Privacy Policy

We collect only the information you choose to enter into the application. This may include:

• Medication and supplement names, dosages, and schedules
• Health-related information such as the purpose of medications and any warnings or notes you enter
• Patient profile information — name, date of birth, primary physician, pharmacy, emergency contact, and known allergies
• Account information (email address) used to access the application
• Basic server-side request logs (IP address, timestamp, URL) retained for security purposes only

We do not collect Social Security numbers, insurance information, or financial account details.

Unlike many health platforms, we do not automatically pull data from medical records, wearable devices, pharmacy systems, insurance providers, or any other external source. Every single piece of health information stored in this application was typed or entered by you.

• We do not scan, access, or infer health data from any source other than what you type
• We do not collect biometric data, location data, device health data, or sensor data
• We do not create health profiles or make inferences about your medical condition
• You have complete control over what is stored — if you don't enter it, we don't have it
• You can delete any entry at any time directly within the application

This application uses a minimal number of standard web cookies strictly necessary for the app to function properly. These include:

• Session cookies — keep you logged in during your visit and expire when you close your browser
• Authentication cookies — securely maintain your logged-in session across visits

We do not use:

• Advertising or marketing cookies
• Cross-site tracking technologies
• Third-party analytics platforms that profile your behavior (such as Google Analytics or Meta Pixel)
• Fingerprinting or device identification tools

You can manage or disable cookies at any time through your browser settings. Note that disabling authentication cookies will prevent you from staying logged in.

We use the information you provide solely to:

• Display your medication list within the app
• Generate printable medication lists for your personal use or to share with healthcare providers
• Send medication list emails when you explicitly request them
• Maintain your account and process your subscription payment
• Respond to your support requests or questions

We do not sell, rent, trade, or share your personal health information with any third party for marketing or commercial purposes.

Your data is stored in a secure, cloud-hosted database with encryption in transit (TLS) and at rest. We implement reasonable technical and organizational safeguards to protect your information from unauthorized access, disclosure, alteration, or destruction. Access to user data is restricted by database-level row security policies — each user can only access their own records.

However, no method of data transmission or storage is 100% secure. We cannot guarantee absolute security of your information and encourage you not to enter more sensitive health detail than is necessary for your tracking purposes.

This application is a personal tracking tool and is not a covered entity or business associate under the Health Insurance Portability and Accountability Act (HIPAA). As such, HIPAA does not directly govern this application.

However, we take the privacy of health-related information seriously and voluntarily adopt responsible data handling practices consistent with the spirit of HIPAA and the FTC Health Breach Notification Rule, which does apply to consumer health apps.

In the event of a breach of unsecured personal health information, we will notify affected users in accordance with the FTC Health Breach Notification Rule. Notification will be provided promptly and no later than 60 days after discovery of the breach, via email to your registered address or prominent notice within the application.

As a Texas resident, you have the following rights regarding your personal information under Texas law:

• Right to Know — you may request information about what personal data we hold about you
• Right to Delete — you may request deletion of your personal information, subject to certain exceptions
• Right to Correct — you may request correction of inaccurate personal information we hold
• Right to Opt Out — you have the right to opt out of the sale of your personal information. We do not sell your personal information.
• Right to Non-Discrimination — we will not discriminate against you for exercising any of these rights

To exercise any of these rights, contact us at BSHC.support@gmail.com.

We retain your personal information for as long as your account is active or as needed to provide you with the services of this application. If you request deletion of your account and data, we will remove your information within 30 days, except where retention is required by law (for example, billing records required for tax purposes may be retained for up to 7 years).

We use a limited number of third-party services to operate this application. Each receives only the minimum data necessary to perform their function:

• Supabase — secure cloud database and authentication hosting. Stores your account credentials and medication data.
• Stripe — payment processing. Handles subscription billing. Stripe does not receive your health or medication data.
• Resend — transactional email delivery. Used to send account confirmation, password reset, and medication list emails you explicitly request. Receives your email address only.
• Vercel — application hosting and content delivery. Processes web requests to serve the application.

These providers are contractually obligated to protect your information and are not permitted to use it for their own marketing or commercial purposes.

This application is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it promptly.

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. For material changes, we will notify you by email or by a notice within the application before the change takes effect. Continued use of the application after changes are posted constitutes your acceptance of the updated policy.

If you have questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at: