Privacy Policy
Your privacy and security are our top priorities. Learn how we protect your healthcare data.
Information Collection and Use
The Medzimi application collects information when you download and use it. This information may include:
- Your device's Internet Protocol address (e.g. IP address)
- The pages of the Application that you visit, the time and date of your visit, the time spent on those pages
- The time spent on the Application
- The operating system you use on your mobile device
Location Services
The Application collects your device's location, which helps us provide personalized healthcare services:
- Geolocation Services: We use location data to provide personalized content, relevant recommendations, and location-based services
- Analytics and Improvements: A flag indicating whether location was provided during onboarding is recorded to improve our services
- Third-Party Services: We may transmit anonymized location data to external services to enhance the Application
For a better experience, we may require you to provide personally identifiable information, including but not limited to:
- Email address and phone number
- User ID and avatar
- Professional information (profession, business registration number)
- Medical license number (for doctors)
Health Data Collection and Use
Important: Health Data Disclosure
Medzimi is a healthcare application. In the course of providing our services, we access and collect health-related data as described below. This data is used solely to operate, improve, and personalize the Application.
Health Data We Access and/or Collect
- Electronic Health Records (EHR): We record when you open or view your health records within the Application to provide continuity of care and to improve the EHR experience.
- Prescription Data: We collect whether a prescription scan was initiated and whether it was successful, enabling us to improve our prescription scanning feature.
- Health Connect Integration: We record when you connect or disconnect Android Health Connect. Health metrics you choose to sync (e.g. steps, heart rate) are used solely to display your progress within the Application.
- Progress Tracking: We record when you open your health progress tracker and individual progress entries, to help you and the Application understand your health journey.
- Diet Information: We record when you open your diet chart to enable personalized dietary recommendations.
- Doctor Search: We collect the medical specialization you search for to surface relevant doctor results and improve search quality.
- AI Health Assistant: We record when you interact with the AI assistant, including the length (character count) of messages you send — never the message content itself — to monitor assistant performance.
How Health Data Is Used
- To operate and deliver core features of the Application (EHR viewer, prescription scanner, progress tracker, diet chart, doctor search)
- To personalize your experience based on your role (Patient, Doctor, Pharmacy, Lab, Medical Representative)
- To analyze aggregate, anonymized usage patterns and improve Application functionality and performance
- Health-related usage events (e.g. "ehr_opened", "health_connect_connected") are sent to our analytics provider PostHog in pseudonymized form — see the Third Party Access section for details
Health Data We Do NOT Collect
- We do not transmit the content of your health records or prescriptions to analytics services
- We do not transmit raw Health Connect metrics (steps, heart rate, etc.) to third-party analytics services
- We do not sell your health data to any third party
Third Party Access
We share certain data with trusted third-party services to operate and improve the Application. Each service listed below has its own Privacy Policy governing how it handles your data.
Third-Party Services Used
- Google Play Services
Used for core Android platform functionality.
- Google Analytics for Firebase
Used for app crash reporting and basic usage analytics.
- PostHog
Used for product analytics to understand how users interact with the Application and to improve features. The following data is sent to PostHog:
- Identity data: pseudonymized user ID, name, email address, user role (Patient/Doctor/Pharmacy/Lab/MR), email verification status, phone verification status, and onboarding status
- Authentication events: OTP requests (country code only, not phone number), OTP verification attempts, login method (OTP or Google), login success/failure, and session restoration
- Onboarding events: onboarding steps completed, whether a profile photo was uploaded, whether location was provided
- Health feature usage events: opening/viewing Electronic Health Records, initiating and completing prescription scans, connecting or disconnecting Android Health Connect, opening the progress tracker and individual progress entries, opening the diet chart
- Doctor search events: the medical specialization searched (e.g. "Cardiologist")
- AI Assistant events: opening the AI chat, sending a message (character count only — not the message content), playing text-to-speech
- Content events: community feed posts created (media type flags only), video IDs viewed
- Screen navigation: names of screens visited within the Application
- Account events: logout and account deletion
PostHog processes this data on our behalf under a Data Processing Agreement. Data is pseudonymized and no raw health record content is transmitted.
We may also disclose User Provided and Automatically Collected Information:
- As required by law, such as to comply with a subpoena or similar legal process
- When we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others
- With trusted service providers who work on our behalf and have agreed to adhere to this privacy statement
Security
We are committed to safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain.
Physical Security
Secure data centers with restricted access
Electronic Security
Encryption and secure transmission protocols
Procedural Security
Regular security audits and compliance checks
Data Retention Policy
We retain User Provided data for as long as you use the Application and for a reasonable time thereafter. If you'd like us to delete User Provided Data that you have provided via the Application, please contact us at dr.rtnhldr@gmail.com and we will respond in a reasonable time.
Children's Privacy
We do not use the Application to knowingly solicit data from or market to children under the age of 13.
The Application does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13 years of age. If we discover that a child under 13 has provided personal information, we will immediately delete this from our servers.
If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us at dr.rtnhldr@gmail.com so that we can take the necessary actions.
Changes to This Privacy Policy
This Privacy Policy may be updated from time to time for any reason. We will notify you of any changes to the Privacy Policy by updating this page with the new Privacy Policy. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes.
This privacy policy was last updated on April 2, 2026. The original policy was effective as of September 11, 2025.
Contact Us
If you have any questions regarding privacy while using the Application, or have questions about our practices, please contact us:
Get in Touch
This privacy policy page was generated for healthcare compliance and transparency. By using the Application, you are consenting to the processing of your information as set forth in this Privacy Policy.