Privacy isn't a feature. It's the architecture.
Your medical documents are stored encrypted on your phone. When AI is used, it receives only anonymized health context. Identifiers are stripped on-device.
What stays on-device vs what is sent
What stays on your device
- Uploaded PDFs and documents
- Extracted personal health timeline (labs/meds/notes)
- Your identity and account info (stored separately from health context)
What may be sent for AI responses
- An anonymized health summary relevant to your question (no name, DOB, MRN, address, email, phone)
What we avoid
- Direct connections to medical record aggregators / provider pipes (you upload PDFs instead)
Support access: By default, our team cannot see your uploaded documents. If you contact support, we'll guide you using app diagnostics that don't include your document contents.
Our Solution: On-Device Privacy
Privacy isn't a feature. It's the architecture
Documents encrypted on-device
Your uploaded PDFs and documents are stored in your device's encrypted storage. We don't store them on our servers.
Identity firewall
To generate answers, we send only anonymized health context (identifiers stripped on-device) to AI services.
Delete App = Delete Everything
Delete content in-app. Delete the app. Your vault is gone. No cloud backups to worry about.
Zero Data Monetization
We make money from subscriptions, not selling data. Your health data has zero commercial value to us.
Privacy Comparison
See how DocGPT compares on data privacy
| Feature | ChatGPT | WebMD | Telehealth Apps | DocGPT |
|---|---|---|---|---|
| Data stored on your device only | ||||
| Knows your health history | limited | |||
| Anonymizes before sending to AI | ||||
| Delete app = delete all data | ||||
| No cloud storage of health data | ||||
| No data monetization | varies |
Privacy FAQ
Your Health Data Stays Yours
Experience AI health guidance where privacy isn't a promise. It's the architecture.
Get Early Access