Privacy Policy

Last updated: April 22, 2026 · Effective: April 22, 2026

1. Data Controller

DoseSync ("we", "us", "our") is the data controller responsible for your personal data. For privacy inquiries, contact us at support@dosesync.app. We respond to requests within 30 days.

2. Data We Collect

DoseSync collects only the minimum data required to provide the service:

• Account data: email address, display name, profile preferences.
• Health data: medication names, dosages, schedules, dose confirmation records, and adherence logs. This is "special category" data under GDPR Article 9 and "sensitive personal information" under the California CPRA.
• Family data: family space membership, roles (owner, caregiver, viewer, guest), invitation records.
• Device data: push notification tokens (APNs), app version, language preference, device model.
• Subscription data: active plan, renewal dates, and purchase receipts from Apple StoreKit — used for entitlement verification.
• Product analytics (PostHog): anonymous usage events such as screen views, feature-use counters, and funnel progression. No email, name, or medication content is sent. A random anonymous ID is assigned at first launch.
• Crash and performance data (Sentry): crash reports, error traces, and performance timings. Personally identifiable fields (email, IP address, authentication tokens) are stripped client-side before send. No medication content is attached to error events.
• Website usage (Vercel Analytics): aggregate, cookieless page-view counts on dosesync.app. No personally identifiable information.
• Advertising attribution data: if you grant App Tracking Transparency permission, we collect your Apple Advertising Identifier (IDFA) and basic device characteristics (model, OS version, language, approximate region from IP) to measure whether marketing campaigns brought you to DoseSync. We share this only with our attribution partner AppsFlyer (see §9). We do NOT share medication names, dosages, dependent names, family member names, or any health content with AppsFlyer or any advertising partner. Users in the European Economic Area, the United Kingdom, and Switzerland are asked for separate consent before this data is collected; users elsewhere are not asked for separate consent (the iOS ATT prompt governs).

We do not sell your data. We do not engage in cross-context behavioural advertising. Marketing attribution (campaign-effectiveness measurement) is described in §13.1.

3. How We Use Your Data

Your data is used exclusively to operate DoseSync:

• Synchronising dose records across family members in real time.
• Sending medication reminders via push notifications.
• Generating PDF adherence reports for your personal use.
• Managing family spaces and member access.
• Processing subscriptions and billing through Apple.
• Improving app performance, detecting crashes, and fixing bugs.

4. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data on the following legal bases:

• Contract performance (Article 6(1)(b)): account data, family data, device data, and subscription data, to provide the DoseSync service you requested.
• Explicit consent (Article 6(1)(a) + Article 9(2)(a)): medication and adherence data as health data (special category under GDPR Article 9). By creating an account and using DoseSync, you give explicit consent for this processing. You may withdraw consent at any time via Settings → Delete Account, which results in account deletion.
• Legitimate interest (Article 6(1)(f)): anonymous crash, performance, and product-analytics data, to secure and improve the service. You may object to this processing at any time.

5. Health Data Processing

Your medication schedules, dose confirmations, and adherence records constitute health data under GDPR Article 9. We process this data solely to coordinate medication tracking within your family. We do not share this data with healthcare providers, insurers, employers, or any third parties except our infrastructure subprocessors (see §9). You provide explicit consent for this processing when you create your account. You may withdraw this consent at any time, which will delete your account and all associated data.

DoseSync is not a medical device. It is not intended to diagnose, treat, cure, or prevent any disease. Always consult a qualified healthcare professional regarding medications and dosages.

6. Family Sharing and Access Control

DoseSync allows you to create a family space and invite other members. When you join a family space:

• All family members can view shared medication schedules and dose confirmations for dependents in that space.
• Each family space is isolated from other families — members of one family cannot access another family's data.
• Guest members (temporary access via QR or link) can confirm doses but cannot edit medications or manage family settings. Guest tokens expire on a configurable schedule.
• Family owners can remove members at any time; removed members immediately lose access to shared data.
• Each adult member provides their own consent when joining — the family owner cannot consent on behalf of other adults.
• Dependents (children, elderly parents) may be represented in the app without their own account; the account holder is responsible for obtaining the dependent's consent where legally required.

7. Data Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We use row-level security (RLS) in our database — each family can only access their own data. Authentication is handled via Supabase with industry-standard encryption, Sign in with Apple, and optional Face ID / Touch ID app lock. We do not log personally identifiable information, emails, names, or medication names in our application logs.

DoseSync is not end-to-end encrypted: our database provider can technically decrypt data at rest to provide the service. We are not a HIPAA-covered entity.

8. Data Retention

Account data is retained while your account is active. Upon account deletion, all personal data is permanently removed from our active systems within 30 days. Backup copies may persist for up to 90 days per our backup rotation policy, after which they are permanently deleted. Waitlist email addresses are retained until 90 days after app launch. You can request immediate deletion at any time by emailing support@dosesync.app.

9. Third-Party Services (Subprocessors)

We work with the following service providers who process data on our behalf:

• Supabase (USA) — database hosting, authentication, realtime synchronisation. EU-US Data Privacy Framework participant. DPA: supabase.com/docs/company/dpa.
• Apple — Sign in with Apple, push notifications (APNs), App Store billing. Governed by the Apple Developer Agreement.
• AppsFlyer Ltd. (Israel, with infrastructure in the European Union and the United States) — mobile attribution measurement. Receives device identifiers (IDFA when granted, IDFV always), in-app event names (e.g. af_purchase, onboarding_complete), revenue tier values, and OneLink deep-link click data. Does NOT receive medication or family content. Bound by AppsFlyer's Standard Data Processing Agreement (appsflyer.com/legal/dpa). Retention: per AppsFlyer's policy, attribution data is retained for up to 24 months unless we request earlier deletion. Their privacy policy: appsflyer.com/privacy-policy.
• PostHog — product analytics on anonymous IDs. No PII or medication content sent. DPA: posthog.com/dpa.
• Sentry (USA) — crash and performance monitoring. PII stripped client-side before events are sent; sendDefaultPii=false is enforced. DPA: sentry.io/legal/dpa.
• Vercel (USA) — website hosting and cookieless analytics on dosesync.app. DPA: vercel.com/legal/dpa.

All subprocessors are bound by written data-processing agreements and may only process data for the purposes we specify.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States. We ensure appropriate safeguards:

• Supabase and Vercel participate in the EU-US Data Privacy Framework.
• Apple, PostHog, Sentry, and AppsFlyer transfers are covered by Standard Contractual Clauses (SCCs) approved by the European Commission, where the Data Privacy Framework does not apply.
• AppsFlyer is headquartered in Israel; Israel benefits from a European Commission adequacy decision under Article 45 GDPR.
• We conduct Transfer Impact Assessments to ensure an adequate level of data protection.

11. Your Rights Under GDPR

If you are in the European Economic Area, you have the right to:

• Access your personal data.
• Rectify inaccurate or incomplete data.
• Request erasure ("right to be forgotten").
• Restrict or object to processing.
• Data portability (receive your data in a machine-readable format).
• Withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).
• Lodge a complaint with your local data protection supervisory authority.

To exercise these rights, email support@dosesync.app. We will respond within 30 days per GDPR Article 12(3).

12. Automated Decision-Making

DoseSync does not use automated decision-making or profiling that produces legal effects or significantly affects you. All medication decisions remain entirely in your control.

13. Cookies

Our website does not use cookies. Our website analytics (Vercel Analytics) is cookieless and does not collect personally identifiable information. The DoseSync iOS app does not use tracking cookies. Marketing attribution and App Tracking Transparency are described in §13.1 below.

13.1 Marketing Attribution and ATT

The DoseSync iOS app uses Apple's App Tracking Transparency framework. When you launch the app for the first time after our marketing-attribution feature is enabled, you may see an Apple system prompt asking permission to track. Choosing "Ask App Not to Track" prevents the collection of your IDFA; we still measure broad campaign performance through Apple's privacy-preserving SKAdNetwork, which does not identify you individually. Choosing "Allow" permits us to share your IDFA with our attribution partner (AppsFlyer) for the limited purpose of measuring marketing-campaign effectiveness. You may change your decision at any time in iOS Settings → DoseSync → Allow Tracking.

Users in the European Economic Area, the United Kingdom, and Switzerland are also presented with a separate in-app consent banner before AppsFlyer is initialised — declining the banner prevents AppsFlyer from running regardless of the ATT decision. You may withdraw this consent at any time via Settings → Privacy → Withdraw Consent.

14. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to: know what personal information we collect, request deletion of your data, correct inaccurate data, and opt out of the sale or sharing of your data. We do not sell or share personal information. Medication data is treated as sensitive personal information under the CPRA and is used only for the service you requested. To submit a request, email support@dosesync.app.

15. Children's Privacy (COPPA)

DoseSync is not intended for children under 13. We do not knowingly collect personal information from children under 13. For users aged 13–16, parental or guardian consent is required. If you believe a child has provided us with personal data without consent, contact support@dosesync.app and we will delete it promptly.

Dependents represented inside a family space (children whose medication an account holder tracks) are not account holders. The account holder is responsible for lawful representation of those dependents.

16. Not Medical Advice

DoseSync is an organisational tool for coordinating medication within families. It does not provide medical advice, diagnosis, or treatment recommendations. DoseSync is not a medical device and is not regulated by the FDA, EMA, MHRA, or any other medical regulatory body. It is not intended to diagnose, treat, cure, or prevent any disease. Always consult a qualified healthcare professional regarding medications and dosages.

17. Changes to This Policy

We may update this Privacy Policy to reflect changes in law, our practices, or for operational reasons. Material changes will be notified to you inside the app or by email at least 30 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

18. Contact

Questions about your privacy? Email us at support@dosesync.app. Postal enquiries may be sent to the address listed in our App Store Connect record.