Privacy Policy

1. Introduction

Welcome to Pharma Pal ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application PharmaPal.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Name, email address, and authentication credentials when you create an account
• Medication Data: Medication names, quantities, expiry dates, dosage information, notes, and photos you upload
• Family Member Information: Names and relationships of family members you add to manage prescriptions (Premium feature)
• Prescription Information: Prescription details, schedules, and instructions (Premium feature)

2.2 Automatically Collected Information

• Device Information: Device type, operating system, unique device identifiers (including Advertising ID/IDFA on iOS and Advertising ID on Android)
• Usage Data: App features used, time spent in app, crash reports
• Advertising Identifiers: Device advertising identifiers (IDFA on iOS, GAID on Android) are collected and linked to your user account for personalized advertising and analytics purposes

2.3 Third-Party Information

• Google Sign-In: Basic profile information (name, email) if you choose to sign in with Google
• Apple Sign-In: Basic profile information if you choose to sign in with Apple

3. How We Use Your Information

We use the collected information for the following purposes:

• To provide and maintain the App's core functionality
• To send medication expiry reminders and notifications
• To sync your data across your devices
• To process and manage your premium subscription
• To improve and optimize the App's performance
• To provide customer support and respond to your requests
• To send important updates about the App
• To detect, prevent, and address technical issues and security threats
• To comply with legal obligations

4. Data Storage and Security

4.1 Data Storage

All Users: Your medication data is stored in Google, which uses industry-standard encryption both in transit and at rest.

4.2 Security Measures

• All data transmission uses SSL/TLS encryption
• Passwords are hashed and never stored in plain text
• Regular security audits and updates
• Secure authentication using industry standards

5. Offline Mode and Data Synchronization

Pharma Pal supports offline functionality, allowing you to add, edit, and manage your medication data even when you don't have an internet connection. When you use the app offline:

• Local Storage: All changes you make while offline are stored locally on your device using secure local storage.
• Automatic Sync: When your device regains internet connectivity, all pending changes are automatically synchronized to our secure cloud servers (Firebase Firestore).
• Data Integrity: The app uses a queue system to ensure all your offline changes are properly synchronized. Operations are retried up to 3 times if initial sync attempts fail.
• No Data Loss: Your data is safely stored locally until it can be synchronized. You will see an indicator in the app showing when you're offline and how many pending changes are waiting to sync.

What Data is Stored Locally?

• Medication entries (name, quantity, expiry dates, notes, photos)
• Family member profiles
• Prescription information
• Medication schedules
• Rx lists

All locally stored data is encrypted and only accessible on your device. Once synchronized to our servers, local copies are maintained for offline access but the primary copy is stored securely in Firebase Firestore.

6. Third-Party Services

We use the following third-party services that may collect information:

• RevenueCat: For managing premium subscriptions (privacy policy: revenuecat.com/privacy)
• Firebase (Google): For authentication, data storage, and analytics. Firebase Analytics collects device identifiers and links them with user IDs for analytics purposes (privacy policy: firebase.google.com/support/privacy)
• Google AdMob: For displaying advertisements. AdMob collects device advertising identifiers (IDFA on iOS, GAID on Android) and links them with user data for personalized/targeted advertising. This data is shared with Google and their advertising partners (privacy policy: policies.google.com/privacy)
• Apple iCloud: For iOS data storage (privacy policy: apple.com/legal/privacy)
• Google Sign-In: For authentication (privacy policy: policies.google.com/privacy)
• Expo: For app development and updates (privacy policy: expo.dev/privacy)

7. Data Sharing and Disclosure

We do NOT sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With Your Consent: When you explicitly authorize us to share information
• Service Providers: With third-party services that help us operate the App (as listed in Section 6)
• Legal Requirements: When required by law, court order, or government request
• Safety and Security: To protect the rights, property, or safety of Pharma Pal, our users, or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets

8. Your Privacy Rights

You have the following rights regarding your personal information:

8.1 Access

You can access your medication data at any time through the App settings.

8.2 Correction

You can update or correct your account information (Name and Profile Image) and medication data directly in the App. Please note that your email address cannot be changed after registration.

8.3 Deletion

You can delete your account and all associated data through the App settings. Upon deletion, all your data will be permanently removed from our systems within 30 days.

Request Account Deletion: To request deletion of your account and all associated data, you can:

• In-App: Go to Profile → Settings → Delete Account (in the "In Your Own Responsibility" section)
• By Email: Send a deletion request to privacy@pharmapal.com with your account email address

We will process your deletion request within 30 days and confirm once your data has been permanently removed.

8.4 Opt-Out of Notifications

You can disable medication reminders and notifications at any time in the App settings.

8.5 Regional Rights

• GDPR (EU Users): Right to access, rectification, erasure, data portability, restriction of processing, and objection
• CCPA (California Users): Right to know, delete, and opt-out of sale of personal information

9. Children's Privacy

Pharma Pal is not intended for children under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. By using Pharma Pal, you consent to the transfer of your information to these countries.

Your data is stored in Google storage, which follows Google's international data transfer policies.

11. Data Retention

We retain your personal information for as long as necessary to provide you with our services and as described in this Privacy Policy. Specifically:

• Active Accounts: Data is retained as long as your account is active
• Deleted Accounts: Data is permanently deleted within 30 days of account deletion
• Subscription Data: Transaction records are retained for 7 years for legal and tax purposes
• Backup Data: Backup copies are deleted within 90 days

12. Cookies and Tracking

Our mobile app does not use cookies. However, third-party services integrated into the App use tracking technologies:

• Google AdMob: Uses device advertising identifiers (IDFA on iOS, GAID on Android) for personalized advertising. These identifiers are linked to your user account and shared with Google and their advertising partners for targeted ad delivery.
• Firebase Analytics: Uses device identifiers and user IDs to track app usage and link analytics data across sessions.

You can control these through your device settings:

• iOS: Settings > Privacy & Security > Apple Advertising > Limit Ad Tracking
• Android: Settings > Google > Ads > Opt out of Ads Personalization

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy in the App
• Updating the "Last Updated" date
• Sending you a notification for material changes

Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

14. Medical Disclaimer