Legal

Privacy Policy

Last updated: July 16, 2026

At MedAi, we take your privacy and the security of your health-related information very seriously. This Privacy Policy describes how MedAi ("we," "our," or "us") collects, uses, stores, and protects your information when you use our mobile application ("App" or "MedAi").

By using MedAi, you agree to the collection and use of information in accordance with this Privacy Policy.

1. INFORMATION WE COLLECT AND HOW WE USE IT

To protect your privacy, MedAi minimizes the personal data collected. Most of the data you enter is stored exclusively on your own device.

A. Medication and Schedule Data (Stored Locally)

  • What we collect: Information about your medications, schedules, dosages, and history of doses taken, skipped, or rescheduled.
  • How it is stored: This data is stored locally on your device. It is encrypted on-device using AES-256-GCM encryption, with cryptographic keys securely stored in your device's native keychain (iOS Keychain or Android Keystore).
  • Access: We do not upload, store, or transmit your medication lists, history, or schedules to our servers. We have no access to this data.

B. Anonymous Account and Authentication Data

  • What we collect: When you open the App, an anonymous account is automatically created using Google Firebase Authentication. This assigns a unique, randomized user identifier (UID) to your installation.
  • How it is used: We use this UID to securely verify your permissions, sync your subscription status, and track monthly AI scan limits.
  • Personal Identifiers: We do not collect your name, email address, phone number, or social media profiles for this anonymous account.

C. Camera and Image Data (AI Pill-Scan)

  • What we collect: If you choose to use the AI Pill-Scan feature, the App requests permission to access your device's camera and photo library. You capture or upload images of your medication.
  • How it is used: Images are sent securely via Firebase Cloud Functions to the Google Generative AI (Gemini) API to analyze your medication.
  • Retention: These images are processed in real-time to provide you with informational analysis and are not permanently stored on our servers, nor are they used by us to train AI models.

D. Subscription and Purchase Data

  • What we collect: Information regarding your premium subscription status, purchases, and billing history.
  • How it is used: Transactions are securely managed and processed by RevenueCat, the Apple App Store, and/or the Google Play Store. We do not collect or store your payment details (e.g., credit card numbers). RevenueCat verifies your "Premium" entitlement based on your anonymous Firebase UID.

E. App Performance and Updates (Shorebird)

  • What we collect: Technical information about your device platform, operating system, and App version.
  • How it is used: We use Shorebird Code Push to securely deliver over-the-air (OTA) updates and bug fixes directly to your App. No personal data is transmitted during this update check.

F. Server and Network Logs

  • What we collect: When your App interacts with our cloud infrastructure (such as requesting an AI Pill-Scan), our hosting provider (Google Cloud/Firebase) automatically logs operational metadata. This includes your device's masked IP address, request timestamps, API latency, app version, and data payload sizes.
  • How it is used: This data is used solely to maintain system stability, analyze server performance, and prevent network abuse or denial-of-service attacks.
  • Retention: These system logs do not capture raw user images or text queries. They are stored securely within Google Cloud's infrastructure and are automatically deleted after a standard operational retention cycle (typically 30 days).

2. DEVICE PERMISSIONS

To provide its core functionality, MedAi may request the following permissions on your device:

  • Camera / Photos: Required to capture or upload images of pills for the AI Pill-Scan feature.
  • Alarms and Notifications: Required to trigger local, native alarms and send alerts reminding you to take your medications.
  • Battery Optimization Override (Android): Required to ensure native alarms ring reliably even when the device is in power-saving mode.

You can modify or revoke these permissions at any time through your device's system settings, though doing so may prevent certain features (like medication reminders or AI scans) from functioning.

3. THIRD-PARTY SERVICES AND SUBPROCESSORS

We partner with third-party service providers to power specific features of the App. These providers process data according to their own privacy policies:

  • Google Firebase (Auth, Firestore, Cloud Functions, App Check): Provides secure backend infrastructure, anonymous sign-in, and database management for premium entitlement counters. (Google Privacy Policy: https://policies.google.com/privacy)
  • Google Generative AI (Gemini API): Analyzes images and chat queries for medication guidance. (Google Generative AI Privacy Terms: https://ai.google.dev/terms)
  • RevenueCat: Manages subscription validation and matches entitlements to your anonymous user ID. (RevenueCat Privacy Policy: https://www.revenuecat.com/privacy)
  • Shorebird: Delivers over-the-air Dart code updates and hotfixes. (Shorebird Privacy Policy: https://shorebird.dev/privacy)

4. DATA SECURITY

We employ administrative, technical, and physical security measures to safeguard your information.

  • All network communications between the App and Firebase/RevenueCat are encrypted in transit using SSL/TLS.
  • Local database files containing your medication schedule are encrypted using AES-256-GCM.
  • We utilize Firebase App Check (Play Integrity on Android, App Attest on iOS) to prevent unauthorized access to our backend APIs.

Please note that no method of transmission over the internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee its absolute security.

5. DELETING YOUR DATA

You are always in control of your data. At any time, you can go to Settings and tap Delete All Data to permanently erase your information from the App.

Deleting all data wipes:

  • Every medication you've added, along with its dosage, schedule, and reference number.
  • Your full dose history — all doses marked as taken, skipped, or rescheduled.
  • Any medicines stored in History.
  • Your app preferences, including text size, theme, language, and meal-time settings.

Because this data lives locally on your device, deletion is immediate and irreversible — we have no copy to restore from. If you have an active Premium subscription, deleting all data will also remove your Premium status from the App. Your subscription itself is not cancelled — you can restore it at any time from the purchase/paywall screen using the "Restore Purchases" option. Note that this deletion does not remove our operational server logs (see Section 1F) — however, those logs never contain any of your medication data, health information, or personal information whatsoever, so nothing identifiable or sensitive about you remains in them.

6. CHILDREN'S PRIVACY

MedAi does not knowingly collect personal identifiable information from children under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we can take necessary actions.

7. CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy in the App or on our website (if applicable), and updating the "Last Updated" date at the top of this policy. You are advised to review this Privacy Policy periodically for any changes.

8. CONTACT US

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at:

Email: support@meetmedai.com

Website: https://meetmedai.com