Privacy Policy

Last Updated: October 1, 2025

Privacy First Commitment

MedPlan Pro is designed with privacy as our top priority. All your health data stays on your device. We only collect your email address for authentication purposes. We do not collect, transmit, or store any health information on external servers.

1. Information Collection and Storage

1.1 Email Collection for Authentication

When you create an account with MedPlan Pro, we collect and store:

Email Address: Used for account authentication and to send app-related notifications and updates

Your email address is stored securely in a compliant database. We do not collect or store any other personally identifiable information such as your name, phone number, address, or payment information.

1.2 Local Data Storage

MedPlan Pro uses 100% local storage on your device for all health data. All sensitive data including:

Medication information and schedules
Health metrics and tracking data
User preferences and settings
Profile information
Weight tracking and progress data
Stock inventory and reminders

This data is stored exclusively in a local SQLite database on your device and is never transmitted to external servers or cloud services.

1.3 Limited Data Collection

Beyond your email address for authentication, we do not collect, access, or transmit:

Personal identification information (name, address, phone number)
Health or medical data (stored locally only)
Usage statistics or analytics
Device information
Location data
Contact lists or social media information
Payment or financial information

2. Data Security

2.1 Encryption

MedPlan Pro offers optional AES-256 encryption for your database:

Database Encryption: Users can enable full database encryption using AES-256 with SQLCipher
PIN Protection: 6-digit PIN for app access with SHA-256 hashing (10,000 rounds)
Biometric Authentication: Support for fingerprint and face recognition where available
Secure Key Storage: Encryption keys are stored using platform-specific secure storage (Keychain on iOS, Keystore on Android)

2.2 Local Security

Your data security depends on your device security:

Keep your device locked with a secure PIN or biometric authentication
Enable database encryption in MedPlan Pro's security settings
Regular device backups are recommended (your responsibility)
Do not share your MedPlan Pro PIN with others

3. Permissions

3.1 Required Permissions

MedPlan Pro requests the following permissions:

Notifications: To send medication reminders and alerts (can be disabled in settings)
Storage: To export and backup your health data locally on your device
Camera (optional): To scan medication barcodes (only when you use this feature)
Biometric Authentication (optional): For fingerprint or face unlock features

3.2 Permission Usage

All permissions are used solely for their stated purpose and only when you actively use the related feature. No data from these permissions is transmitted outside your device.

4. Data Backup and Export

4.1 Local Backups

MedPlan Pro allows you to export your data as CSV or JSON files:

Backups are created locally on your device
You control where backup files are stored
Backup files are not automatically uploaded to any cloud service
It is your responsibility to secure backup files

4.2 Device Backups

If you use device-level backups (iCloud, Google Drive, etc.):

MedPlan Pro's local database may be included in automatic device backups
These backups are controlled by your device's operating system, not by MedPlan Pro
You can exclude MedPlan Pro from device backups in your system settings
We recommend enabling database encryption before allowing cloud backups

5. Third-Party Services

5.1 No Third-Party Analytics

MedPlan Pro does not use:

Google Analytics or similar tracking services
Crash reporting services that collect user data
Advertising networks or SDKs
Social media integration that tracks users

5.2 Authentication Server

MedPlan Pro uses a secure authentication server for user accounts:

Only email addresses are stored on our authentication server
No health data is transmitted to or stored on external servers
All health data remains local on your device
Authentication server is compliant with industry security standards

6. Children's Privacy

MedPlan Pro does not knowingly collect any information from users of any age. The app can be used by individuals under 18 with parental supervision, as all data remains local to the device and under the control of the device owner.

7. Data Retention and Deletion

7.1 Email Address Retention

Your email address is retained on our authentication server:

For as long as your account remains active
Until you request account deletion
In compliance with applicable data retention laws

7.2 Local Data Retention

Your health data is retained locally on your device for as long as:

You keep the app installed
You do not manually delete data within the app
You do not uninstall the app

7.3 Data Deletion

You can delete your data at any time:

Account Deletion: Contact us at privacy@medplanpro.app to request account and email deletion from our servers
Local Data: Delete individual records within the app or use the "Clear All Data" option in settings
Complete Removal: Uninstalling the app removes all local health data from your device

Important: Local data deletion is permanent and cannot be recovered unless you have created a backup.

8. International Users

MedPlan Pro stores health data locally on your device. Email addresses for authentication may be stored on servers that comply with international data protection standards.

Health data never leaves your device unless you explicitly export it
Email addresses are stored securely in compliance with GDPR and applicable privacy laws
No cross-border transfers of sensitive health information occur

9. Compliance

9.1 GDPR Compliance

MedPlan Pro's privacy approach aligns with GDPR principles:

Only email addresses are collected for authentication purposes (lawful basis: contract performance)
You have complete control over your health data (stored locally)
Right to access, rectify, and delete your email address upon request
Minimal data collection - only what is necessary for authentication
No health data breach risks from our servers as health data stays on your device

9.2 HIPAA Considerations

While MedPlan Pro is designed with healthcare privacy in mind:

The app is not intended to replace professional medical advice
We are not a covered entity under HIPAA
The local-storage design provides enhanced privacy protection
Users should consult healthcare providers for medical decisions

9.3 App Store Compliance

MedPlan Pro complies with Google Play Store and Apple App Store privacy requirements:

Accurate privacy disclosures in store listings
Appropriate permission requests
No hidden data collection
Clear privacy policy disclosure

10. Changes to Privacy Policy

We may update this privacy policy from time to time. Changes will be effective immediately upon posting the updated policy. The "Last Updated" date at the top of this policy indicates when it was last revised.

For significant changes to this policy, we may notify users via email. We recommend reviewing this policy periodically for any updates.

11. Your Rights

You have complete control over your data:

Right to Access: View all your health data within the app at any time. Request a copy of your stored email address by contacting us.
Right to Portability: Export your health data as CSV or JSON files at any time
Right to Erasure: Delete local health data through the app or by uninstalling. Request email address deletion by contacting privacy@medplanpro.app
Right to Rectification: Update your email address through account settings or by contacting us
Right to Restrict Processing: We only process your email for authentication and app-related communications
Right to Object: You can object to receiving app-related emails by contacting us
Right to Withdraw Consent: Delete your account at any time by contacting us

12. Medical Disclaimer

MedPlan Pro is a medication tracking tool and does not provide medical advice:

Always consult healthcare professionals for medical decisions
This app is not a substitute for professional medical care
The app is for informational and organizational purposes only
We are not responsible for medical decisions made using this app

Contact Us

If you have questions about this privacy policy or MedPlan Pro's privacy practices:

Email: contact@medplanpro.com

Email Usage: We collect and store your email address for authentication purposes and to send app-related information from time to time. Email addresses are stored in a secure, compliant database. We do not collect or store any other personally identifiable information beyond your email address. We do not use your email for marketing purposes or share it with third parties.

Developer: Inter Biotech Services Limited

Application ID: com.medplanpro.app

Summary

                Key Privacy Points:
                ✓ All health data stored locally on your device
✓ Only email address collected for authentication
✓ Optional AES-256 encryption available
✓ No health data on external servers
✓ No user tracking or analytics
✓ Complete control over your health data
✓ GDPR-aligned privacy approach
✓ Account deletion available on request

            