Privacy Policy
Last Updated: July 2026
1. Introduction
This Privacy Policy explains how MedPlaner (the "Service") — an AI-powered medication planning and reminder tool delivered through Telegram — collects, uses, stores, and protects information when you use the Telegram bot, Mini App, and related website pages.
By using the Service, you acknowledge that you have read this Privacy Policy. If you do not agree, please do not use the Service.
MedPlaner is a reminder and planning tool. It is not a healthcare provider, medical device, diagnostic service, or emergency service.
2. Information We Collect
We follow a data-minimization approach. We do not ask for your real name, email address, phone number, postal address, or medical records to use the Service.
2.1 Information you provide
- Medication names, doses, schedules, and optional notes you enter
- Settings such as language, time zone, and meal times
- Adherence actions: taken, skipped, or snoozed doses
- Caregiver invite tokens you generate, and caregiver relationships you authorize
- Text or voice messages used to create or edit schedules
2.2 Information from Telegram
- Your Telegram user ID — to link your account and deliver reminders
- Your Telegram username or display name, if visible — for interface display only
- Mini App
initData— used to verify session authenticity; not stored as a separate access log
2.3 Subscription and payment data
Paid plans are processed through Telegram Stars. We store subscription status and expiry dates. Payment processing is handled by Telegram; we do not receive or store your payment card details.
2.4 Technical and analytics data
- Product usage events (for example: reminder created, subscription activated) — to improve the Service
- Error reports (message, page URL, stack trace) — to fix failures
- Dose action logs — for support in disputed situations and adherence statistics
2.5 What we do not collect
- Your legal name, email, or phone number (unless you voluntarily contact support)
- Your medical records or clinical history from healthcare providers
- Persistent device identifiers outside Telegram
- Prescription photos or package scans — not supported in the current version
3. How We Use Your Information
We use collected information solely to operate and improve the Service, including to:
- Calculate and deliver medication reminders at the times you configure
- Display adherence history and statistics (where available on your plan)
- Power AI-assisted schedule parsing from text or voice input
- Enable Caregiver Monitor features you explicitly authorize
- Manage subscriptions and plan limits
- Respond to support requests and resolve technical issues
- Measure aggregated product performance without identifying individuals
We do not sell your personal data, share it with advertisers, or build advertising profiles.
4. AI Processing
When you add or edit a schedule using natural language or voice, your input is sent to external AI providers for processing:
- DeepSeek — parses text schedules (for example: "aspirin twice a day with meals")
- OpenAI Whisper — transcribes voice messages you send
AI output is shown to you as a draft preview. Nothing is saved until you confirm. You remain responsible for verifying doses and timing with your healthcare provider.
We may store the text you submitted, the parsed schedule, and limited technical AI response metadata to troubleshoot errors. Voice audio is processed for transcription and is not retained by us as a permanent recording.
5. Caregiver Mode
If you enable Caregiver Monitor, you generate an invite link or token. A caregiver you choose may see adherence status (taken, missed, or pending doses) for your account. Caregivers cannot change your medication schedules through caregiver access alone.
You may revoke caregiver access at any time. If you delete your account, caregiver relationships linked to your account are removed.
6. Legal Basis (GDPR)
If you are in the European Economic Area, United Kingdom, or another jurisdiction with similar laws, we process personal data on the following bases:
- Contract performance — to provide reminders, schedules, and features you request
- Legitimate interests — to secure the Service, prevent abuse, and improve reliability, balanced against your rights
- Consent — where required for optional features or specific processing; you may withdraw consent without affecting lawfully processed data before withdrawal
- Legal obligation — where retention or disclosure is required by applicable law
7. Data Storage and Security
Service data is stored in PostgreSQL on servers located in the European Union. Short-lived bot session state may be held in Redis and is not a long-term medication store.
Data in transit between your device and our servers is protected using HTTPS. Mini App requests are authenticated using Telegram's cryptographic signature verification and time-limited session tokens. API access is isolated per user account.
We apply reasonable technical and organizational safeguards. No online service can guarantee absolute security.
8. Data Retention
- Active account data — retained while your account exists and reminders are in use
- Error logs — automatically deleted after 90 days
- Dose action logs — automatically deleted after 180 days
- Deleted accounts — see Section 9 and our Data Deletion page
9. Your Rights
Depending on your location, you may have the right to access, correct, export, restrict, object to, or delete personal data, and to lodge a complaint with a supervisory authority.
9.1 Export (data portability)
In the Mini App: Settings → Data & Privacy → Export all data. In the bot: open Settings and use the data export option. You receive a JSON file containing reminders, logs, settings, and subscription status.
9.2 Deletion
You may permanently delete your account and associated data at any time. See Data Deletion Instructions for step-by-step guidance. Deletion is irreversible — export first if you need a copy.
9.3 Other requests
For access requests or privacy questions not covered above, contact support@medpillreminder.com. We respond within a reasonable time as required by applicable law.
10. Third-Party Services
The Service depends on third parties that process data under their own policies:
- Telegram — messaging, Mini App platform, and Stars payments
- DeepSeek — text schedule parsing
- OpenAI — voice transcription
- Hosting infrastructure — server and database operations in the EU
We do not sell data to third parties. Third-party AI providers receive only what is necessary to process your specific request.
11. International Transfers
Primary storage is in the EU. Some subprocessors (such as AI providers) may process data in other countries. Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms.
12. Children's Privacy
The Service is not directed at children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided data without appropriate consent, contact us to request deletion.
13. Medical Disclaimer
MedPlaner provides reminders and planning assistance only. It does not provide medical advice, diagnosis, treatment recommendations, or emergency assistance. Always follow instructions from qualified healthcare professionals. In a medical emergency, contact local emergency services immediately.
14. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last Updated" date at the top reflects the latest revision. Material changes may be communicated through the bot or Mini App where practicable. Continued use after an update constitutes acceptance of the revised policy, unless applicable law requires otherwise.
15. Contact
Privacy questions, data requests, and account issues: support@medpillreminder.com
Related documents: Terms of Service · Data Deletion · About