Vitalink Privacy Policy
Effective Date: April 20, 2026 Version: 1.0
At Vitalink, your health data is deeply personal. This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have. We are committed to being transparent about our practices, especially given the sensitive nature of health information.
1. Who We Are
Vitalink is an AI-powered personal health management application. References to "we," "us," or "our" in this Privacy Policy refer to the operators of Vitalink. References to "you" or "your" refer to users of the application.
This Policy applies to the Vitalink mobile application (iOS and Android), its backend services, and any associated features.
2. Information We Collect
2.1 Information You Provide Directly
When you use Vitalink, you may provide the following categories of personal and health information:
- Account information: name, email address, and authentication credentials
- Health data: medications (names, dosages, schedules), vitals (blood pressure, blood sugar, heart rate, etc.), and medical notes
- Appointments: doctor names, specialties, dates, times, locations, and visit notes
- Uploaded documents: prescriptions, lab reports, and other medical records (PDFs and images)
- Caregiver access: labels and role assignments for individuals you grant access to
- User preferences: notification settings, theme preferences, and dashboard configurations
2.2 Information Generated by the Service
The following information is generated automatically as you use the Service:
- Medication adherence logs (taken vs. missed doses, timestamps)
- AI-extracted report results: parameters, values, units, and reference ranges parsed from uploaded documents
- AI credit usage and rate-limit window data
- Authentication session tokens and account linking records
2.3 Information We Do Not Collect
Vitalink does not collect:
- Payment or financial information
- Biometric data from device sensors
- Location data
- Contacts or address book data
- Device advertising identifiers
3. Summary of Data Collected and Storage
| Data Category | Examples | Storage Location |
|---|---|---|
| Account & Auth | Email, name, sessions, OAuth links | Convex (US) |
| Medications | Name, dosage, schedule, reminders | Convex (US) |
| Vitals | BP, blood sugar, heart rate, notes | Convex (US) |
| Medical Documents | PDFs, images (lab reports, prescriptions) | Cloudflare R2 (US) |
| Report Results | Parsed parameters, values, reference ranges | Convex (US) |
| Appointments | Doctor, date, location, notes | Convex (US) |
| AI Analysis | Document content sent during analysis | OpenRouter → Google Gemini (Zero Retention) |
| Caregiver Grants | Tokens, roles, access status | Convex (US) |
| Preferences | Theme, notifications, quiet hours | Convex (US) |
| AI Credits | Monthly credit usage, rate windows | Convex (US) |
4. How We Use Your Information
We use the information we collect to:
- Authenticate you and maintain secure sessions
- Store, display, and organize your health data within the application
- Send medication reminders and health-related notifications (with your consent)
- Process uploaded documents through AI for structured data extraction
- Manage caregiver access grants and enforce role-based permissions
- Enforce monthly AI credit limits and rate limits
- Detect and prevent fraud, abuse, and unauthorized access
- Respond to your support requests
- Improve and maintain the reliability of the Service
We do not use your health data to train AI models, sell to advertisers, or share with third parties for their own marketing purposes.
5. How We Share Your Information
5.1 Service Providers
We share your data with trusted third-party providers only to the extent necessary to deliver the Service. These providers are bound by data processing obligations:
Convex, Inc. — Database and Real-Time Backend
All user application data is stored in Convex's serverless database hosted on servers in the United States.
- Privacy Policy: https://www.convex.dev/privacy
Cloudflare, Inc. — Document Storage (R2)
Uploaded files are stored in Cloudflare R2. Files are accessed through short-lived presigned URLs.
- Privacy Policy: https://www.cloudflare.com/privacypolicy/
OpenRouter — AI Gateway (Zero Data Retention)
⚠️ Zero Data Retention: AI analysis requests are routed via OpenRouter. Vitalink operates under OpenRouter's Zero Data Retention policy — your document data is not retained, logged, or used for training by OpenRouter beyond the immediate API transaction required to generate the response.
- Privacy Policy: https://openrouter.ai/privacy
Google (Gemini via Vertex AI) — AI Model
⚠️ Document analysis is powered by Google Gemini models. Because requests flow through OpenRouter under zero-data-retention terms, data is not associated with your Vitalink account at Google.
Applicable policies:
- Google Cloud Terms of Service: https://cloud.google.com/terms
- Vertex AI Privacy Notice: https://cloud.google.com/vertex-ai/docs/general/usage-privacy
- Google API Services User Data Policy: https://developers.google.com/terms/api-services-user-data-policy
Better Auth — Authentication Framework
User authentication and session management are handled by Better Auth. All session and account data is stored within Convex under the same data isolation boundary as your health data.
- Website: https://www.better-auth.com
5.2 Caregivers You Authorize
If you use the Family & Caregiver Access feature, the following information is accessible to individuals you explicitly authorize:
- Your health data (medications, vitals, appointments, documents) — scoped by the role you assign ("Read-Only" or "Full Access")
- Your display name or username
You remain in full control of who has access. You may revoke access at any time; revocation takes effect immediately. We are not responsible for how authorized caregivers use the data you share with them.
5.3 Legal Disclosure
We may disclose your information if required by law, court order, or government authority, or to protect the safety, rights, or property of Vitalink, our users, or the public.
5.4 No Sale of Data
We do not sell, rent, or trade your personal or health information to any third party for their commercial purposes.
6. Data Location and Cross-Border Transfers
🔴 IMPORTANT: By using Vitalink, you explicitly consent to the transfer, processing, and storage of your personal and health data on servers located in the United States of America.
All primary data storage (Convex database, Cloudflare R2 document storage) is located in the United States. When you submit documents for AI analysis, that content is transmitted to OpenRouter and Google Gemini infrastructure, also located in the United States, under zero-data-retention terms.
If you are accessing Vitalink from outside the United States, your data will be transferred internationally. We take appropriate technical and organizational measures to protect your data during such transfers.
7. Data Retention
We retain your data for as long as your account is active or as needed to provide the Service. Specifically:
- All health records, medications, vitals, appointments, and documents are retained until you delete your account or specific records
- Authentication sessions are retained until they expire or you log out
- AI rate-limit records expire automatically based on time windows (minute/hour)
- Caregiver access grants are retained until revoked or the account is deleted
When you delete your account, all data is permanently removed from Convex and from Cloudflare R2. Residual data may persist in encrypted backup systems for a limited period (typically not exceeding 30 days) before being permanently purged.
AI analysis data transmitted to OpenRouter and Google Gemini is not retained by those providers under our zero-data-retention arrangement.
8. Data Security
We implement appropriate technical and organizational safeguards to protect your information:
- Authentication: End-to-end sessions via Better Auth with secure tokens stored in device Secure Store
- Document access: Short-lived presigned URLs (15-minute upload window, 1-hour download window)
- Data isolation: Every Convex query is scoped to authenticated user IDs — no cross-user data leakage
- Caregiver tokens: 62-bit entropy generated via Web Crypto with rejection sampling (unbiased)
- Transport security: All communications with Convex, Cloudflare R2, and OpenRouter occur over HTTPS/TLS
- Access control: Caregiver chains are explicitly prohibited at the application level
No system is completely secure. While we take robust precautions, we cannot guarantee absolute security. We encourage you to use strong, unique passwords and report any suspected unauthorized access immediately.
9. Your Privacy Rights
You have the following rights with respect to your personal information:
- Access: View all health data stored in your account at any time within the application
- Correction: Edit or update any inaccurate health records or account information
- Deletion: Delete individual records or your entire account (including all associated data) from within the app
- Portability: Export your health data from within the application
- Revocation: Withdraw caregiver access grants at any time
- Notification preferences: Manage or disable push notifications at any time
If you are located in a jurisdiction with specific data protection laws (such as the GDPR or CCPA), you may have additional rights. Please contact us to exercise those rights.
10. Children's Privacy
Vitalink is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal data without parental consent, please contact us so we can investigate and delete the information.
Parents or guardians may create and manage an account to track the health of a minor in their care. In this case, the account holder is responsible for the data entered and assumes full responsibility under these Terms.
11. Cookies and Device Storage
The Vitalink mobile application does not use browser cookies. We use the following device storage mechanisms:
- Expo SecureStore: Used to store authentication tokens and caregiver grant IDs securely on-device
- Application state: In-memory state management for session data during active use
We do not use cross-site tracking, advertising pixels, or third-party analytics SDKs that collect behavioral data.
12. Third-Party Privacy Policies
Vitalink integrates with third-party services, each governed by their own privacy policies. We strongly encourage you to review the following:
| Provider | Role | Policy URL |
|---|---|---|
| Convex | Database & Backend | https://www.convex.dev/privacy |
| Cloudflare | File Storage (R2) | https://www.cloudflare.com/privacypolicy/ |
| OpenRouter | AI Gateway | https://openrouter.ai/privacy |
| Google Cloud | AI Model (Gemini) | https://cloud.google.com/terms |
| Google Vertex AI | AI Privacy Notice | https://cloud.google.com/vertex-ai/docs/general/usage-privacy |
| Google API Policy | User Data Policy | https://developers.google.com/terms/api-services-user-data-policy |
| Better Auth | Authentication | https://www.better-auth.com |
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable laws. We will notify you of material changes by:
- Displaying an in-app notice
- Sending a notification to your registered email (if applicable)
- Updating the Effective Date at the top of this document
Your continued use of the Service after the effective date of changes constitutes your acceptance of the updated Privacy Policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us through the Vitalink application settings.
For privacy-related concerns specific to third-party providers, please refer to the policies listed in Section 12.
Vitalink — Effective April 20, 2026 — Version 1.0