MediDay
Last updated: March 27, 2026

Privacy Policy — MediDay

Effective date: March 25, 2026

Last updated: March 27, 2026

This Privacy Policy explains how Hamdi Kartal ("we", "us", or "our") collects, uses, stores, shares, and protects personal information in connection with the MediDay mobile application for iOS ("MediDay" or the "App").

MediDay is a medication reminder and tracking assistant designed to help users create medication plans, receive reminders, track doses, share information with family caregivers, and generate reports. MediDay is not a medical diagnosis or treatment service.

By using the App, you agree to the collection and use of information as described in this Privacy Policy.

1. Information We Collect

We collect information you provide directly and certain information collected automatically from your device and your use of the App.

Personal Data

- Name

- Email address

- Account username and profile information

- Family or caregiver relationships you create within the App, including names and email addresses where applicable

Health and Fitness Data

- Medication schedules

- Dose times and adherence logs, including taken or missed doses

- Medication names, dosages, and frequencies

- Medication photos you upload

- Notes you add about symptoms, side effects, or treatment

- Reports you generate, including PDF medication history reports

Photos and Media Files

- Photos you upload for medications or profile images

Device and Technical Data

- Device model

- Operating system and version

- Device identifiers

- Locale and language

- Battery level

- Push notification token

- IP address for security and diagnostics

Usage Analytics and App Behavior

- App usage data, including features used and timestamps

- Crash logs

- Performance data

- Analytics telemetry

We distinguish personal data from health-related data and treat health-related data as sensitive information.

2. How We Use Your Information

We use your information to:

- provide and operate the App’s features, including medication plans, reminders, dose tracking, and reports;

- register and manage your account and authentication;

- send transactional communications such as reminders, confirmations, and important notices;

- support family and caregiver sharing features you authorize;

- improve and personalize the App, including analytics, performance monitoring, and feature development;

- detect, prevent, and respond to fraud, abuse, security incidents, and compliance issues;

- comply with legal obligations and enforce our Terms of Use;

- send marketing or promotional communications only where you have expressly consented, and you may opt out at any time;

- process in-app purchases and subscription status, with billing handled by Apple.

We do not sell personal data.

3. Third-Party Services and Sharing

We use certain third-party services to operate and improve the App. Where required, we choose providers that implement appropriate security measures. These services may process account, device, analytics, subscription, and entitlement data on our behalf within the scope needed to run the App.

Analytics

- Firebase Analytics (Google): https://firebase.google.com/support/privacy

Cloud and Backend

- Firebase (Google): https://firebase.google.com/support/privacy

- Supabase: https://supabase.com/privacy

Authentication

- Google Sign-In: https://developers.google.com/identity/privacy

- Sign in with Apple: https://www.apple.com/privacy/

Advertising

- AdMob (Google): https://policies.google.com/technologies/ads

We display non-personalized ads via AdMob. We do not share health data with advertisers. AdMob may use non-identifying device data and contextual information to serve ads.

Payments

- Apple In-App Purchase / App Store billing: https://www.apple.com/legal/privacy/

All payments, subscriptions, billing, refunds, and cancellations are handled by Apple through your Apple ID and App Store account.

When we share data with service providers, they are authorized to use your information only as necessary to provide services on our behalf and in accordance with our instructions.

4. Third-Party Dataset Attribution

MediDay uses a third-party Türkiye medication dataset sourced from the following public repository:

Source: https://github.com/Tip-Atlasi-Projesi/ilaclardb

License: Creative Commons Attribution 4.0 International (CC BY 4.0)

License URL: https://creativecommons.org/licenses/by/4.0/

According to the dataset provider, this dataset is suitable for medication research, health technology application development, medication classification analysis, and educational or academic use.

Dataset content may be updated by the provider, and its accuracy or completeness is not guaranteed. For medical decisions, users should rely on official health authorities and licensed healthcare professionals.

5. On-Device Machine Learning and AI Features

MediDay may use device-based machine learning to assist with medication photo recognition. Image processing for recognition is performed on-device by default.

We do not use external AI or large language model services to make medical decisions about you. We do not use third-party AI services to process your health data unless you explicitly opt in to a specific feature that requires such processing and provide consent at that time.

6. Data Retention

We retain data only as long as necessary for the purposes described in this Privacy Policy.

- Account data and user-provided content, including medication schedules, photos, and logs, are generally retained until you delete your account, or for a reasonable period afterward where necessary to comply with legal obligations, resolve disputes, or prevent abuse.

- Usage analytics and diagnostics are typically retained for up to 26 months, and may be aggregated where possible.

- Backups and logs are retained as necessary for security, fraud prevention, and service integrity.

If you request account deletion, we will disable your account and delete your data within a commercially reasonable period, except where retention is required by law or necessary to protect against fraud, abuse, or legal claims.

7. Security

We apply technical and organizational safeguards to protect information, including:

- TLS/HTTPS for data in transit;

- encryption at rest for sensitive data where supported by our providers;

- access controls and least-privilege access;

- use of reputable cloud providers such as Firebase and Supabase;

- monitoring and security review processes.

No system can be guaranteed completely secure. If you believe there is a security issue, please contact us immediately.

8. Children’s Privacy

MediDay is not intended for children under 13. We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe that a child under 13 has provided personal data to us, please contact us. If we learn that we have collected personal data from a child under 13 without the required consent, we will delete that information.

9. Rights and Choices

Depending on your location, you may have rights regarding your personal data. These may include:

- the right to access your personal data;

- the right to correct inaccurate or incomplete data;

- the right to request deletion of personal data, subject to legal exceptions;

- the right to receive a portable copy of data you provided;

- the right to restrict or object to certain processing;

- the right to withdraw consent where processing is based on consent.

If you are a California resident, you may also have rights under CCPA/CPRA. We do not sell your personal information.

To make a privacy request, contact us at:

mediday@redonion.com.tr

We may need to verify your identity before responding. We will respond within the timeframe required by applicable law.

10. Advertising and User Tracking

We display non-personalized ads through AdMob.

We do not provide advertisers with your health data.

Advertising identifiers and certain device-level data may be used by AdMob subject to Google’s own privacy practices.

You can limit ad personalization through your device settings where available.

We do not engage in cross-context behavioral advertising using health data.

11. In-App Purchases and Subscriptions

MediDay offers optional subscription plans and in-app purchases.

Where offered, subscriptions may include a free trial. Subscriptions automatically renew unless canceled before renewal in accordance with Apple’s billing rules.

Billing and payment processing are handled by Apple. We do not collect your credit card number. We may receive subscription status, entitlement, transaction, trial, renewal, cancellation, expiration, and family-plan eligibility metadata from Apple and from our subscription infrastructure providers (such as RevenueCat) to determine feature access and manage purchases.

Subscription management, cancellation, and refund requests are handled through your Apple ID and App Store account. If a family subscription plan is offered, we may process invitation status, seat assignment, and related entitlement data to enable or revoke shared access.

Manage or cancel subscriptions:

https://support.apple.com/en-us/HT202039

Apple privacy information:

https://www.apple.com/legal/privacy/

12. International Data Transfers

Your data may be stored or processed in countries other than your country of residence, including through cloud providers that operate internationally.

Where required, we rely on appropriate safeguards such as contractual protections and service provider privacy commitments.

13. Special Notice for Health Data

Because MediDay processes health and medication-related information, we treat such data as sensitive.

We:

- do not sell health data;

- limit access to health data to people and providers who need it to operate the App;

- apply additional safeguards where appropriate to protect sensitive data.

MediDay is not a healthcare provider and does not provide medical advice, diagnosis, or treatment. Do not rely on the App as a substitute for professional medical care.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

When we make material changes, we will update the effective date or last updated date and, where required, notify you through the App or by email.

Continued use of the App after changes become effective constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions, concerns, or wish to exercise your rights, contact:

Email: mediday@redonion.com.tr

If you are located in a jurisdiction that provides the right to complain to a data protection or supervisory authority, you may also contact the relevant authority.

16. Miscellaneous

Third-party links:

The App may include links to third-party websites or services. We are not responsible for their privacy practices.

Legal requests:

We may disclose information where required to comply with applicable law, lawful requests by public authorities, or to protect rights, safety, security, and the integrity of the App.

Links

Privacy Policy: https://mediday.redonion.com.tr/privacy-policy

Terms of Use: https://mediday.redonion.com.tr/terms-of-use

EULA: https://mediday.redonion.com.tr/eula

Medical Disclaimer: https://mediday.redonion.com.tr/disclaimer

WEB: https://mediday.redonion.com.tr

← Back to MediDay
MediDay - Akıllı İlaç Yönetimi | Forvibe