HomeMedSpark
PrivacyTerms
MedSpark legal

MedSpark Privacy Policy

Last updated April 20, 2026. Effective date April 20, 2026.

On this page
  1. Who Is the Controller of Your Information
  2. Scope and Important Clarifications
  3. Information We Collect
  4. How We Use Your Information
  5. Consent — Special Rules for Sensitive Health Data
  6. How We Disclose Information
  7. How the Visual Check Works
  8. International Data Transfers
  9. Security
  10. Data Retention
  11. Your Privacy Rights
  12. Children
  13. "Do Not Sell or Share," Opt-Out Preference Signals, and Tracking
  14. Regional Notices
  15. Changes to This Policy
  16. Contact Us

This Privacy Policy explains how MedSpark, Inc. ("MedSpark," "we," "us," or "our") collects, uses, discloses, retains, and protects personal information in connection with the MedSpark mobile application, any related websites, APIs, content, features, and services (collectively, the "Service"). It also explains the rights you may have under applicable data-protection laws.

This Policy is incorporated by reference into our Terms of Service. Capitalized terms not defined here have the meanings given in the Terms of Service.

If you do not agree with this Policy, do not use the Service.

1. Who Is the Controller of Your Information

MedSpark, Inc., a Delaware corporation, is the controller ("controlador") of personal information processed through the Service. You can contact us at:

Postal address: 257 Highland Ave Apt 2, Somerville, MA 02143

General privacy inquiries (English and Portuguese): team@medspark.app

Brazilian data subject requests (Portuguese): team@medspark.app

Privacy contact: team@medspark.app

Brazil — Small Processing Agent Status. MedSpark currently qualifies as a "small processing agent" under ANPD Resolution CD/ANPD No. 2/2022 and is therefore exempt from the obligation to formally appoint a Data Protection Officer ("Encarregado") under Art. 41 of the LGPD. As required by that Resolution, we maintain a dedicated communication channel for Brazilian data subjects at the email above. This status may change if our processing activities expand, and we will update this Policy accordingly.

Where We Operate. We currently offer the Service in the United States and Brazil. This Policy applies to users in both jurisdictions, with jurisdiction-specific provisions in Sections 11 and 14.

2. Scope and Important Clarifications

2.1 Not HIPAA-Covered. MedSpark is a direct-to-consumer general-wellness application. We are not a "covered entity" or "business associate" under the U.S. Health Insurance Portability and Accountability Act ("HIPAA") when we offer the Service directly to you. Information you provide through the Service is not "Protected Health Information" under HIPAA when held by us in that capacity, even though some of it may relate to your health. If, in a separate arrangement, we act as a business associate for a covered entity, a separate Business Associate Agreement will govern and will prevail over conflicting terms here.

2.2 Consumer Health Data. We treat certain information you enter — medication names, schedules, adherence logs, and images submitted for the visual check — as sensitive consumer health information and we apply heightened protections. These include: in the United States, protections under the Washington My Health My Data Act, Nevada SB 370, the Connecticut Data Privacy Act, the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA"), and the FTC Act and FTC Health Breach Notification Rule; and in Brazil, protections under the Lei Geral de Proteção de Dados (Law No. 13,709/2018, "LGPD"), the Código de Defesa do Consumidor (Law No. 8,078/1990, "CDC"), the Marco Civil da Internet (Law No. 12,965/2014), and ANPD regulations. LGPD classifies health data as "dados pessoais sensíveis" (sensitive personal data) under Art. 5(II) and imposes stricter processing requirements than for non-sensitive data.

2.3 Children. The Service is intended for adults (see Section 12). We do not knowingly collect personal information from children under the applicable age (under 13 in the United States under the Children's Online Privacy Protection Act ("COPPA"); under 18 in Brazil, with additional protections for all minors under the LGPD, the Estatuto da Criança e do Adolescente — Law No. 8,069/1990, and the Digital Child and Adolescent Statute — Law No. 15,211/2025).

3. Information We Collect

We collect only the information we need to provide and improve the Service.

3.1 Information You Provide to Us

Account information: name, email address, password (stored only in salted, hashed form), date of birth, and gender (self-reported).

Onboarding inputs: responses to enrollment questions; if applicable, trial codes or insurer codes you voluntarily enter.

Medication and regimen data: medication names you enter or select, medication types (pill, injection, liquid), dosing schedules, days, and times, and your logs of taken, skipped, or missed reminders.

Art preferences: creative inputs (subject, action, place, style) and the AI-generated images produced for you.

Visual-check images: photographs you submit to the visual-check feature. These are of your hand holding a small object. We use them only to run an automated check for the presence of a pill-shaped object. We do NOT attempt to identify the medication, read any imprint, determine dosage, or extract biometric identifiers from your hand or body. See Section 4.2 and Section 7 for retention and processing specifics.

Support communications: subject, message body, and contact details you provide when you write to us.

Payment information: if you purchase subscriptions or in-app items, the purchase is processed by the applicable app store (Apple App Store or Google Play), and the store shares with us only a non-identifying transaction receipt. We do not receive or store your payment card details.

3.2 Information Collected Automatically

Device and technical information: device model, operating system and version, app version, language and locale, time zone, mobile network information (not phone number), device identifiers (such as Apple Identifier for Vendor / Google Advertising ID, only where permitted and where you have consented under Apple App Tracking Transparency or equivalent), IP address, and crash logs.

Usage information: screens viewed, features used, buttons tapped, session duration, navigation paths, gamification events (XP, tokens, badges, streaks), and errors encountered.

Notification delivery information: push-notification tokens issued by Apple Push Notification service ("APNs") or Google Firebase Cloud Messaging ("FCM") and delivery status where reported.

Cookies and similar technologies: if you visit our website, we may use cookies and similar technologies as described at https://medspark.app/cookies.

3.3 Information We Do NOT Intentionally Collect

We do not intentionally collect: precise geolocation, microphone audio, contacts, photos other than those you submit to the visual check, health data from Apple Health or Google Fit unless you expressly connect such a source in a future release, biometric identifiers, immigration status, or information about children.

4. How We Use Your Information

We use personal information for the following purposes. For each purpose, we note the applicable legal basis: in the United States, under general consumer-law and consent frameworks; in Brazil, under the LGPD (bracketed references below).

4.1 Provide the Service. To create and maintain your account, store your medications, deliver reminders, operate the gamification system, generate AI artwork, and run the visual check. [Brazil: Art. 7(V) execution of contract for non-sensitive data; Art. 11(I) specific, highlighted, and informed consent for sensitive health data; Art. 11(II)(e) protection of the life or physical integrity of the data subject where relevant.]

4.2 Visual-Check Processing. To run an automated image analysis to detect whether the photograph appears to contain a pill-shaped object in a visible hand. We do not identify specific medications. We do not extract or store biometric identifiers. Images are processed in the ways described in Section 7 and retained only for the period described in Section 10. You have the right to request information about this automated processing and to request manual review where applicable. [Brazil: Art. 11(I) specific and highlighted consent for sensitive data; Art. 20 right to review of automated decisions.]

4.3 Support and Communications. To respond to your inquiries, send transactional messages (password resets, receipts, security alerts, material changes to these policies), and, with your consent where required, product updates. [Brazil: Art. 7(V) execution of contract; Art. 7(IX) legitimate interests; Art. 7(I) consent for optional marketing.]

4.4 Security, Fraud Prevention, and Abuse Detection. To protect the Service, detect unauthorized access, prevent fraud, enforce our Terms, and protect the rights, property, and safety of MedSpark, users, and others. [Brazil: Art. 7(IX) legitimate interests; Art. 7(II) legal or regulatory obligation.]

4.5 Analytics and Improvement. To understand how the Service is used, fix bugs, measure performance, and improve features. Where we use analytics, we aggregate and, where feasible, anonymize data. [Brazil: Art. 7(IX) legitimate interests, subject to the balancing test and the data subject's right to object under Art. 18(IX).]

4.6 Legal and Regulatory. To comply with applicable law, respond to lawful requests from public authorities, and establish, exercise, or defend legal claims. [Brazil: Art. 7(II) or Art. 11(II)(a) legal or regulatory obligation; Art. 7(VI) or Art. 11(II)(d) regular exercise of rights in proceedings.]

4.7 Aggregate and Anonymized Data. We may create aggregate or anonymized data ("dados anonimizados") that cannot reasonably be used to identify you, where anonymization is irreversible with reasonable effort, and use it for any purpose, including research and product development. We will not attempt to re-identify such data and will contractually prohibit recipients from doing so. Anonymized data is outside the scope of the LGPD under Art. 12 when anonymization meets the standard in Art. 5(XI).

4.8 Model Training. We do not use your medication data, adherence logs, or visual-check images to train MedSpark's own artificial-intelligence models. Where a third-party model provider processes your data on our behalf (for example, to generate artwork or run the visual check), we either (i) select an enterprise or API tier that contractually prohibits training on your data by default, or (ii) if no such tier is available, disclose that provider in the subprocessor list at https://medspark.app/subprocessors together with its training posture so that you can make an informed choice. You may disable the visual-check and artwork-generation features at any time in settings without losing access to core reminder functionality.

4.9 No Sale of Personal Information; No Advertising. We do not "sell" your personal information for money. We do not "share" your personal information for cross-context behavioral advertising. We do not serve targeted advertising within the Service. For Brazilian Consumers: Art. 11(§4) of the LGPD expressly prohibits the communication or shared use of sensitive health data between controllers with the aim of obtaining economic advantage, except for the limited purposes set out in Art. 11(§5). We comply with this prohibition.

5. Consent — Special Rules for Sensitive Health Data

Because medication information, adherence logs, and visual-check images are considered sensitive health data under the LGPD (Art. 5(II), Art. 11) and are treated as consumer health data under U.S. state laws such as the Washington My Health My Data Act, we obtain your specific, informed, and highlighted consent before processing this data.

At account creation and before first use of the visual check, we present a distinct consent screen identifying: what data will be processed, for what purpose, with which categories of third parties it may be shared, the retention period, and your rights.

Your consent is freely given and you may withdraw it at any time by deleting the relevant data, disabling the feature, or deleting your account. Withdrawal does not affect the lawfulness of prior processing.

You are not required to consent to data processing beyond what is strictly necessary to deliver the core reminder functionality. Art. 9(§3) of the LGPD prohibits conditioning the provision of the Service on consent to processing that is not strictly necessary for its delivery.

6. How We Disclose Information

We disclose personal information only as follows:

6.1 Service Providers (Processors). We use carefully selected vendors to host, operate, and improve the Service. They process personal information only on our documented instructions, under confidentiality, and with appropriate security measures. Categories include:

Cloud hosting and storage: [to confirm with dev team — likely AWS, Google Cloud, or Microsoft Azure], region: [to confirm — likely US-East].

Authentication and account management: [to confirm with dev team].

Push notifications: Apple Push Notification service (Apple Inc.), Google Firebase Cloud Messaging (Google LLC).

Crash reporting and diagnostics: [to confirm with dev team — if any SDK is present].

Analytics: [to confirm with dev team — if any SDK is present].

AI art generation: OpenAI, L.L.C. (United States). Used via the OpenAI API under terms that, per OpenAI's API policies effective March 2023, prohibit use of your inputs or outputs to train OpenAI's models by default. We do not use ChatGPT consumer tiers for this feature.

Visual-check automation: [to confirm with dev team — may be OpenAI Vision API, another third-party CV provider, or an internal model].

Email and transactional messaging: [to confirm with dev team].

Customer support: Handled directly by MedSpark, Inc. via team@medspark.app at this time.

App-store billing and receipt validation: Apple Inc., Google LLC.

A current, more detailed list of subprocessors, including locations and safeguards, is available at https://medspark.app/subprocessors and may be updated from time to time.

6.2 Business Transfers. If MedSpark is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of the transaction, subject to customary confidentiality and to terms no less protective than this Policy. We will notify you of any change in control.

6.3 Legal and Safety. We may disclose personal information to comply with a valid subpoena, court order, or other legal process; to respond to a lawful request from a public authority; to enforce our Terms; to protect our rights, property, or safety, or those of our users or others; and to detect or prevent fraud, security, or technical issues.

6.4 With Your Direction. We disclose information to third parties when you instruct us to do so — for example, when you choose to share a piece of generated artwork.

6.5 Affiliates. We may disclose information to our corporate affiliates under this Policy for the purposes described here.

7. How the Visual Check Works

7.1 What the feature does. You take a photograph of your hand holding a small object. The image is transmitted over an encrypted connection to our processing environment, where an automated vision system evaluates whether the photograph appears to contain a pill-shaped object.

7.2 What we extract. Only a binary detection signal (pill-shaped object detected: yes / no / low confidence) and minimal metadata (timestamp, reference to the associated reminder event, and a confidence score for our internal quality monitoring) are written to your account record.

7.3 What we do NOT do. We do not run facial recognition. We do not extract palm prints, fingerprints, hand geometry, or any other biometric identifier. We do not attempt to identify the specific medication. We do not read imprints, markings, or pharmaceutical codes. We do not determine dosage. We do not confirm ingestion. See Section 5 of the Terms of Service for legal disclaimers about the limits of this feature.

7.4 Image retention. By default, visual-check images are deleted from our active systems within 24 hours of processing. A small, randomly sampled subset may be retained, in de-identified form where feasible, for up to 90 days for quality monitoring and safety review. You may opt out of this sampling in settings; opting out will not reduce the functionality you receive.

7.5 Biometrics disclaimer. To the extent any jurisdiction (such as Illinois under BIPA, Texas under CUBI, Washington, or New York City) classifies any aspect of image processing as biometric, we rely on your informed consent at the point you enable the feature, and we do not sell or profit from any such data.

8. International Data Transfers

Personal information you provide is stored and processed primarily in the United States, on cloud infrastructure operated by the vendors listed in Section 6.1.

8.1 Transfers from Brazil to the United States. If you are located in Brazil, your personal data will be transferred from Brazil to the United States (and potentially to other countries where our subprocessors operate, always disclosed in our subprocessor list). Such transfers are lawful under the LGPD on the basis of:

Art. 33(VIII) LGPD — your specific and highlighted consent to the international transfer, after being informed of the destination country and the fact that its data-protection framework differs from Brazil's. This consent is collected at onboarding on a dedicated screen before any transfer takes place;

Art. 33(V) LGPD — performance of a contract involving you, to the extent transfers are necessary to deliver the Service you requested; and

where applicable and once promulgated by the ANPD, standard contractual clauses ("cláusulas-padrão contratuais") in our agreements with subprocessors.

We have assessed the destination country's legal framework and implemented technical (encryption in transit and at rest), contractual (data processing agreements with confidentiality, security, and purpose-limitation terms), and organizational (access controls, staff training) safeguards to ensure that your data receives a level of protection consistent with the LGPD.

You may withdraw your consent to international transfers at any time by contacting team@medspark.app or by deleting your account. Withdrawal will result in termination of features that cannot be provided without transfer to the United States.

8.2 Transfers within the United States. If you are located in the United States, your data is processed primarily within the United States. Where a subprocessor operates from another country, that fact is disclosed in our subprocessor list.

9. Security

We take reasonable and appropriate technical and organizational measures to protect personal information, including: encryption in transit (TLS 1.2+) and at rest for sensitive data; strong authentication; role-based access control on the principle of least privilege; network segmentation; logging and monitoring; vulnerability management; secure software development practices; and staff training and confidentiality obligations.

No method of transmission or storage is completely secure. We cannot guarantee absolute security. You are responsible for keeping your credentials and devices secure.

If a security incident that materially compromises your personal information occurs, we will notify affected users and applicable regulators in accordance with applicable law, including the U.S. FTC Health Breach Notification Rule, the GDPR (which generally requires notice to a supervisory authority without undue delay and where feasible within 72 hours of becoming aware of the breach), the UK GDPR, Canadian PIPEDA, Brazil's LGPD (ANPD guidance generally requires notification of material incidents within two (2) business days), Québec Law 25, and applicable U.S. state breach-notification laws. Notification to affected users will be provided by email to the address on the account, by in-app notice, or by other means permitted by law, and will include the information required by the applicable law.

10. Data Retention

We retain personal information only for as long as needed for the purposes described in this Policy, or longer if required by law.

Account information: for as long as your account is active, and then deleted or anonymized within 90 days of account deletion, subject to legal holds.

Medication and adherence data: as above; you can delete individual items at any time.

Visual-check images: as described in Section 7.4.

Generated artwork: retained in your gallery until you delete it.

Support communications: up to 24 months.

Logs and security data: up to 12 months, except where a longer retention is needed for investigation.

Financial and tax records: as required by applicable law (often 7+ years).

Anonymized / aggregated data: indefinitely, as it is no longer personal information.

11. Your Privacy Rights

11.1 Rights Available to All Users. Subject to verification and applicable legal limitations, you may:

Access — request a copy of personal information we hold about you;

Correct — request that we correct inaccurate or incomplete information;

Delete — request that we delete personal information;

Port — receive a copy in a structured, commonly-used, machine-readable format;

Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing;

Object or restrict — object to processing based on legitimate interests or for direct marketing;

Non-discrimination — we will not retaliate or deny service because you exercised a right.

We will respond to verified requests within 15 days for Brazilian Consumers (as required by LGPD Art. 19) and within 45 days for U.S. users (extendable as law permits). If we need more time or cannot fulfill a request, we will explain why.

11.2 United States — State-Specific Rights.

California (CCPA/CPRA). You have the right to know, delete, correct, and limit the use of sensitive personal information; to opt out of sale and sharing (we do neither — see Section 4.9); and to non-discrimination. You may designate an authorized agent. In the 12 months before the last-updated date of this Policy, we collected the categories of information in Section 3 and disclosed them to the categories of recipients in Section 6 for the business purposes in Section 4.

Washington (My Health My Data Act), Nevada (SB 370), Connecticut (CTDPA), and similar state laws. You have the right to confirm whether we are processing consumer health data about you, to access it, to withdraw consent, to have it deleted, and to appeal a denial of your request. Consumer-health-data rights are honored in addition to any other rights under your state's general privacy statute.

Other states. We honor rights under the privacy laws of your state of residence to the extent they apply.

11.3 Brazil — LGPD Rights. If you are in Brazil, the LGPD grants you the rights in Art. 18, including: (i) confirmation that we process your data; (ii) access to the data; (iii) correction of incomplete, inaccurate, or outdated data; (iv) anonymization, blocking, or deletion of unnecessary or excessive data, or data processed in non-compliance with the LGPD; (v) portability to another service provider, subject to ANPD regulation; (vi) deletion of personal data processed on the basis of consent; (vii) information about public and private entities with which we have shared your data; (viii) information on the possibility of refusing consent and the consequences of refusal; and (ix) revocation of consent. You also have the right under Art. 20 to request review of decisions made solely on the basis of automated processing. You may file a complaint with the Autoridade Nacional de Proteção de Dados ("ANPD") at https://www.gov.br/anpd or through the Consumidor.gov.br platform.

Sensitive Health Data. Medication entries, adherence logs, and visual-check images are "dados pessoais sensíveis" (sensitive personal data) under LGPD Art. 5(II). We process such data only on the basis of your specific and highlighted consent under Art. 11(I) LGPD, obtained at the onboarding health-data consent screen, revocable at any time in settings. Revocation does not affect the lawfulness of processing before revocation and may terminate features that depend on that processing.

Communication Channel for Data Subjects. Because MedSpark qualifies as a small processing agent under ANPD Resolution CD/ANPD No. 2/2022, we are not required to appoint a formal Encarregado (DPO). We maintain a dedicated Portuguese-language data-subject channel at team@medspark.app. Requests submitted in Portuguese will be answered in Portuguese.

11.4 How to Exercise Your Rights. Submit a request to team@medspark.app (English) or team@medspark.app (Portuguese), or through the in-app "Privacy" screen. We may ask you to verify your identity before responding. If we cannot honor a request, we will explain why and identify any appeal path available to you.

12. Children

The Service is intended for users who are at least eighteen (18) years old.

United States. We do not knowingly collect personal information from children under 13 in accordance with the Children's Online Privacy Protection Act ("COPPA").

Brazil. We do not knowingly collect personal information from children or adolescents under 18 in accordance with the LGPD, the Estatuto da Criança e do Adolescente (Law No. 8,069/1990), and the Digital Child and Adolescent Statute (Law No. 15,211/2025). Where LGPD permits processing of minors' data (ANPD Statement No. 1/2023), it requires the "best interests" assessment and, where consent is the basis, specific and distinct consent from a parent or legal guardian.

If we learn that we have collected personal information from a child under the applicable age, we will delete that information from our systems within thirty (30) days of confirmed discovery, terminate the related account, and refund any purchases associated with that account through the applicable Store. Parents and guardians who believe a child has provided us with personal information may contact us at team@medspark.app (English) or team@medspark.app (Portuguese), and we will respond promptly.

13. "Do Not Sell or Share," Opt-Out Preference Signals, and Tracking

We do not sell personal information for money or share it for cross-context behavioral advertising. If we ever introduce practices that would constitute a "sale" or "sharing" under applicable law, we will update this Policy and offer the required opt-out mechanisms, and we will honor Global Privacy Control (GPC) signals on our website.

The Service does not use the Apple Identifier for Advertising (IDFA) for cross-app tracking. Where ever an App Tracking Transparency prompt would be required, we will present one and honor your choice.

14. Regional Notices

14.1 Apple App Store "Nutrition Label" Summary. The data types we collect, linked to you, include: Contact Info (name, email), Health & Fitness (medication entries, adherence), User Content (photos submitted for visual check, generated artwork, support messages), Identifiers (user ID), Usage Data, and Diagnostics. The categories disclosed to our processors are shown in our App Store listing in accordance with Apple's App Privacy guidelines.

14.2 Google Play Data Safety Summary. Equivalent disclosures are made in our Google Play Data Safety section and reflect the practices in this Policy.

14.3 Your Choices About Notifications and Permissions. You can enable or disable push notifications, camera access, and analytics through your device and app settings. Disabling camera access will prevent use of the visual-check feature; disabling notifications will prevent delivery of reminders.

15. Changes to This Policy

We may update this Policy. We will post the updated Policy with a new "Last Updated" date. Material changes will be notified through the Service or by email at least thirty (30) days in advance, except where shorter notice is required by law or security.

16. Contact Us

Questions, requests, or complaints? Contact:

Privacy Team (English): team@medspark.app

Brazilian Data Subject Channel (Portuguese): team@medspark.app

Postal: MedSpark, Inc., 257 Highland Ave Apt 2, Somerville, MA 02143

Regulators. If we have not resolved your concern, you may contact:

United States: the U.S. Federal Trade Commission at https://reportfraud.ftc.gov, or your state attorney general's office.

Brazil: the Autoridade Nacional de Proteção de Dados ("ANPD") at https://www.gov.br/anpd, or the Consumidor.gov.br platform at https://www.consumidor.gov.br.

MedSpark™ is a trademark of MedSpark, Inc. All rights reserved.

team@medspark.app