How Medical Vault Mobile collects, stores, and protects your personal health information. Your health data belongs to you — this policy explains exactly how we handle it.
Medvyl (“Medical Vault”, “we”, “us”, or “our”) provides Medical Vault Mobile, an offline-first personal health-records application available on Android and iOS (the “App”). This Privacy Policy explains what information the App collects, how we use and protect it, and the choices available to you.
By creating an account or using the App, you agree to the practices described in this policy. If you do not agree, please do not use the App. This policy applies to all versions of Medical Vault Mobile distributed through the Google Play Store, Apple App Store, and any related services we operate (together, the “Services”).
Medical Vault Mobile is designed with a privacy-first, offline-first architecture. Your health data is stored locally on your device by default and the App functions fully without an internet connection.
We collect only the information necessary to provide, secure, and improve the App. All health data listed below is entered by you directly — we do not automatically retrieve records from hospitals, insurers, or other third parties.
When you register, we collect:
You may optionally provide:
You may create medical records in four categories: clinic visits, lab tests, radiology reports, and surgeries. Each record may include category-specific fields, doctor notes, dates, and references to file attachments stored on your device.
Language, locale, date format, measurement units, accent colour, dark-mode setting, large-text preference, notification preferences, and security settings (biometric lock, auto-lock timeout, screen-capture protection).
We do notcollect: precise or approximate location data, contact lists, call logs, SMS messages, browsing history, advertising identifiers, financial or payment information, biometric identifiers (fingerprint or face data — biometric unlock is handled entirely by your device's operating system and never transmitted to us), or any data from other apps on your device.
We use the information you provide for the following purposes only:
We do not use your health data for advertising, marketing, or profiling. We do not sell, rent, or trade your personal information to any third party — ever. This is a permanent commitment.
We do not use your data to train machine-learning or AI models.
Medical Vault Mobile is built offline-first. All your health data is stored locally on your device in an encrypted database protected by AES-256 encryption. The encryption key is a 256-bit cryptographically random value generated on first launch and stored in your device's secure hardware-backed storage. This key never leaves your device.
Authentication tokens and the database encryption key are persisted only in your device's secure, hardware-backed storage and are excluded from cloud backups.
When the App communicates with our servers (for example, during account registration or login), all data is transmitted over TLS 1.2 or above to ensure it cannot be intercepted in transit.
We share your information only in these limited circumstances:
We do not sell, share, or disclose your personal health information to advertisers, data brokers, or any third parties for marketing purposes.
The App requests only the permissions necessary for its features. You can manage all permissions through your device's system settings at any time.
The App does not request access to: location, contacts, call logs, SMS, microphone, Bluetooth, or any sensor data beyond what is listed above.
All your health data is stored locally on your device. You can delete individual records, medications, pharmacy items, or vital-sign readings at any time from within the App. Uninstalling the App removes all locally stored data.
Your account information (email and password hash) is stored on our authentication server. You can request deletion of your account by:
Upon receiving a deletion request, we will permanently delete all your personal data from our servers within 30 days, except where retention is required by applicable law.
Data export: You can export your medical records and vital-sign trends as PDF files at any time from within the App, before or after requesting deletion.
You have the right to:
Most of these rights can be exercised directly from within the App's profile and settings screens. For any request you cannot complete in-app, contact contact@amacraft.io. We will respond within 30 days.
The App does not include third-party analytics SDKs, advertising frameworks, social-media tracking pixels, or any code that transmits your health data to third parties.
The App does not contain advertisements of any kind.
Our infrastructure partners (hosting, email) process only technical-layer data under strict agreements and never access your health records.
Medical Vault Mobile is designed for individuals managing their own health data. The App is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under 13.
If you are a parent or guardian and believe that your child has created an account or provided personal information without your consent, please contact us immediately at contact@amacraft.io. We will promptly delete the account and all associated data.
Medical Vault Mobile is available in English and Arabic and may be used internationally. If you use the App from outside the United States, your account data (email and password hash) may be processed on servers located in the United States.
We are committed to handling your data in accordance with applicable data-protection laws, including the EU General Data Protection Regulation (GDPR) where applicable. If you are located in the European Economic Area, you have additional rights under the GDPR, which you can exercise by contacting contact@amacraft.io.
We may update this Privacy Policy as the App evolves. When we make material changes, we will notify you through the App or via email at least 30 days before the changes take effect. We will post a summary of what changed and why.
Minor clarifications or formatting changes will be posted here with an updated revision date. We encourage you to review this page periodically. Your continued use of the App after any changes constitutes acceptance of the updated policy.