Privacy Policy
Our Values
At Healtheja, we prioritize your privacy and data security. We collect only essential data required to provide our health advisory services and medication reminder features. We do not sell/share your data to third parties or use third-party advertising.
1. Introduction
Welcome to Healtheja. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and associated services.
2. Information We Collect
Information we collect in our backend servers:
1. User Account Dataset:
- Email address (users that sign-in with AppleId can hide their real email)
- Usage metadata - including how many tokens, database, file storage consumed
2. Chats Dataset:
- chats with the health assistant service
- Stored separately from user profiles with no persistent link
- Users are strongly encouraged not to include any personally identifiable information (PII)
3. Health Profiles Data:
- All health profiles are stored persistently only on your device
- Health profiles are generated and updated (statelessly) on Healtheja servers, but not stored
- Details from health profiles are included as part of chats that link the health profile
Device-Only Data:
1. Medication Reminders:
- All medication details, notes and schedules, are stored only on your device
- Medication notes are generated (statelessly) on Healtheja servers, but not stored
3. How We Use Your Information
- Provide and maintain our health information and advisory services
- Analyze select chat data for quality assurance and feature improvement
- Note that chats data is not linked to your user account. Therefore Healtheja systems/personnel analyzing chats are not aware of the user associated. By using our app, you consent to the use of chat data, until they are deleted, for service improvement purposes
4. Data Retention and Deletion
- Users can delete their chats through the app. In addition to local deletion, chat is permanently deleted from our backend within 10 days
- Medication reminders data can be deleted anytime from the app (not stored on our backend)
- Health Profiles can be deleted anytime from the app (not stored on our backend)
- Users can delete their account by clicking on the 'Delete Account' button in User Account screen within the app. Deleting an account will a) delete all app data from your device b) mark your data for deletion from our servers within 10 days c) Prevent creating a new account( using previous credentials) for up to 10 days
- Usage metadata is retained indefinitely for internal analytics and fraud-prevention purposes
5. Data Security
We implement robust security measures including:
- Minimal data collection - usage statistics are the only data collected that is user-identifiable (i.e linked to their email)
- Separation of user account data from chats data
- All data stored on our backend is encrypted both at rest and in transit
- Authentication is handled securely through Sign-in with Apple (on iOS) or Google Authentication (on Android)
- Local-only storage of sensitive information like medication reminders
6. Third-Party Services
Our app uses Claude, an AI language model provided by Anthropic, to generate chat responses. Claude does not persistently store any information sent by us. We use Google Cloud to host and run our databases and other backend services. We use RevenueCat for subscription management, but no user info other than an opaque id is shared.
7. Your Rights
You have the right to:
- Delete your account (and all your data), through the 'delete account' button within User Account screen on the app
8. Changes to This Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the 'Last Updated' date.
9. Contact Us
If you have any questions about this Privacy Policy or our practices, please contact us at privacy@healtheja.com.