1. Information We Collect
MediAlly collects information to provide you with a reliable medication management experience. The data we collect falls into the following categories:
Account Information
When you create an account, we store your Apple ID (used for Sign in with Apple), display name, and email address. This information is required to authenticate your identity and enable iCloud sync across your devices.
Medication Data
We store medication names, dosages, schedules, refill dates, and any notes you add. This data is core to the app's functionality and is stored locally on your device using SwiftData, with optional syncing via iCloud CloudKit.
Health Indicators
With your explicit permission, MediAlly may read or write health data from Apple HealthKit, such as medication adherence logs or vitals you choose to track. HealthKit data never leaves your device without your explicit consent.
Device & Usage Information
We collect anonymous, aggregated usage statistics such as crash reports and performance metrics to improve app stability. This data is collected through Apple's standard analytics and does not include personally identifiable information.
2. How We Use Your Information
The information we collect is used solely to deliver and improve MediAlly's services:
- Medication reminders and adherence tracking to help you stay on schedule.
- Cross-device sync via iCloud CloudKit so your data is consistent across iPhone, iPad, Mac, and Apple Watch.
- Secure data sharing with family members or caregivers through CKShare, when you explicitly enable it.
- Anonymous analytics to identify bugs, monitor performance, and guide feature development.
We do not use your data for advertising, marketing, or any purpose beyond operating and improving the app.
3. Data Storage & Security
MediAlly is designed with a privacy-first architecture:
Local Storage
Your medication data is stored locally on your device using Apple's SwiftData framework. Local storage is encrypted by iOS, iPadOS, and macOS using device-level encryption (FileVault or Data Protection), ensuring your data remains secure even if your device is lost.
Cloud Sync
When iCloud sync is enabled, your data is transmitted to and stored in Apple's CloudKit infrastructure. All CloudKit data is encrypted in transit using TLS and encrypted at rest on Apple's servers. Apple manages the encryption keys and security of CloudKit data in compliance with their standard security practices.
HealthKit Data
Health data shared between MediAlly and the Health app remains within Apple's secure HealthKit ecosystem. MediAlly cannot access this data without your explicit permission, and you can revoke access at any time through Settings.
4. Data Sharing
Family & Caregiver Sharing
MediAlly allows you to share your medication records with designated family members or caregivers through Apple's CKShare technology. Sharing is initiated only by you, and recipients can only view the data you explicitly choose to share. You may revoke sharing at any time.
No Third-Party Data Selling
MediAlly does not sell, rent, or trade your personal data to third parties for any purpose. We do not use third-party advertising networks, data brokers, or analytics services that collect personally identifiable information.
Legal Requirements
We may disclose your information if legally required to do so, such as in response to a valid subpoena, court order, or government request, or to protect the rights, property, or safety of MediAlly, our users, or the public.
5. Your Rights
You have full control over your data. Specifically:
- Access. You can view all your medication records directly within the app at any time.
- Deletion. You may delete individual medication entries or your entire account and all associated data at any time. Deleted data is removed from both your device and iCloud.
- Export. You can export your medication data in a standard format (JSON) for your own records or to transfer to another service.
- Correction. You can edit any of your medication records, including names, dosages, schedules, and notes, at any time.
- HealthKit Control. You can grant or revoke MediAlly's access to HealthKit data through Apple Health settings at any time.
6. Children's Privacy
MediAlly is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such data, we will take prompt steps to delete it. If you believe a child under 13 has provided us with personal information, please contact us immediately.
7. Changes to This Policy
We may update this Privacy Policy from time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by:
- Updating the "Last updated" date at the top of this page.
- Posting a prominent notice within the app.
- Sending an email notification if the change significantly affects how your data is handled.
Your continued use of MediAlly after changes are posted constitutes your acceptance of the updated policy.
8. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or how your data is handled, please contact us at:
We aim to respond to all inquiries within 5 business days.