Privacy Policy

This Privacy Policy describes our policies and procedures on the collection, use and disclosure of your information when you use the Service, and tells you about your privacy rights and how the law protects you.

Interpretation and Definitions

Interpretation

The words whose initial letters are capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

• Application refers to MedTracker, the software program provided by the Company.
• Company (referred to as either "the Company", "We", "Us" or "Our") refers to MedTracker.
• Country refers to the United Kingdom.
• Device means any device that can access the Service such as a mobile phone or tablet.
• Personal Data (or "Personal Information") is any information that relates to an identified or identifiable individual. We use these terms interchangeably unless a law uses a specific term.
• Service refers to the Application.
• Service Provider means any natural or legal person who processes data on behalf of the Company.
• Usage Data refers to data collected automatically, either generated by use of the Service or from the Service infrastructure itself.
• You means the individual accessing or using the Service.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using our Service, we may ask you to provide certain personally identifiable information that can be used to contact or identify you. MedTracker stores all health-related data — medications, appointments, symptoms, and contacts — exclusively on your device. This data is never transmitted to our servers.

Usage Data

Usage Data is collected automatically when using the Service. This may include information such as your device's Internet Protocol address, browser type and version, the pages of our Service you visit, the time and date of your visit, and other diagnostic data.

When you access the Service through a mobile device, we may collect certain information automatically, including the type of mobile device you use, your mobile device's unique ID, your mobile operating system, and the type of mobile browser you use.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

• To provide and maintain our Service, including to monitor its usage.
• To manage your requests — to attend and manage requests you make to us.
• For the performance of a contract — the development, compliance and undertaking of the purchase contract for products or services you have purchased through the Service.
• For business transfers — we may use your data to evaluate or conduct a merger, divestiture, or other sale or transfer of some or all of our assets.
• For other purposes — such as data analysis, identifying usage trends, and evaluating and improving our Service and your experience.

We may share your Personal Data in the following situations:

• With Service Providers — to monitor and analyse use of our Service.
• For business transfers — in connection with any merger, sale of Company assets, or acquisition.
• With Affiliates — we may share your data with affiliates, who will be required to honour this Privacy Policy.
• With your consent — we may disclose your Personal Data for any other purpose with your explicit consent.

Retention of Your Personal Data

The Company will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, and to comply with our legal obligations, resolve disputes, and enforce our agreements.

Retention periods by category:

• Account information — retained for the duration of your account relationship plus up to 24 months after closure to handle post-termination issues.
• Application usage statistics — up to 24 months to understand feature adoption and service improvements.
• Server logs (IP addresses, access times) — up to 24 months for security monitoring and troubleshooting.

We may retain Personal Data beyond the periods above where required by legal obligation, to establish or defend legal claims, at your explicit request, or due to technical backup limitations.

When retention periods expire, Personal Data is securely deleted or anonymised. Residual copies in encrypted backups are not restored except where required for security, disaster recovery, or legal compliance.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. Where required by applicable law, we ensure that international transfers are subject to appropriate safeguards.

Delete Your Personal Data

You have the right to delete or request that we assist in deleting the Personal Data we have collected about you. For health data stored within the MedTracker app, this can be done at any time from within the application. You may also contact us to request deletion of any other Personal Data you have provided.

Please note that we may need to retain certain information where we have a legal obligation or lawful basis to do so.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law Enforcement

Under certain circumstances, the Company may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities such as a court or government agency.

Other Legal Requirements

The Company may disclose your Personal Data in the good faith belief that such action is necessary to:

• Comply with a legal obligation
• Protect and defend the rights or property of the Company
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of users of the Service or the public
• Protect against legal liability

Security of Your Personal Data

The security of your Personal Data is important to us. All health data stored within MedTracker is encrypted at rest using AES-256-CBC. While we strive to use commercially reasonable means to protect your Personal Data, no method of transmission over the internet or electronic storage is 100% secure and we cannot guarantee its absolute security.

Children's Privacy

Our Service does not address anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under 16. If you are a parent or guardian and are aware that your child has provided us with Personal Data, please contact us. If we become aware we have collected such data without parental consent, we will take steps to remove that information from our systems.

Links to Other Websites

Our Service may contain links to other websites not operated by us. If you click on a third-party link, you will be directed to that site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top. You are advised to review this Privacy Policy periodically. Changes are effective when posted.