on Supabase cloud infrastructure with Row-Level Security (RLS) policies ensuring data isolation between users. - Data is encrypted in transit (TLS) and at rest. ### 4.2 Security Measures - Authentication via secure providers (email/password, Google Sign-In, Apple Sign-In). - Row-Level Security policies on all database tables. - Secure token storage on device using platform-native secure storage. ## 5. Data Sharing and Disclosure We do **not** sell your personal or health data. We may share information only in the following circumstances: - **Service Providers**: With third-party services that help us operate the app (Supabase for database, Google Gemini for AI analysis, RevenueCat for subscription management). - **Legal Requirements**: When required by law, regulation, or legal process. - **Safety**: To protect the rights, safety, or property of our users or the public. ## 6. Family Profiles The Service allows you to manage health data for family members. You represent and warrant that you have obtained proper consent from any family member whose data you import and manage through the Service. ## 7. Data Retention and Deletion ### 7.1 Retention We retain your data for as long as your account is active or as needed to provide the Service. ### 7.2 Account Deletion You may request account deletion through the app Settings. Upon deletion request: - A 7-day grace period begins, during which you can cancel the deletion. - After the grace period, all your data, including health records, profiles, AI summaries, and account information, will be permanently deleted. - Apple Sign-In tokens will be revoked as required by Apple's guidelines. ## 8. Children's Privacy The Service is not intended for use by children under 13. We do not knowingly collect personal information from children under 13. The family profile feature is intended for parents/guardians to manage their children's health data. ## 9. International Data Transfers Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers. ## 10. Your Rights Depending on your jurisdiction, you may have the right to: - Access your personal data. - Correct inaccurate data. - Delete your data. - Export your data. - Withdraw consent for data processing. To exercise these rights, contact us at the email below. ## 11. Changes to This Policy We may update this Privacy Policy from time to time. We will notify you of any material changes through the app or via email. ## 12. Contact Us If you have questions about this Privacy Policy, please contact us at: **Email**: support@medlogai.com