A complete, transparent breakdown of what data MedTracker uses, stores, and — crucially — what it never touches.
Our commitments
Built on four privacy principles
Local only
All health data lives on your device. Nothing leaves it.
AES-256 encrypted
Your database is encrypted at rest. Unreadable without your password.
Zero tracking
No analytics, no crash reporters, no advertising SDKs.
No accounts
No sign-up, no email, no cloud sync. You are not a product.
Data Safety
Complete data disclosure
The table explains our Data Safety policy.
Data category
What it includes
Storage
Shared / Sent
Health & fitness
Medications, dosing schedules, appointments, symptoms, dose history, medical contacts
Encrypted local
Never shared
Personal information
Optional display name entered by the user within the app
Local only
Never shared
Device identifiers
Device ID, advertising ID, serial number
—
Not collected
Analytics & diagnostics
Crash reports, usage events, performance metrics
—
Not collected
Location data
Precise or approximate device location
—
Not collected
Contacts
Device address book or contact list
—
Not accessed
Financial data
Payment info, purchase history, card details
—
Not stored
Messages
SMS, emails, or in-app messages
—
Not collected
Purchase transactions are handled entirely by Stripe/Google Play. MedTracker never sees or stores your payment details.
Android permissions
What the app asks permission for
MedTracker requests only the permissions it genuinely needs. Here is exactly why each one is required.
POST_NOTIFICATIONS
Required to deliver local medication and appointment reminders. No data leaves your device.
USE_BIOMETRIC
Optional. Used only if you enable biometric unlock in Settings. Your biometric data never leaves your device.
SCHEDULE_EXACT_ALARM
Required to fire reminders at the precise time you set. Android 12+ requires this to be declared explicitly.
CALL_PHONE
Optional. Used only if you tap the call button on a saved medical contact. Never triggered automatically.
SEND_SMS
Optional. Used only if you tap the SMS button on a saved medical contact. Never triggered automatically.
READ/WRITE_EXTERNAL_STORAGE
Used only when you manually export or import a backup file. Access is scoped to your chosen file location.
Zero third-party SDKs
MedTracker contains no advertising networks, analytics platforms, crash reporting services, or social media SDKs. There are no third parties receiving your data — because no data is ever sent anywhere.
Your rights
Deleting your data
Because all data is stored locally on your device, you are always in full control. You can delete all data at any time by uninstalling MedTracker from your device. There is no residual data on any external server because none was ever sent.
Individual records — medications, appointments, symptoms, contacts — can be deleted from within the app at any time without uninstalling.