Privacy Policy / سياسة الخصوصية
Last Updated: December 30, 2025
Want Your Data Deleted?
Visit our Data Deletion Request page or email info@saferx.online
Include: Your phone number (if you used Phone Sync) or device information.
We will respond within 30 days and complete deletion within 45 days.
1. Introduction
SafeRx ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our website and mobile application ("Service").
By using SafeRx, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.
Legal Basis (GDPR): We process your data based on: (a) your consent, (b) performance of service, and (c) legitimate interests in improving our Service.
2. Information We Collect
2.1 Information You Provide
- Prescription Images: When you upload a prescription for OCR processing, the image is processed in real-time and immediately deleted. We do NOT store prescription images on our servers.
- Phone Number (Optional): If you enable Phone Sync to sync your profile across devices, we collect your phone number for:
- Sending a one-time verification code (OTP) via SMS
- Linking your profile preferences across devices
- Profile Preferences (Optional): Age, sex, medical conditions — stored locally by default. Only synced to our servers if you explicitly enable Phone Sync.
2.2 Automatically Collected Information
- Device Information: Device type, operating system version, and unique identifiers for push notification delivery
- Firebase Cloud Messaging Token: For delivering push notifications about drug safety updates
- Usage Analytics: Anonymous, aggregated data about feature usage to improve our Service
2.3 Information We Do NOT Collect
- Personal health records or medical history
- Names or addresses
- Insurance or payment information
- Location data
- Stored prescription images (deleted immediately after processing)
3. Data Retention
We retain your data only as long as necessary:
| Data Type | Retention Period |
|---|---|
| Prescription images | 0 seconds — deleted immediately after processing |
| Phone number (hashed) | Until you request deletion or delete your synced profile |
| Profile preferences (local) | Until you clear app data or uninstall |
| Push notification tokens | Until you disable notifications or uninstall |
| Anonymous analytics | 90 days (aggregated, non-identifiable) |
4. Third-Party Services
We use the following third-party services to provide SafeRx:
4.1 Google Cloud Vision API
Used for prescription image OCR (text recognition). Images are transmitted securely to Google's servers for processing and are not stored by Google after processing. See Google Cloud Vision Data Usage.
4.2 Firebase (Google)
Used for push notification delivery. We share only your device token with Firebase. See Firebase Privacy Policy.
4.3 Hetzner (Hosting)
Our servers are hosted on Hetzner infrastructure in Germany. See Hetzner Privacy Policy.
4.4 SMS Provider
If you use Phone Sync, we use a third-party SMS provider to send verification codes. Only your phone number is shared for this purpose.
We do NOT sell your data. We only share data with third parties as described above to provide the Service.
5. Data Security
5.1 Encryption
- All network communications use HTTPS/TLS 1.3
- Local database encrypted with AES-256 (SQLCipher)
- Phone numbers are hashed with SHA-256 before storage
5.2 Security Measures
- Hardware-backed key storage (Android Keystore)
- Certificate pinning for API communications
- No cleartext traffic permitted
- Regular security audits
5.3 Breach Notification
In the event of a data breach affecting your personal information, we will:
- Notify affected users within 72 hours of discovery
- Report to relevant authorities as required by law
- Provide details about what data was affected and remediation steps
6. Your Rights
You have the following rights regarding your data:
- Right to Access: Request a copy of any personal data we have about you
- Right to Deletion: Request deletion of your personal data at any time
- Right to Rectification: Request correction of inaccurate data
- Right to Portability: Request your data in a machine-readable format
- Right to Object: Object to processing of your data
- Right to Withdraw Consent: Withdraw consent at any time
How to Exercise Your Rights
Email: info@saferx.online
Subject Line: "Data [Access/Deletion/Correction] Request"
Include: Your phone number (if used Phone Sync) or device information
Response Time: Within 30 days
Completion Time: Within 45 days
7. Children's Privacy
SafeRx is intended for users 18 years of age and older. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately at info@saferx.online and we will delete it promptly.
8. Medical Disclaimer
IMPORTANT: SafeRx provides drug information for educational purposes only. This Service is NOT intended to replace professional medical advice, diagnosis, or treatment.
Always consult a qualified healthcare provider before making medication decisions. See our Terms of Service for complete disclaimer.
9. International Users
SafeRx is operated from servers in Germany (EU). If you access our Service from outside the EU, your information may be transferred to and processed in Germany. By using SafeRx, you consent to this transfer.
For EU residents: We comply with GDPR requirements. For other jurisdictions, we apply the same privacy protections.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted with an updated "Last Updated" date. Material changes will be communicated via:
- Push notification (if enabled)
- Prominent notice on our website
- Email (if we have your contact information)
Continued use of SafeRx after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights:
- General Inquiries: info@saferx.online
- Data Deletion Requests: info@saferx.online (Subject: "Data Deletion Request")
- Privacy Concerns: privacy@saferx.online
- Website: https://saferx.online
This privacy policy is compliant with GDPR (EU), Google Play Store requirements, and general privacy best practices. Last reviewed: December 2025.