Privacy Policy

Effective date: June 9, 2026

Last updated: June 9, 2026

1. Who we are

Medical Companion is developed and published by Unobyte IT Consulting, a Canadian limited company based in Victoria, British Columbia, Canada.

If you have any questions about this policy, contact us at support@medicalcompanion.io

2. The short version

Your health data stays on your device. We do not collect it, store it on our servers, or sell it. Ever. This policy explains exactly what we do and don't do with your information.

3. What stays on your device

All health data you enter into Medical Companion is stored locally on your device and nowhere else by default. This includes:

  • ·Medication names, dosages, and schedules
  • ·Dose logs — taken, skipped, delayed
  • ·Symptom, hydration, nutrition, activity, weight, and toilet entries
  • ·Profile information including display names and date of birth
  • ·Reminder settings and notification preferences
  • ·Export records

This data is encrypted at rest using SQLCipher. The encryption key is stored in your device's secure hardware — iOS Keychain on iPhone, Android Keystore on Android devices. We do not have access to your encryption key and cannot read your health data.

4. What we collect on the website

When you sign up for the waitlist or newsletter at medicalcompanion.io or medicalcompanion.app, we collect your email address only. We use Resend (resend.com) to send emails. Your email address is stored with Resend solely for the purpose of sending you communications you have explicitly requested.

We collect no other personal information on the website. There are no analytics trackers, advertising pixels, or third party tracking scripts on any page of this website.

5. What the app collects

The Medical Companion app collects no personal information and makes no network requests by default. Specifically:

  • ·No account is required to use the app
  • ·No health data is transmitted to our servers or any third party server
  • ·No advertising SDKs are present in the app
  • ·No analytics or crash reporting SDKs are present in the app
  • ·No push notification payloads contain health data — reminders use generic text only

The only network activity in the app is processing your subscription payment through Apple App Store or Google Play. This is handled entirely by Apple and Google respectively. We never see your payment card details.

6. In-app purchases and subscriptions

Medical Companion offers optional paid subscriptions processed entirely through Apple App Store (iOS) and Google Play (Android). All billing, payment processing, and subscription management is handled by Apple and Google under their respective terms of service and privacy policies. We receive only a confirmation that a subscription is active — no payment details.

7. Notifications

Local medication reminders are scheduled entirely on your device. They are not routed through our servers. By default, notification text uses generic language such as “Time to take your medication” and does not include medication names or health information. You may optionally enable detailed notifications in Settings — this setting is stored locally on your device only.

8. Exports

PDF, CSV, and FHIR exports are generated entirely on your device. When you share an export, it leaves your device directly to wherever you choose to send it — your doctor, your email, your files. We never receive a copy of your exported data.

9. Children and dependent profiles

Medical Companion allows a subscriber to create profiles for dependent family members including children and elderly adults. The same privacy protections apply to all profiles — data remains on the device and is never transmitted to our servers.

For child profiles, the subscribing parent or guardian is responsible for ensuring appropriate use in accordance with applicable law in their jurisdiction.

10. Data deletion

You can delete any profile, any individual health entry, or all app data at any time from Settings. Deletion is immediate and permanent — we have no copy of your data to delete on our end. Uninstalling the app removes all locally stored data from your device.

To request deletion of your email address from our waitlist or newsletter, use the unsubscribe link in any email we have sent you, or contact us at support@medicalcompanion.io

11. Data residency and transfers

Your health data never leaves your device, so there are no cross-border data transfers of health information. Your email address, if provided for the waitlist or newsletter, is processed by Resend. Resend's data processing locations are described in their privacy policy at resend.com/privacy.

12. Security

Health data in the app is protected by:

  • ·AES-256 encryption via SQLCipher
  • ·Encryption key stored in device secure hardware only
  • ·Optional biometric app lock
  • ·No network transmission of health data by default

We follow OWASP Mobile Application Security Verification Standard (MASVS) guidelines as our mobile security baseline.

13. Canadian privacy law

Unobyte IT Consulting is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation in British Columbia. Our email communications comply with Canada's Anti-Spam Legislation (CASL) — we send emails only to individuals who have explicitly opted in and include an unsubscribe mechanism in every message.

14. Changes to this policy

If we make material changes to this policy we will update the effective date at the top of this page. For significant changes we will notify waitlist and newsletter subscribers by email.

15. Contact

Unobyte IT Consulting
Victoria, British Columbia, Canada
support@medicalcompanion.io
medicalcompanion.io