Privacy Policy
DrChQ ("we", "our", or "us") is committed to protecting your personal and health information. This Privacy Policy explains what data we collect, how we use it, and your rights over it. By using the DrChQ app or website, you agree to the practices described here.
1. Information We Collect
We collect only what is necessary to provide the service:
- Account information — name and email address from your Google account, obtained when you sign in via Google.
- Health profile data — information you enter voluntarily, including names and relationships of family members, date of birth, blood type, height, weight, and health goals.
- Medical records — documents (PDFs, images) you upload, along with titles, dates, doctor names, and descriptions you provide.
- Health metrics — vitals, medications, appointments, vaccination records, and insurance details you log in the app.
- Usage data — basic app activity (e.g., screens visited) used to improve the product. We do not sell this data.
2. How We Use Your Information
- To provide and operate the DrChQ service.
- To store and retrieve your medical records and health data securely.
- To send reminders and notifications you configure (medication, appointments, vaccinations).
- To improve the app based on aggregated, anonymised usage patterns.
- To respond to support requests.
We do not use your health data for advertising. We do not sell your data to any third party.
3. Data Storage and Security
Your data is stored on secure, industry-standard cloud infrastructure. Specifically:
- Health profile and records metadata are stored in an encrypted, access-controlled cloud database.
- Uploaded files (PDFs, images) are stored in private cloud object storage, accessible only via time-limited authenticated links — not publicly accessible.
- Authentication is managed through a trusted identity provider using industry-standard OAuth 2.0.
All data in transit is encrypted using TLS. Access to your data requires authentication on every request. We follow HIPAA-aligned security practices for health data handling.
4. Data Sharing
We do not share, sell, or rent your personal or health data with third parties, except:
- Infrastructure service providers — we use trusted cloud service providers to host, store, and process data solely to operate the service. These providers are contractually prohibited from using your data for any other purpose.
- Legal obligations — if required by law or a valid court order.
5. Data Retention
We retain your data for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us. Deletion is permanent and irreversible.
6. Children's Privacy
DrChQ allows users to create profiles for family members including minors. These profiles are managed entirely by the account holder (the adult who created the account). We do not knowingly collect data directly from children under 13.
7. Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Request deletion of your data.
- Export your data in a portable format.
- Withdraw consent at any time.
To exercise any of these rights, contact us at hello.drchq@gmail.com.
8. Cookies
The DrChQ website uses no tracking or advertising cookies. We use only technically necessary storage (e.g., authentication session tokens) to keep you signed in.
9. Changes to This Policy
We may update this Privacy Policy as the service evolves. We will notify you of significant changes via the app or by email. The effective date at the top of this page reflects the latest version.
10. Contact
For privacy questions or requests, contact us at hello.drchq@gmail.com.