Privacy
Privacy Policy
In one sentence. Your medications are stored only on your phone. No account, no telemetry, no cloud sync on our end, no third-party SDKs phoning home. Just you and your digital pill organiser.
What stays on your device
Everything that defines your use of MeDiario lives on the phone in your hand:
- Your medications — name, active ingredient, dose, schedule, notes, optional photos of the packaging. Stored in a local Hive database inside the private storage (sandbox) that the operating system assigns to the app, accessible only to MeDiario and protected by the device-level encryption of the operating system.
- Dose history — what you confirmed, what you skipped, at what time. Local and private.
- Adherence and statistics — calculated on the fly from your local history. Not sent anywhere.
- Preferences — language, theme (light/dark), Simple Mode vs Full Mode, alarm sounds. Local.
- Premium subscription receipts — cached locally as confirmation that your subscription is active.
What travels over the network
MeDiario makes exactly two types of external connection, and only when you trigger them:
- Queries to public medication databases when you scan a barcode or search for a medication by name. The query is anonymous: we send only the code or the search term, with no identifiers of yours.
- Subscription validation. Billing is managed exclusively by Apple App Store or Google Play. When you subscribe to Premium, restore a previous subscription, or the app periodically revalidates that it is still active, we ask our own service to confirm with Apple or Google that the receipt is genuine. We do not store the receipt, we do not associate it with any identifier, and we keep no record of the query.
No analytics endpoint. No crash reporter. No pings on app launch.
What we do not do
- No analytics SDK — not Firebase, Google Analytics, Mixpanel, Amplitude, Sentry, Crashlytics, or equivalents.
- No advertising identifier — we do not read or transmit IDFA on iOS, AAID on Android.
- No third-party tracking SDKs of any kind.
- No MeDiario server that stores your data. The only backend we operate is the receipt validator described above.
- No account. There is no sign-up screen because there is no backend that wants to know who you are.
- No advertising inside the app or in notifications.
Optional backup (iCloud / Google)
Your phone's operating system may include MeDiario data in your iCloud or Google backup, according to the device's standard settings. When enabled, your data travels to your iCloud or Google account — never to a MeDiario server.
Permissions
- Notifications — essential for medication alarms.
- Camera — only when you tap "Scan packaging". Processes the code on-device and discards the image immediately.
- Photos / Storage — optional, for packaging photos saved locally.
- Health (Apple Health / Google Health Connect) — optional, read-only. If you tap "Import from Health", the app reads your latest vital readings (blood pressure, heart rate, SpO₂, glucose, weight) to pre-fill the form. It does not write to Health, and does not transmit data.
Health data and sensitive data
Information about your medications, schedules, dose history, and vital signs is sensitive data (special category under GDPR, art. 9). That is why MeDiario is designed never to send it to any server.
The integration with Apple Health / Google Health Connect is optional, read-only, and takes place on the device itself — it is not a network connection.
Your rights (GDPR / LOPDGDD)
There is no profile, log, or record of yours on any server we operate. If you want to delete everything, uninstall the app. For any enquiry: apps.sggyamg [at] gmail [dot] com. You have the right to lodge a complaint with the Spanish Data Protection Agency (AEPD).
Minors
MeDiario is intended for adults. It is not directed at children under 14 and we do not knowingly collect data from minors.
Changes to this policy
If we modify this policy, we will update the date above and publish the new version at this URL. The Spanish version is the legally binding one.
Contact
apps.sggyamg [at] gmail [dot] com — sggyamg, Madrid, Spain.
Language
The original and binding version of this Privacy Policy is the Spanish one. Versions in other languages are translations provided solely for your convenience; in the event of any discrepancy or conflict of interpretation, the Spanish version shall prevail.