Dose AI App Privacy Policy

Last Updated: March 2024

1. Introduction

Dose AI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Dose AI mobile application (the "App").

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not use the App.

2. Information We Collect

Personal Information

We may collect personally identifiable information, such as:

  • Name and email address
  • Age and gender
  • Height and weight measurements
  • Health-related information, including:
    • GLP-1 medication details
    • Medication dosage and schedule
    • Weight log data
    • Food intake information
    • Symptom reports
    • Medical history
    • Allergies and contraindications
    • Lab results and health metrics
    • Exercise and activity data
    • Sleep patterns
    • Dietary preferences and restrictions

Usage Data

We automatically collect certain information when you use the App, including:

  • App features you use
  • Time and date of your visit
  • Device information
  • Operating system
  • IP address
  • App version
  • Device model and manufacturer
  • Screen resolution
  • Language preferences
  • Time zone
  • Network type (WiFi, cellular, etc.)
  • Crash reports and error logs
  • Performance metrics
  • User interaction patterns

3. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the App functionality
  • Personalize your experience
  • Improve our App based on your feedback
  • Send you notifications related to your medication schedule
  • Process and track your subscription status
  • Analyze usage patterns to enhance user experience
  • Comply with legal obligations
  • Generate insights and analytics
  • Provide customer support
  • Detect and prevent fraud
  • Conduct research and development
  • Send marketing communications (with your consent)
  • Share with healthcare providers (with your consent)
  • Generate reports and visualizations
  • Provide AI-powered recommendations
  • Improve app performance and reliability

4. Data Storage and Security

Your data is stored using Firebase Firestore and secured with the following measures:

  • End-to-end encryption for sensitive health data
  • Authentication requirements for all data access
  • Secure key storage in device keychain
  • Regular security audits and updates
  • Data is stored in compliance with industry standards
  • Two-factor authentication support
  • Regular security penetration testing
  • Encrypted data transmission
  • Secure backup systems
  • Access control and role-based permissions
  • Audit logging for all data access
  • Regular security training for staff
  • Incident response procedures
  • Data breach notification protocols

4.1 Encryption Practices

We implement multiple layers of encryption to protect your data:

Data at Rest

  • All sensitive health data is encrypted using AES-256 encryption
  • Encryption keys are stored securely in the iOS Keychain
  • Database backups are encrypted using AES-256
  • Local storage uses iOS Data Protection API
  • HealthKit data is encrypted using Apple's HealthKit encryption

Data in Transit

  • All API communications use TLS 1.3
  • Certificate pinning for additional security
  • Secure WebSocket connections for real-time updates
  • Encrypted push notifications
  • Secure file uploads and downloads

Key Management

  • Encryption keys are never stored in plain text
  • Keys are rotated regularly
  • Key access is restricted to authorized personnel
  • Key backup procedures are in place
  • Hardware Security Module (HSM) for key storage

Additional Security Measures

  • Biometric authentication support
  • Secure session management
  • Rate limiting on API endpoints
  • Input validation and sanitization
  • Regular security audits of encryption systems

5. Data Sharing and Disclosure

We will not share your personal information with third parties except:

  • With your explicit consent
  • To comply with applicable law or legal requirements
  • To protect our rights, privacy, safety or property
  • In connection with a business transfer, such as a merger or acquisition
  • With healthcare providers (with your consent)
  • With research institutions (with your consent)
  • With insurance providers (with your consent)
  • With emergency services (in life-threatening situations)

We do not sell your personal data to advertisers or other third parties.

6. Subscription and Data Retention

Active Subscriptions

While your subscription is active, we retain your data to provide you with our services.

Expired Subscriptions

If your subscription expires:

  • We retain your data for 30 days after expiration
  • You will be notified about the pending data removal
  • You can renew your subscription during this period to maintain access

Data Deletion

After the 30-day grace period:

  • Personal identifiers will be anonymized
  • Sensitive health data will be deleted
  • Statistical data may be retained in anonymized form
  • Backup copies will be securely deleted
  • Third-party integrations will be disconnected
  • Marketing preferences will be reset

7. Your Data Rights

You have the right to:

  • Access your personal information
  • Update or correct your personal information
  • Request deletion of your personal information
  • Export your data in a common format
  • Opt out of marketing communications
  • Withdraw consent where applicable
  • Restrict data processing
  • Object to data processing
  • Request data portability
  • Lodge complaints with supervisory authorities

8. Children's Privacy

Our App is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending you an email notification
  • Showing an in-app notification
  • Requiring you to accept the new policy

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

  • Email: Support@trydoseai.com
  • Website: www.trydoseai.com

11. GDPR Compliance (For EU Users)

For users in the European Union, we comply with the General Data Protection Regulation (GDPR). This means:

  • We are transparent about data collection and use
  • We collect only the data necessary for the app's functionality
  • We provide mechanisms for you to exercise your data rights
  • We have appropriate measures to protect your data
  • We maintain records of data processing activities
  • We conduct Data Protection Impact Assessments
  • We implement Privacy by Design principles

12. Medical Disclaimer

This Privacy Policy is separate from our Medical Disclaimer. The App is not a substitute for professional medical advice, diagnosis, or treatment. Always seek the advice of your physician or other qualified healthcare provider with any questions you may have regarding a medical condition.