Privacy Policy

Last updated: March 1, 2026

1. Introduction

MedFOLIO ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

We understand that your health information is deeply personal, and we take our responsibility to protect it seriously. Please read this policy carefully to understand our practices regarding your personal data.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you voluntarily provide when using our Service, including:

  • Name, email address, and phone number
  • Date of birth and demographic information
  • Account credentials
  • Payment information (processed securely through third-party providers)

2.2 Health Information

With your explicit consent, we collect and store:

  • Medical records and documents you upload
  • Implant and device information
  • Surgical history and procedure records
  • Prescription and medication information
  • Insurance information

2.3 Automatically Collected Information

When you access our Service, we automatically collect:

  • Device information (type, operating system, unique identifiers)
  • Log data (access times, pages viewed, IP address)
  • Usage patterns and preferences

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Store and organize your medical documents securely
  • Generate digital wallet cards for your health records
  • Send you important notifications about your account or health alerts (such as FDA recalls)
  • Respond to your inquiries and provide customer support
  • Comply with legal obligations

4. Data Security

We implement industry-leading security measures to protect your information:

  • End-to-End Encryption: All health data is encrypted using AES-256 encryption
  • Zero-Knowledge Architecture: Your data is encrypted in a way that even our employees cannot access it
  • Secure Infrastructure: We use SOC 2 Type II certified data centers
  • Regular Audits: Independent security assessments are conducted annually

5. Data Sharing

We do not sell your personal or health information. We may share your information only in the following circumstances:

  • With Your Consent: When you explicitly authorize sharing with healthcare providers or family members
  • Service Providers: With trusted third parties who assist in operating our Service (under strict confidentiality agreements)
  • Legal Requirements: When required by law or to protect our rights

6. Your Rights

You have the right to:

  • Access and download your personal data
  • Correct inaccurate information
  • Delete your account and associated data
  • Opt out of non-essential communications
  • Request a copy of your data in a portable format

7. Data Retention

We retain your information for as long as your account is active or as needed to provide you with our Service. You may request deletion of your data at any time. Upon account deletion, we will remove your personal information within 30 days, except where retention is required by law.

8. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

MedFOLIO Privacy Team
Email: privacy@medfolio.app
Address: 123 Health Street, San Francisco, CA 94102