Privacy Policy

DN CONSULTING SOFTWARE DEVELOPMENT COMPANY Privacy Policy

1. Who We Are

DN CONSULTING SOFTWARE DEVELOPMENT COMPANY (“App”, “we”, “our”, or “us”) is a mobile application that helps you store, track, and share your health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our mobile application, website, or interact with us in any other way.

2. Scope

This Policy applies to data processed through the application, our website, customer‑support channels, and any related services. It does not apply to third‑party products or services that we do not own or control.

3. What We Collect

  • Account Data: Name, email, password, phone number (Purpose: Create and secure your account)
  • Health Data (“Special Category Data”): Lab results, medication lists, allergies, physician notes, vitals, images (Purpose: Provide core health‑management features)
  • Device & Usage Data: IP address, device IDs, crash logs, app interactions, cookies (Purpose: Improve performance, prevent fraud, analytics)
  • Payment Data: Cardholder name, last 4 digits, billing ZIP/postal code (Purpose: Process transactions, detect fraud)
  • Communications: Support tickets, survey responses, in‑app messages (Purpose: Customer service, product feedback)

HIPAA Notice: DN CONSULTING SOFTWARE DEVELOPMENT COMPANY is not a “covered entity” or “business associate” under U.S. HIPAA. However, we treat your health data with the heightened protections HIPAA requires and can execute a Business Associate Agreement (BAA) with qualified enterprise customers upon request.

4. How We Use Your Data

  • Deliver, personalize, and maintain the App
  • Sync data with connected devices or partner services at your request
  • Send transactional notices (e.g., password resets, feature updates)
  • Provide customer support and troubleshoot issues
  • Research and develop new features and machine‑learning models (using aggregated, de‑identified data wherever possible)
  • Comply with legal obligations (e.g., tax, accounting, law‑enforcement requests)
  • Detect, prevent, and respond to security incidents or fraudulent activity
  • Market optional premium features or new products (with opt‑out)

5. Legal Bases (GDPR/UK GDPR)

We rely on one or more of the following bases:

  • Consent (Art. 6(1)(a)): for processing special‑category health data or sending marketing emails.
  • Contract (Art. 6(1)(b)): to provide the services you request.
  • Legal Obligation (Art. 6(1)(c)): where required by applicable law.
  • Legitimate Interests (Art. 6(1)(f)): to improve the App, secure our services, and prevent fraud, balanced against your privacy rights.

6. Sharing & Disclosure

We do not sell or rent your personal data. We share information only:

  • Service Providers: Cloud hosting, analytics, payment processors, encrypted backup vendors (bound by confidentiality and data‑protection agreements)
  • Healthcare Professionals: When you explicitly share records with a physician or caregiver
  • Legal / Regulatory Authorities: If required to comply with subpoenas, court orders, or similar legal processes
  • Corporate Transactions: In connection with a merger, acquisition, or asset sale (with notice to you)
  • With Your Consent: Any other sharing you initiate inside the App

7. Data Retention

We keep personal data only as long as needed to fulfill the purposes above, unless a longer retention period is required by law or you request deletion (see § 9).

8. Security

  • End‑to‑end encryption for health records in transit and at rest
  • Zero‑knowledge architecture for stored health data (we cannot read it)
  • Multi‑factor authentication (optional)
  • Regular penetration tests and third‑party security audits

No system is 100% secure, but we follow industry best practices (ISO 27001, NIST 800‑53) to minimize risks.

9. Your Rights & Choices

Global Rights

  • Access or download a copy of your data
  • Correct inaccurate information
  • Delete your account and associated data (irreversible)
  • Object to or restrict certain processing
  • Withdraw consent at any time (does not affect prior lawful processing)

California Residents (CCPA/CPRA): You have additional rights to know, delete, and correct personal data, and to opt out of “sharing” for cross‑context behavioral advertising. We do not “sell” personal data as defined by CCPA.

EU/UK Residents: You may lodge a complaint with your local Data Protection Authority.

To exercise any of the above, email admin@aptify.me or use in‑app settings. We will respond within 30 days (or 45 days for CCPA requests).

10. International Transfers

We store data on servers located in the United States. Where EU/UK data is transferred outside the EEA/UK, we rely on approved transfer mechanisms such as the EU Standard Contractual Clauses (SCCs) or the UK IDTA.

11. Children’s Privacy

The App is not directed to children under 13 and we do not knowingly collect data from them. If we learn that we have personal data for a child under 13, we will delete it promptly.

12. Third‑Party Links & SDKs

The App may contain links or integrations (e.g., Apple HealthKit, Google Fit). Your interactions with those services are governed by their own privacy policies. We are not responsible for third‑party practices.

13. Changes to This Policy

We may update this Policy to reflect changes in law or our practices. When we do, we will revise the “Last updated” date and notify you by app alert, email, or other prominent means. Material changes take effect 30 days after notice (or sooner if required by law).

14. Facial and Body Image Data

We may collect facial and body image data when you upload or capture a photo within the app. These images are analyzed using machine learning models to generate health scores, identify visible skin or body health indicators, and create a personalized health improvement plan. We do not collect biometric identifiers, nor do we use facial recognition or facial authentication technologies.

15. Use of Face and Body Data

Collected image data is used exclusively for health-related analysis and generating personalized recommendations. The data is not used for user identification, marketing, or shared with third parties.

16. Storage and Retention

Images are processed securely and deleted immediately after use unless you choose to store them for progress tracking. Stored images are encrypted and retained for up to 12 months or until you request deletion.

17. Your Choices

You may opt out of image storage at any time via the app settings, and you may request permanent deletion of your data.

18. Contact Us

If you have questions or concerns, please reach out:

Email: admin@aptify.me
Mail: DN CONSULTING SOFTWARE DEVELOPMENT COMPANY Legal
БЪЛГАРИЯ, гр. София (1000), р-н Лозенец, жк. Градина, бул. Симеоновско шосе, 110, бл. 34, ап. 2
Data Protection Officer (EU/UK): admin@aptify.me

← Back to Home