Legal

Privacy Policy

Effective date: 1 January 2025  ·  Last updated: March 2026

Contents
  1. Information we collect
  2. How we use your information
  3. Data storage and security
  4. Data sharing and third parties
  5. Your rights
  6. Children's privacy
  7. Data retention
  8. International transfers
  9. Changes to this policy
  10. Contact us

The short version: Your health data is yours. We never sell it, never share it with advertisers or insurance companies, and we encrypt it at rest and in transit. You can export or delete everything at any time.

01Information we collect

We collect only the data needed to provide the 3TABZ service. We do not collect data for advertising purposes.

CategoryWhat we collectWhy
Account Email address, full name, password (hashed) Authentication and account management
Health data Medications, doses, schedules, logs, temperature readings, illness history, occurrence records Core app functionality
Device Push notification token, device platform (iOS/Android) Sending reminders and alerts
Usage Anonymous feature usage, crash reports Improving reliability and performance
AI interactions Medication queries sent to AI features Generating personalised guidance

We do not collect your precise GPS location, contacts, camera, microphone, or any data unrelated to medication management.

02How we use your information

We use your information exclusively to:

  • Provide, maintain, and improve the 3TABZ app
  • Send medication reminders and health alerts you have configured
  • Generate AI-powered medication guidance (processed by OpenAI on your behalf)
  • Detect and prevent fraud, abuse, or security incidents
  • Comply with legal obligations
  • Respond to your support requests

We do not use your health data to build advertising profiles, infer insurance risk, or train AI models without your explicit, separate consent.

03Data storage and security

All data is stored on servers in secure cloud infrastructure. We implement the following protections:

  • TLS encryption for all data in transit
  • AES-256 encryption for sensitive fields at rest
  • Hashed passwords (bcrypt, never stored in plaintext)
  • JWT tokens with short expiry and rotation on use
  • Access control: our staff can only access your data for support purposes, with logging
  • Regular security audits and dependency updates

No system is 100% secure. If a breach occurs that affects your personal data, we will notify you within 72 hours as required by applicable law.

04Data sharing and third parties

We share your data with the following categories of third parties only as necessary to provide the service:

ServicePurposeData shared
OpenAI AI medication guidance Medication names and queries (no identifying info)
Expo / FCM / APNs Push notifications Push token, notification content
Apple / Google In-app purchase verification Purchase receipts (no health data)
Email provider Transactional emails Email address only

We never sell your data. We never share your health data with advertisers, insurance companies, employers, or data brokers — ever.

We may disclose data if required by a valid legal process (court order, subpoena). We will notify you when legally permitted to do so.

05Your rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of all data we hold about you
  • Export — download a machine-readable copy of your data from the app (Settings → Privacy & Data → Export my data)
  • Correction — update inaccurate information at any time in-app
  • Deletion — request permanent deletion of your account and all associated data (Settings → Privacy & Data → Delete account). Data is purged within 30 days.
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing for purposes other than providing the service

To exercise any right, use the in-app controls or email support@3tabz.com. We respond within 30 days.

06Children's privacy

3TABZ is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal data, please contact us and we will delete it promptly.

Users aged 13–17 may use the app only with parental consent.

07Data retention

We retain your data for as long as your account is active. When you delete your account:

  • All health records (medications, logs, reminders, etc.) are deleted within 30 days
  • Account credentials are deleted immediately
  • Anonymised, non-identifiable usage statistics may be retained for service improvement
  • Billing records may be retained for up to 7 years as required by tax law

08International transfers

3TABZ operates globally. Your data may be processed in countries outside your own, including the United States and European Union. Where required, we use Standard Contractual Clauses or other lawful transfer mechanisms to protect your data.

09Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and with an in-app banner at least 14 days before the change takes effect. Your continued use of 3TABZ after that date constitutes acceptance of the updated policy.

The "Last updated" date at the top of this page reflects the most recent revision.

10Contact us

For any privacy-related questions, data requests, or concerns:

We are committed to resolving complaints. If you are in the European Economic Area and believe your rights have been violated, you also have the right to lodge a complaint with your local data protection authority.

Questions about your data?

We're here to help. Contact our team directly.

Email support@3tabz.com