Privacy Policy

Last updated: June 15, 2026

1. Introduction

Welcome to Medikle. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you use our mobile application and tell you about your privacy rights.

2. Data We Collect

We may collect, use, store and transfer different kinds of personal data about you including:

  • Identity Data includes your name and username.
  • Contact Data includes your email address.
  • Health Data includes information about your medications, dosages, schedules, medical records, photos of medicines or prescriptions you upload, and the content of your conversations with our AI assistant.
  • Technical Data includes internet protocol (IP) address, device information, and operating system.
  • Usage Data includes information about how you use our application.
  • Billing Data includes your subscription plan type, transaction identifiers, billing dates, and payment status. We do not collect or store your credit card number, debit card number, or banking credentials.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and maintain our service
  • To notify you about changes to our service
  • To allow you to participate in interactive features of our application
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our service
  • To monitor the usage of our service
  • To detect, prevent and address technical issues

4. Payment Data

We use Dodo Payments as our Merchant of Record and payment processor for all subscription payments. When you make a payment:

  • Your payment card details (credit card, debit card, and other supported methods) are collected and processed directly by Dodo Payments. We do not store, access, or have visibility into your full card numbers or banking credentials at any time.
  • Dodo Payments is a PCI-DSS Level 1 certified payment processor and acts as the Merchant of Record, handling billing and global tax compliance on our behalf.
  • We only receive and store a transaction reference ID, payment status, subscription plan details, and billing dates for our records.
  • For information on how Dodo Payments handles your payment data, please review Dodo Payments' Privacy Policy.

5. AI & Third-Party Service Providers

To provide features such as medicine identification, the AI health assistant, and the voice assistant, some of your content — including text you enter, photos of medicines or prescriptions you upload, and voice input — is processed by trusted third-party providers that act as our processors:

  • Google (Gemini API) — processes text and images to identify medicines and answer health questions. Your data is not used to train Google's models. See Google's API terms.
  • ElevenLabs — powers the voice assistant (speech-to-text and text-to-speech). See ElevenLabs' policy.
  • Supabase — hosts our database and authentication, where your account and health records are stored (encrypted).
  • Cloudflare — serves and secures our backend infrastructure.
  • Resend — sends transactional and notification emails.
  • Sentry & PostHog — error monitoring and product analytics, configured to avoid collecting your health content.

These providers process your data only to deliver the service, under their own data-processing and security terms. Medikle is an informational tool and relies on AI, which can make mistakes — please read our Medical Disclaimer.

6. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. Data is encrypted in transit and at rest, access is restricted on a need-to-know basis, and our API keys and credentials are held only on our secure servers — never inside the mobile app.

7. Data Retention

We keep your personal data only for as long as your account is active or as needed to provide the service. You can delete your account at any time from Settings → Delete Account in the app, which permanently removes your account and associated health data. Limited records may be retained where required by law (for example, billing records).

8. International Data Transfers

Some of our providers process data on servers located outside your country (including the United States and the European Union). Where data is transferred internationally, we rely on those providers' safeguards and contractual protections.

9. Children's Privacy

Medikle is not directed to children under 16, and we do not knowingly collect personal data from children. If you believe a child has provided us with data, please contact us and we will delete it.

10. Your Legal Rights

Depending on where you live, you may have rights to access, correct, export, restrict, or delete your personal data, and to object to or withdraw consent for certain processing. You can delete your account and data directly in the app, or email us at privacy@medikle.com to exercise any of these rights.

11. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us at:
privacy@medikle.com