Dozly Privacy Policy

Last updated: February 2026

WHAT DATA WE COLLECT

We collect the following information when you use Dozly: • Account information (email, name) • Medication schedules and logs • Symptom tracking data • AI conversation history • Device tokens for push notifications • Subscription and payment status (via Stripe) We do NOT collect location data, contacts, or any data beyond what is needed for the app to function.

HOW WE USE YOUR DATA

Your data is used exclusively to: • Provide medication reminders and tracking • Generate AI-powered health insights • Create reports for your doctor visits • Send push notifications for medication reminders • Process subscription payments We do NOT use your data for advertising, profiling, or any purpose other than providing the Dozly service.

WHO WE SHARE DATA WITH

We do NOT sell, rent, or share your personal or health data with third parties. The only services that process your data are: • Supabase (database hosting, encrypted at rest) • Anthropic/Claude (AI responses, no data retention) • Stripe (payment processing only) • Firebase (push notification delivery only) All third-party services are bound by their own privacy policies and data processing agreements.

DATA ENCRYPTION

Your health data is protected with industry-standard encryption: • All data is encrypted in transit using TLS/SSL • All data is encrypted at rest in our database • Sensitive tokens are stored in encrypted device storage • Row-level security ensures you can only access your own data

YOUR RIGHTS (GDPR/CCPA)

You have the following rights regarding your data: • Right to Access: Export all your data at any time from Settings > Privacy & Security > Export My Data • Right to Deletion: Delete your account and all associated data from Settings > Privacy & Security > Delete Account • Right to Rectification: Update your profile information at any time • Right to Portability: Your data export is provided in standard JSON format

DATA RETENTION

Your data is retained for as long as your account is active. When you delete your account, all your data is permanently removed from our servers within 30 days. Backups containing your data are purged within 90 days.

COOKIES AND TRACKING

Dozly does not use cookies or tracking pixels. We use Sentry for anonymous crash reporting to improve app stability. No personal health data is included in crash reports.

CHILDREN'S PRIVACY

Dozly is not intended for use by children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal information, please contact us immediately.

BREACH NOTIFICATION

In the event of a data breach affecting your personal information, we will notify you via email within 72 hours as required by GDPR.

CONTACT US

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at: support@dozly.app