Privacy Policy

Last Updated: January 5, 2026

1. Introduction

DocGPT ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account information (email address)
  • Health-related questions and conversations
  • Lab reports and medical documents you upload
  • Health profile information you choose to share

2.2 Automatically Collected Information

  • Device information (type, operating system)
  • App usage analytics (anonymized)
  • Crash reports and performance data

3. How We Protect Your Privacy

Automatic Anonymization: Before any health question reaches AI servers, we automatically scrub all personally identifiable information (PII) and protected health information (PHI). This includes names, addresses, Social Security numbers, dates of birth, medical record numbers, and other identifiers.

Identity-Health Separation: Your identity and your health questions are completely separated in our architecture. AI servers cannot connect your health data to your personal identity.

On-Device Storage: Lab reports and medical documents you upload are stored in your device's encrypted storage, not on our cloud servers.

Encryption: All data transmission uses industry-standard TLS encryption. Data at rest is encrypted using AES-256 encryption.

4. How We Use Your Information

We use anonymized information to:

  • Provide personalized health guidance through AI
  • Improve the accuracy and relevance of our responses
  • Train and fine-tune our AI models using anonymized health patterns and outcomes
  • Develop new features and services
  • Analyze aggregated, anonymized usage patterns
  • Ensure the security and integrity of our Service

Important: When we use data for model training and improvement, your identity has already been removed. We train on anonymized health patterns (e.g., "users with condition X who tried Y saw Z improvement"), not on identifiable conversations or personal information.

5. Information Sharing

We do not sell your personal information. We may share anonymized, aggregated data with:

  • AI service providers (only anonymized health queries, never PII)
  • Analytics providers (only anonymized usage data)
  • Legal authorities when required by law

6. Data Retention and Deletion

You can delete your account and all associated data at any time through the app settings. When you delete your account:

  • All your data is permanently deleted immediately
  • No backups are retained
  • There is no recovery period or "30-day hold"
  • Deletion is irreversible

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request access to your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data
  • Portability: Request a copy of your data
  • Objection: Object to certain processing activities

To exercise these rights, contact us at privacy@docgpt.health.

8. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Email: privacy@docgpt.health

For more details about our security practices, visit our Security page.