Legal Document

Privacy Policy

Effective Date: January 1, 2026 · Last Updated: March 26, 2026

    The short version: Your health data stays on your device. We don't sell it, share it with advertisers, or use it to train AI models. You own it completely.
  

1. Who We Are

MyDoctor ("we," "us," or "our") is a family health data platform operated by MyDoctorKit LLC. Our app is available at mydoctorkit.com and through the Google Play Store. You can reach us at privacy@mydoctorkit.com.

2. What Data We Collect

MyDoctor collects the following categories of information:

Health and Vitals Data — collected directly from Bluetooth medical devices you connect (scale, blood pressure cuff, thermometer, pulse oximeter, EKG) and from wearable integrations (Oura Ring, Google Health Connect, Apple HealthKit):

Body weight and body composition (BMI, body fat %, muscle mass, water %)
Blood pressure (systolic, diastolic, pulse)
Body temperature
Blood oxygen saturation (SpO₂)
Heart rate and heart rate variability (HRV)
Sleep duration, stages (REM, deep, light), and sleep score
Daily steps and activity metrics
Blood glucose (if connected)
Readiness and recovery scores

Profile Data — information you enter about family members:

Name, date of birth, biological sex, height
Relationship to primary account holder
Profile avatar selection

Account Data (optional, for cloud sync only):

Email address
Encrypted authentication token

Technical Data:

Crash reports and error logs (anonymized, no health data included)
App version and Android version

3. How We Store Your Data

    Local-first architecture: All health data is stored on your device by default, encrypted using SQLCipher (AES-256). Your vitals never leave your device unless you explicitly enable cloud sync.
  

When cloud sync is enabled (optional), data is transmitted over TLS 1.3 and stored in an encrypted database. We use Supabase for cloud infrastructure, which is hosted on AWS in US data centers.

PIN-protected profiles store only a salted SHA-256 hash of your PIN — we never store PINs in plaintext.

4. How We Use Your Data

We use your data solely to provide the MyDoctor service. Specifically:

To display your health history, trends, and alerts within the app
To generate health reports you can share with your physician
To sync data across your devices (if cloud sync is enabled)
To send you the notifications you configure (e.g., threshold alerts)

We do not:

Sell your health data to any third party
Share your health data with advertisers or data brokers
Use your health data to train AI or machine learning models
Share your data with insurance companies or employers
Use your data for any purpose other than operating the MyDoctor service

5. Third-Party Integrations

When you connect third-party services, their own privacy policies also apply:

Oura Ring — ouraring.com/privacy-policy. OAuth tokens are stored encrypted on your device only.
Google Health Connect — subject to Google's Health Connect privacy policy. We only read data — we never write to Health Connect without explicit user action.
Apple HealthKit — subject to Apple's HealthKit guidelines. Health data from HealthKit is not shared with third parties or used for advertising.

6. HIPAA Notice

MyDoctor is a personal wellness application intended for consumer use. It is not a covered entity under HIPAA and does not act as a Business Associate to healthcare providers. The app is not a medical device and does not provide medical diagnoses or clinical recommendations.

We voluntarily adopt HIPAA-aligned security practices including encryption at rest (AES-256), encryption in transit (TLS 1.3), access controls, and audit logging.

7. Children's Privacy

MyDoctor allows family members of all ages to be added as profiles, managed by an adult account holder. We do not knowingly collect personal information from children under 13 independently — all child profiles must be created and managed by a parent or guardian.

If you believe a child under 13 has independently provided us with personal information, please contact privacy@mydoctorkit.com and we will delete it promptly.

8. Data Retention

Your data is retained as long as your account is active and you choose to keep it. You can delete individual readings, family member profiles, or your entire account at any time within the app.

If you delete your account, all associated data is permanently deleted within 30 days from our servers. Locally stored data is deleted immediately when you uninstall the app or use the in-app delete function.

9. Your Rights

You have the right to:

Access — export all your health data as a PDF or JSON file from within the app
Correct — edit any profile or reading directly in the app
Delete — remove individual readings, profiles, or your entire account
Portability — export your data in machine-readable format at any time
Opt out of cloud sync — disable cloud sync at any time; data remains on-device only

For requests you cannot complete within the app, contact privacy@mydoctorkit.com.

10. Security

We implement the following security measures:

AES-256 encryption for all locally stored health data (SQLCipher)
TLS 1.3 for all network communications
SHA-256 with random salt for PIN storage — no plaintext PINs stored anywhere
Per-profile access controls with configurable auto-lock
No health data in crash reports or analytics logs

11. Changes to This Policy

We will notify you of material changes to this policy via an in-app notification and by updating the "Last Updated" date above. Continued use of MyDoctor after changes constitutes acceptance of the updated policy.

12. Contact

For privacy questions, data requests, or concerns:

Email: privacy@mydoctorkit.com
Website: mydoctorkit.com