Privacy Policy

Last updated: January 2026

MediFolio (hereinafter referred to as "we") values your privacy highly. This Privacy Policy explains how we collect, use, and protect your personal information.

1. Data Collection

1.1 Information You Provide

When you use MediFolio, you may provide the following information:

  • Family member information (name, date of birth, gender, blood type, etc.)
  • Medical records (medical history, lab reports, prescriptions, etc.)
  • Vital signs data (blood pressure, blood sugar, body temperature, etc.)
  • Medication information (drug name, dosage, time of administration, etc.)

1.2 Information Collected Automatically

With your authorization, we may sync the following data from Apple HealthKit:

  • Heart rate, blood pressure, blood oxygen data
  • Sleep analysis data
  • Step count and activity data

2. Data Storage

2.1 Local Storage

All your medical data is stored locally on your device. We use Apple\'s SwiftData framework for data persistence, and data will not leave your device without your explicit consent.。我们使用 Apple 的 SwiftData 框架进行数据持久化,数据不会在未经您明确同意的情况下离开您的设备。

2.2 iCloud Sync

If you enable iCloud sync, your data will be synced across your devices via Apple\'s iCloud service. This feature is completely optional and can be turned off in settings at any time.

3. Data Usage

3.1 AI Document Recognition

When you use the AI document recognition feature:

  • We first perform local OCR recognition on your device
  • Before sending to the AI server, we automatically remove all Personally Identifiable Information (PII), including: name, phone number, ID number, address, etc.,包括:姓名、电话号码、身份证号、地址等
  • Only de-identified medical content is sent to the AI server for analysis
  • The AI server does not store your data

3.2 Data Analysis

All data analysis (such as trend charts, statistical reports) is completed locally on your device.

4. Third-Party Services

4.1 AI Service Providers

We use the following AI services for document recognition and report generation:

  • Google Gemini API (for overseas users)
  • DeepSeek API (for mainland China users)

As mentioned above, data sent to these services has undergone PII de-identification.

4.2 Apple Services

  • HealthKit: Used to sync health data (requires your authorization):用于同步健康数据(需要您的授权)
  • iCloud: Used for data backup and sync (optional):用于数据备份和同步(可选)
  • App Store: Used for in-app purchases:用于应用内购买

5. Data Security

We take the following measures to protect your data:

  • All data is stored locally on the device, protected by iOS security mechanisms
  • Network transmission uses HTTPS encryption
  • Automatic PII de-identification before AI analysis
  • No ads, no user behavior tracking

6. Your Rights

You have full control over your data:

  • Access: You can view all your data at any time:您可以随时查看您的所有数据
  • Export: You can export data as PDF reports:您可以将数据导出为 PDF 报告
  • Delete: You can delete any or all data at any time:您可以随时删除任何或全部数据
  • Revoke Authorization: You can revoke HealthKit access in iOS settings at any time:您可以随时在 iOS 设置中撤销 HealthKit 访问权限

7. Children\'s Privacy

MediFolio allows parents to create health profiles for children. We do not knowingly collect personal information from children; all data is managed by parents or guardians.

8. Policy Updates

We may update this Privacy Policy from time to time. Updated policies will be posted in the app and on this website with the update date.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us via:

电子邮件:[email protected]