Privacy Policy

Last updated: March 2026

Your privacy is important to us. This Privacy Policy explains how Dozzy collects, uses, and protects your personal information when you use our app and website.

1. Information We Collect

At Dozzy, we collect information to provide you with the best medication tracking experience:

  • Account Information: A Dozzy account is required to use the app. When you sign in with Google or Apple, we collect your email address and basic profile details (name, profile photo).
  • Health Data: Medication schedules, health measurements, and activity logs you enter into the app. This data is stored on our cloud servers hosted in the EU and linked to your account.
  • Usage Data: Anonymous analytics about how you interact with the app to help us improve our services.
  • Device Information: Device type, operating system, app version, and general location (if permitted) for timezone-based reminders.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Dozzy medication tracking service
  • Send medication reminders and push notifications
  • Improve and personalize your experience
  • Provide customer support and respond to inquiries
  • Analyze usage patterns to improve our app features

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: For processing health data, we rely on your explicit consent (KVKK Art. 5/1, GDPR Art. 6(1)(a) and Art. 9(2)(a)). You may withdraw your consent at any time.
  • Contractual Necessity: Processing necessary to provide the Dozzy service under our terms of use (KVKK Art. 5/2(c), GDPR Art. 6(1)(b)).
  • Legitimate Interest: For security measures, fraud prevention, and anonymous usage analytics (KVKK Art. 5/2(f), GDPR Art. 6(1)(f)).

4. Data Security

Your privacy is our priority. We implement industry-standard security measures:

  • All health data is stored in encrypted cloud servers hosted in the EU
  • Data is encrypted both in transit (TLS) and at rest
  • Limited access to personal data by authorized personnel only
  • Regular security audits and updates

5. Data Sharing

We do not sell, trade, or share your personal health information with third parties, except:

  • With your explicit consent
  • To comply with legal obligations
  • To protect our rights and prevent fraud
  • With trusted service providers who help operate our app (under strict confidentiality agreements)

6. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate information
  • Delete your account and all associated data
  • Export your health data
  • Opt-out of marketing communications

7. Children's Privacy

Dozzy is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are 13-17 years old, you need parental consent to use our services.

8. Cookies and Tracking

Our website uses cookies and similar technologies to remember your preferences, analyze site usage, and improve our services. You can control cookies through your browser settings or our consent banner.

9. Data Retention

We retain your personal data for as long as necessary to provide our services:

  • Active Accounts: Data is retained while your account is active.
  • Inactive Accounts: If your account remains inactive for more than 2 years, we may delete your account and all associated data after sending you a prior notification.
  • Deleted Accounts: Data is deleted within 30 days of account deletion, except where required by law.
  • Legal Requirements: Some data may be retained longer to comply with legal, tax, or regulatory requirements.

10. Third-Party Services

We use trusted third-party services to operate our app:

  • Analytics: Google Analytics to understand website usage and improve user experience.
  • Payments: App Store and Google Play handle all subscription payments. Dozzy does not process or store any payment information.
  • Authentication: Google Sign-In and Apple Sign-In for secure account access.
  • Push Notifications: Firebase Cloud Messaging (Google) to deliver medication reminders and notifications to your device.

11. International Data Transfers

Your data may be processed in different regions depending on the service:

  • Cloud Database: All health data and account information is stored in the European Union (EU) region.
  • Firebase Cloud Messaging: Device tokens used for push notifications are processed by Google in the United States. No health data is transferred; only device identifiers needed to deliver notifications.
  • Google Analytics: Anonymous website usage data is processed by Google in the United States. No health data is included in analytics.
  • Safeguards: For US-based transfers, we rely on Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework to ensure adequate data protection.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page, updating the last updated date, and sending an in-app notification for significant changes.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at app.dozzy@gmail.com

Back to Home