Privacy Policy

Last updated: May 2026

1. What we collect

When you create an account, we collect your email address and a securely hashed password. As you use Pill Pocket, we store medication names, schedules, intake logs, health readings (blood pressure, blood glucose, weight), appointment details, and chat messages sent to the AI assistant.

2. Lawful basis

We process your data under your consent (Article 6 of UK GDPR). Health data is processed under explicit consent (Article 9). You may withdraw consent at any time by deleting your account.

3. Third-party processors

We use the following third-party services to operate Pill Pocket:

  • OpenAI / Azure AI — medication label scanning and AI chat features
  • Pharos API — drug lookup, dose verification, and interaction checking
  • Sentry — error monitoring and performance tracking
  • Resend — transactional email delivery (password reset, notifications)
  • PostgreSQL (Hetzner Cloud) — primary data storage

4. Data retention

We retain your data for as long as your account is active. Upon account deletion, all personal data and health records are permanently deleted within 30 days.

5. Your rights

Under UK GDPR, you have the right to access, rectify, erase, restrict, and port your data. You can access and export your data from within the app. To request deletion, use the "Delete account" option in settings or contact us.

6. Contact

For privacy inquiries, contact: privacy@pillpocket.aymane.co.uk