Privacy Policy

Effective date: October 10, 2025 · Last updated: May 20, 2026

Tefteri ("we", "our", or "us") provides a digital companion that helps you remember medical appointments, track visits, and manage health-related reminders (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the App. Please read it carefully. If you do not agree with the terms of this Privacy Policy, you should not use the App.

1. Information We Collect

We only collect the information that is necessary to provide and improve the App.

1.1 Account Information

• Email address, Google account identifier, and basic Google profile information. Collected when you sign in with your Google account via Firebase Authentication and Google Sign-In. Basic profile information may include your display name and profile photo if provided by Google.
• Authentication session data. Managed by Firebase and persisted locally through AsyncStorage so you can stay signed in between app launches.

1.2 Health and Wellness Notes

• Visits and reminders. User-generated entries such as doctor names, appointment descriptions, contact/details text, due dates, and reminder settings stored as timestamps or structured fields.
• Doctor templates. Optional tags or pre-defined doctor categories you choose for organizing your notebook.

1.3 Device and Usage Data

• App activity. Basic interaction events required to keep your reminders and visits in sync (e.g., when you create, update, or delete an entry). We do not log detailed analytics or behavioral profiling.
• Device metadata. Limited technical information (such as device model and operating system) may be automatically provided to Firebase to ensure compatibility, security, and debugging. We do not collect precise location data.

We do not intentionally collect biometric identifiers, financial information, or contact lists.

2. How We Use Information

We use the collected information to:

• Authenticate you and keep your session active.
• Store, sync, and display your visits, reminders, and doctor categories across devices.
• Schedule local device reminders when you allow notifications.
• Maintain the security, stability, and integrity of the App and its backend services.
• Respond to your support requests and comply with legal obligations.

3. Legal Bases for Processing (EEA/UK/Switzerland)

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Performance of a contract: To provide and maintain the App and its features.
• Legitimate interests: To secure our services, prevent misuse, and respond to your inquiries.
• Consent: For optional features such as local device notifications or storing sensitive health-related notes. You may withdraw consent at any time through device settings or by contacting us.

4. How We Share Information

We do not sell your personal information. We may share information in these limited circumstances:

• Service providers: Firebase (Authentication and Firestore database) processes data on our behalf under strict confidentiality and security commitments. We may use Expo or React Native tooling providers that process minimal technical data.
• Legal compliance: We may disclose data if required by law, regulation, or legal process, or to protect the rights, property, or safety of Tefteri, our users, or others.
• Business transactions: If we undergo a merger, acquisition, or asset sale, your information may be transferred, subject to this Privacy Policy.

We do not share personal data with advertisers or data brokers.

5. International Data Transfers

Firebase may process and store data in regions where Google or its subprocessors operate, including the European Union and the United States. When data is transferred outside your jurisdiction, we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

6. Data Retention

• We retain account data for as long as your account is active.
• Visit, reminder, and category entries remain until you delete them from the App or delete your account.
• If you request deletion of your account, we will delete or anonymize your personal information within 30 days, unless we must retain it for legal obligations.

You can delete your account in the App or use the Account Deletion page if you cannot access the App.

7. Your Rights

Depending on your jurisdiction, you may have rights to:

• Access the information we hold about you.
• Correct inaccurate or incomplete data.
• Request deletion of your data.
• Restrict or object to certain processing.
• Receive a copy of your data in a portable format.
• Withdraw consent where processing is based on consent.

See the accompanying GDPR Compliance Notice for more details on exercising these rights if you are located in the EEA, UK, or Switzerland. You can also contact us using the details below.

8. Security Measures

We implement technical and organizational measures designed to protect your data, including:

• Encrypted connections (HTTPS) between the App and Firebase services.
• Firebase security rules restricting access to each user's data based on authentication.
• Firebase-managed authentication with local session persistence through AsyncStorage.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Please keep your login credentials confidential.

9. Children's Privacy

The App is intended for individuals aged 16 and older. We do not knowingly collect information from children under 16. If you believe a child has provided personal information, please contact us so we can delete it.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will post the updated policy in the App and update the "Last updated" date. Significant changes may also be communicated via email or in-app notice.

11. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact:

Tefteri Privacy Team
Email: privacy@pavlossta.com