SnapMedic LogoSnapMedic

Privacy Policy

Last updated: July 20, 2025

Data Controller

Controller: Kirsty Wright

Contact: privacy@snapmedic.app

Location: United Kingdom

ICO Registration: ZB693397

How SnapMedic Works: Two Options

📱 Offline Only (Default)

  • ✅ No data collection
  • ✅ No internet required
  • ✅ All data stays on your device
  • ✅ Complete privacy

🔄 Optional Sync

  • 📧 Requires email signup
  • 🔒 Zero-knowledge encryption
  • 🌍 EU-based secure servers
  • ⚙️ Your choice and control

Important: SnapMedic works completely offline by default. Sync is entirely optional and requires your explicit consent via email signup.

What We Collect (Optional Sync Only)

If you choose to create an account for sync functionality, we collect minimal data:

Email Address

Purpose: Account authentication and encryption key generation

Legal Basis: Your consent (GDPR Article 6)

Encrypted Notes

Purpose: Cross-device synchronization

Protection: Client-side AES-256 encryption before upload

Legal Basis: Your consent

Sync Metadata

What: Timestamps, anonymized device identifiers

Purpose: Conflict resolution and multi-device coordination

Legal Basis: Your consent

How We Protect Your Privacy

🔐 Zero-Knowledge Encryption

  • Your notes are encrypted on your device using AES-256 before any upload
  • Encryption keys are derived from your email and never stored on our servers
  • We cannot read your notes - they appear as random encrypted data to us
  • Even if our servers were compromised, your data remains protected

🏥 Health Data Prevention & Privacy Validation

Advanced Privacy Scanning

  • Real-time scanning for 14+ UK healthcare-specific patterns
  • Detects NHS numbers, EMIS codes, GMC numbers, NMC PINs
  • Identifies patient identifiers, postcode patterns, and clinical terms
  • User-configurable sensitivity levels (low, medium, high)

Local-Only Processing

  • Privacy warnings generated locally on each device
  • Validation results never synced or shared
  • Each device independently scans your notes
  • No privacy data leaves your device

Professional Guidelines

  • Designed for healthcare professionals' personal notes only
  • Active discouragement of patient identifiable information
  • Compliance with professional note-taking standards
  • Not a replacement for official medical records systems

🌍 EU Data Hosting

  • All data stored on secure EU servers (London, UK)
  • GDPR-compliant data processors with Article 28 agreements
  • No data transfers outside the EU
  • Self-hosted monitoring and PDF services for maximum control

Third-Party Data Processors (Sync Only)

When you use sync functionality, your encrypted data may be processed by:

Supabase Inc. (Primary Processor)

Purpose: Encrypted data storage and sync coordination

Location: EU servers (London, UK)

Compliance: GDPR Article 28 compliant processor with SOC 2 and ISO 27001 certification

Linode/Akamai

Purpose: Infrastructure hosting for self-hosted services

Location: EU region

Data: Hosts our self-hosted Sentry error monitoring and PDF services

Self-Hosted Services

We self-host our own Sentry error monitoring and PDF generation services on our own infrastructure under our direct control. PDF export processes only data you send to it, then immediately forgets it.

Your Rights and Controls

🗑️ Account Deletion

Delete your account and all data anytime. Data is immediately removed with 30-day server cleanup period.

📤 Data Export

Download all your data in readable JSON or PDF format anytime through the app.

🚫 Consent Withdrawal

Withdraw consent anytime by deleting your account. No questions asked.

Backup Codes & Account Recovery

How Backup Codes Work

  • Generated locally only after you manually generate them
  • Stored locally on your device, not on our servers
  • Required for account recovery
  • Each code can only be used once

Using Backup Codes

  • Lost Email Access: Login with backup code to regain account access
  • Device Setup: Access your account on new devices
  • Account Recovery: Your only option if you lose email access

⚠️ Critical Security Notice

Due to zero-knowledge encryption, we cannot recover your data if you lose both your email access and backup codes. Save your backup codes in a secure location immediately after generating them.

Data Retention

  • Sync Data: Retained until you delete your account
  • Account Deletion: All data immediately deleted with 30-day server cleanup
  • Error Logs: Self-hosted, anonymized, retained for 12 months for debugging
  • No Analytics: We do not collect usage analytics or behavioral data

Professional Use Guidelines

For Healthcare Professionals

  • SnapMedic is designed for your personal professional notes and reference
  • Follow your organization's policies regarding personal note-taking devices
  • Use privacy warnings to avoid storing patient identifiable information
  • You remain responsible for compliance with professional standards
  • This is not a replacement for official medical records systems

Legal Basis for Processing

Data Type Legal Basis Your Control
Email Address Consent (GDPR Article 6) Change or delete account
Encrypted Notes Consent (GDPR Article 6) Edit, export, or delete anytime
Sync Metadata Consent (GDPR Article 6) Delete account to remove

Note: If health data is incidentally included despite privacy warnings, processing relies on explicit consent under GDPR Article 9.

Children's Privacy

Our services are designed for healthcare professionals and are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

Security Measures

  • Client-side AES-256 encryption with PBKDF2 key derivation
  • TLS 1.3 encryption for all data transmission
  • EU-based servers with SOC 2 and ISO 27001 certification
  • Regular security audits and monitoring
  • Row-level security preventing cross-user data access
  • Self-hosted monitoring services for maximum control

Updates to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. When we make significant changes:

  • We'll update the "Last updated" date
  • We'll notify you via email if you have a sync account
  • We'll provide 30-day notice for changes affecting your rights
  • Continued use after notice constitutes acceptance

Contact Us

Privacy Questions

Email: privacy@snapmedic.app

Response time: Within 48 hours

Complaints and Regulatory Contact

If you're not satisfied with our response, you can contact:

UK: Information Commissioner's Office (ICO) - ico.org.uk

EU: Your local data protection authority