Privacy Policy

1Who We Are and How to Contact Us

CareDose is a mobile application developed and operated by CareDose Technologies Ltd (referred to in this policy as “CareDose”, “we”, “us”, or “our”). CareDose Technologies Ltd is a privately held software company registered under the laws of its jurisdiction of incorporation.

We take privacy seriously. If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, you can reach our dedicated Privacy team through the following channels:

• Email: privacy@caredose.app
• In-app: Settings → Help & Support → Privacy Request
• Postal address: [Registered business address]

We will respond to all privacy-related enquiries within fourteen (14) business days. For requests relating to the deletion or export of personal data, we will complete the action within thirty (30) days of verifying your identity.

2The Information We Collect

We collect information in three ways: information you give us directly, information your device or the app generates automatically, and in limited cases, information provided by caregivers or authorised third parties on your behalf.

2.1  Information You Provide Directly

When you create a CareDose account and use the app, you provide us with the following categories of information:

• Account credentials — your email address, encrypted password, and display name. If you use Sign in with Apple or Google Sign-In, we receive a unique identifier and your email address from Apple or Google.
• Medication and supplement data — the names, dosages, frequencies, time schedules, refill counts, notes, and priority settings for each medication or supplement you add to the app.
• Dose log data — records of every dose action you take, including whether you marked a dose as taken, missed, taken late, or excused, along with the timestamp of that action and who logged it.
• Caregiver relationship data — if you invite a caregiver, we store their name, email address, their role (view-only or edit), whether they have accepted the invitation, and their notification preferences.
• Health context data (optional, future feature) — if you choose to log supplementary health readings such as blood pressure, blood glucose, or body weight, we store those values along with the date and time of each reading.
• Refill information — the current count and refill threshold for each medication, which you update manually.
• Symptom and side-effect notes (optional) — any free-text notes you attach to a dose log entry.
• Device notification preferences — your choices about which notifications to receive, at what times, and which medications are marked high priority.
• Support and feedback communications — if you contact us via in-app support, email, or feedback forms, we retain the content of those communications.

2.2  Information Collected Automatically

When you use CareDose, our systems and third-party service providers automatically collect certain technical information:

• Device identifiers — including your device type, operating system version, and a Firebase-generated installation identifier. We do not collect your IMEI, SIM serial number, or any permanent hardware identifier.
• FCM token — a rotating push notification token generated by Firebase Cloud Messaging and stored in your user profile. This token changes periodically and is used only to send notifications to your specific device.
• App usage and crash data — we use Firebase Crashlytics and Firebase Performance Monitoring to collect anonymised crash reports, stack traces, and performance metrics. These do not contain medication data.
• Firestore access logs — Firebase maintains server-side logs of database read and write operations for security and debugging purposes.
• IP address — captured at sign-in for fraud prevention and security monitoring. We do not use IP addresses to build advertising profiles.

2.3  Information We Do Not Collect

We want to be explicit about what we do not collect, because we understand the sensitivity of health data:

• We do not collect your precise GPS location. The app does not request location permission.
• We do not access your camera, microphone, or photo library unless you explicitly use a future feature that requires it — and only with your explicit permission at that moment.
• We do not collect biometric authentication data. Face ID and Touch ID authentication is handled entirely by your device's operating system and never transmitted to our servers.
• We do not collect data from other apps on your device.
• We do not purchase data about you from data brokers or third-party data vendors.

3How We Use Your Information

We use the information we collect strictly for the purposes described below. We do not use your medication data, dose history, or health context information for advertising, profiling, or sale to any third party.

3.1  Core App Functionality

• To display your personalised medication schedule and today checklist.
• To record dose logs when you tap Took it, Missed, or Took late, and to associate those logs with the correct medication and scheduled time.
• To calculate your adherence percentage and streak count, which are derived from your dose log history.
• To send local on-device notifications for dose reminders, follow-up reminders, and refill alerts — these are generated on your device and do not require our servers.
• To sync your data across your own devices when you enable cloud sync.

3.2  Caregiver Features

• To allow a caregiver you invite to view your medication schedule and today's dose status in real time.
• To send push notifications to your caregiver's device when a dose you have marked as high priority is not logged within the alert window — this is a Family tier feature requiring your explicit consent at time of setup.
• To deliver encouragement messages from your caregiver to your home screen.

3.3  Account and Security Management

• To verify your identity when you sign in or request account changes.
• To prevent unauthorised access to your account, including detecting unusual sign-in activity.
• To send password reset emails when requested.
• To enforce your subscription entitlements (free vs. Family tier) based on information received from RevenueCat following a confirmed purchase or cancellation.

3.4  Service Improvement and Safety

• To analyse anonymised, aggregated crash and performance data to identify and fix technical problems.
• To respond to support requests you send us.
• To comply with applicable law, regulatory obligations, or valid legal process such as a court order.

3.5  What We Will Never Do With Your Data

• We will never sell your personal information, medication data, or health data to any third party.
• We will never share your data with advertisers, data brokers, or analytics companies for the purpose of building advertising profiles.
• We will never use your medication data to train machine learning models that are shared commercially with third parties.
• We will never make automated decisions about your healthcare or medication regimen based on your data.

4Legal Basis for Processing Your Data

Depending on where you live, applicable data protection law may require us to identify a legal basis for each type of data processing we perform:

• Contract performance — processing your medication data and dose logs to provide the core functionality you have signed up for.
• Legitimate interests — processing crash and performance data to maintain and improve the reliability of the app; processing sign-in IP addresses to prevent fraud and unauthorised access.
• Consent — processing optional health context data; sharing your dose status with your caregiver; sending marketing communications (if you opt in). You can withdraw consent at any time.
• Legal obligation — retaining records where required by applicable law and responding to valid legal process.

5How We Store and Protect Your Data

5.1  Local-First Architecture

CareDose is designed with a local-first data model. Your medication schedule and dose history are stored primarily in an encrypted database on your device (using SQLite with platform-level encryption). This means the app functions fully offline, and your data does not leave your device unless you choose to enable cloud sync.

5.2  Cloud Storage

When cloud sync is enabled, your data is stored in Google Cloud Firestore, operated by Google LLC. Firestore data is encrypted at rest using AES-256 encryption and in transit using TLS 1.2 or higher. Our Firestore database is protected by security rules that enforce strict access controls: your data can only be read by your own authenticated account and by caregivers you have explicitly invited.

5.3  Access Controls

We implement the principle of least privilege across our entire backend:

• Your medication data, dose logs, and caregiver relationships can only be accessed by authenticated accounts linked to your patient profile.
• CareDose employees and contractors do not have standing access to individual users' medication data. Access to production data by engineers requires a formal approval process and is logged.
• Your subscription status can only be updated by our server-side Cloud Functions in response to a verified RevenueCat webhook.

5.4  Caregiver Invite Security

When you invite a caregiver, CareDose generates a cryptographically secure one-time token. Only a SHA-256 hash of this token is stored in our database — the raw token is never stored. The token is included in the invite link sent to the caregiver's email address and expires after 24 hours.

5.5  Data Breach Response

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and, where required by law, the relevant supervisory authority, within the timeframes mandated by applicable regulation (typically 72 hours for regulatory notification).

6Who We Share Your Data With

We share your data only with the following categories of parties, and only to the extent necessary for the stated purpose:

6.1  Your Caregivers

When you invite someone as a caregiver and they accept, they gain visibility into your medication list and dose status. You control who is invited, what role they have, and you can remove a caregiver at any time from Settings → Care Team.

6.2  Service Providers (Sub-processors)

• Google LLC (Firebase) — cloud database (Firestore), authentication, push notifications (FCM), crash reporting (Crashlytics), and performance monitoring.
• RevenueCat, Inc. — subscription and in-app purchase management. RevenueCat receives your Firebase User ID (a pseudonymous identifier) and purchase transaction data. It does not receive your medication data.
• Apple Inc. — App Store payment processing, Sign in with Apple authentication, APNs notification delivery.
• Google LLC (Google Play) — Play Store payment processing, Google Sign-In authentication, Firebase Cloud Messaging delivery.
• SendGrid (Twilio Inc.) — transactional email delivery (caregiver invite emails, password resets). SendGrid does not receive medication data.

6.3  Legal and Regulatory Disclosures

We may disclose your information to law enforcement agencies, courts, or other governmental authorities if we are legally required to do so, or in response to a verified legal process such as a subpoena or court order. Where permitted by law, we will notify you before disclosing your data.

6.4  Business Transfers

If CareDose is acquired by or merges with another company, your personal data may be transferred. We will notify you at least thirty (30) days before any transfer takes effect, and you will have the option to delete your account and data before the transfer occurs.

6.5  With Your Explicit Consent

We will not share your data with any other party without your explicit, informed, and freely given consent.

7Data Retention

We retain your personal data for as long as necessary to provide the CareDose service, comply with our legal obligations, resolve disputes, and enforce our agreements. The following retention periods apply:

• Account and profile data — retained until you delete your account, then permanently deleted within 30 days.
• Medication records and dose logs — retained until you delete your account or manually delete individual records.
• Security logs (sign-in timestamps, IP addresses) — retained for a maximum of 90 days.
• Crash and performance data — retained for 90 days in anonymised form.
• Support communications — retained for 2 years.

8Your Rights and Choices

Depending on your location, you have the following rights. We honour these rights regardless of your location, because we believe they represent the right standard.

8.1  Right to Access

You can access most of your data directly within the app under Settings → My Data. For a complete data export, email privacy@caredose.app. We will respond within 30 days.

8.2  Right to Correction

You can update your name, email address, and medication records directly within the app. For other corrections, contact privacy@caredose.app.

8.3  Right to Deletion

To delete your account and all associated data, go to Settings → Account → Delete Account. This action is irreversible. Your data will be permanently deleted within 30 days.

8.4  Right to Data Portability

Within the app, you can export your dose history as a CSV file and (in the Family tier) as a formatted PDF. You may also request a full JSON export by contacting us.

8.5  Right to Withdraw Consent

Where we process your data based on consent, you can withdraw that consent at any time. To withdraw consent for caregiver sharing, remove the caregiver from Settings → Care Team.

8.6  Right to Object

Contact privacy@caredose.app, explaining the processing you object to and your reasons. We will assess your objection and, where we cannot demonstrate compelling legitimate grounds, cease the processing.

8.7  Right to Restrict Processing

You have the right to request that we restrict processing in certain circumstances, such as while we are verifying the accuracy of disputed data.

8.8  Right to Lodge a Complaint

If you are located in the EEA, the UK, or another jurisdiction with a data protection supervisory authority, you have the right to lodge a complaint. We ask that you contact us first so we have the opportunity to address your concern.

9Children's Privacy

CareDose is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has created an account, we will delete that information as soon as possible.

For users aged 13 to 17, parental or guardian consent is required. Caregivers may set up a patient profile on behalf of a minor with appropriate parental authorisation.

10International Data Transfers

CareDose's infrastructure is hosted on Google Cloud Platform. Depending on the region you select, your data may be processed in data centres located in Belgium, Germany, the United States, or Singapore. When data is transferred from the EEA or UK to a country without an adequacy decision, we rely on Google's Standard Contractual Clauses.

11Cookies and Tracking Technologies

CareDose is a mobile application and does not use traditional browser cookies. The app uses the following functional technologies:

• Firebase Authentication session tokens — stored securely in your device's Keychain (iOS) or Keystore (Android). Not used for tracking.
• Firebase App Check tokens — short-lived tokens that verify your device is running a genuine copy of CareDose.
• Local SQLite database — stores your medication data on-device. Not a tracking mechanism.

We do not use advertising SDKs, third-party analytics trackers, social media pixels, or any technology that tracks your behaviour across other apps or websites.

12Jurisdiction-Specific Provisions

12.1  California Residents (CCPA / CPRA)

We do not sell personal information as defined under the CCPA. We do not share personal information for cross-context behavioural advertising. To exercise your California privacy rights, contact privacy@caredose.app.

12.2  EEA and UK Residents (GDPR / UK GDPR)

Our Data Controller is CareDose Technologies Ltd. Our Data Protection Officer can be contacted at dpo@caredose.app.

12.3  Nigerian Residents (NDPA)

CareDose is committed to compliance with the Nigeria Data Protection Act 2023 (NDPA). To exercise any of your rights, contact privacy@caredose.app.

13Changes to This Privacy Policy

When we make material changes, we will notify you at least thirty (30) days before the changes take effect, by sending you an in-app notification and an email to your account address. If you disagree, you may close your account before the new policy takes effect.