Privacy Policy for TrackCure AI
Last updated: July 13, 2025
At TrackCure AI, your privacy is our utmost concern. This Privacy Policy explains how we collect, use, and protect your information when you use our Progressive Web App (PWA).
1. Data Storage and Privacy
TrackCure AI is designed with a strong focus on privacy. All your health data, including doctors' details, medicines, test results, disease history, treatments, and health diary entries, is stored locally on your device using IndexedDB. This means your sensitive health information:
- Never leaves your device unless you explicitly choose to export it as a TXT file or share it using your device's native sharing functionality.
- Is not uploaded to any cloud servers controlled by TrackCure AI or third parties.
- Is not accessible by us or any other entity.
You are in complete control of your data. If you uninstall the app or clear your browser's site data, your locally stored health records may be deleted.
2. AI Assistant Functionality
Our AI Health Assistant uses the Google Gemini API to provide insights and summaries based on your health data. When you interact with the AI chat:
- Your query and the relevant health data (fetched from your local IndexedDB) are sent to a secure serverless function.
- This serverless function acts as a proxy to the Google Gemini API. We do not store your queries or health data on our server. The data is processed in real-time to generate a response and is then discarded.
- Google's use of data from the Gemini API is subject to their own privacy policies. We recommend reviewing Google's privacy policy for more information on their data handling practices.
3. Authentication (Firebase)
TrackCure AI offers optional user authentication powered by Firebase. This feature allows you to:
- Access premium features (if applicable) across multiple devices.
- Manage your account (e.g., change password).
When you use Firebase authentication:
- Your email address and password (hashed and secured by Firebase) are stored on Firebase servers.
- We do not have direct access to your plaintext password.
- Firebase's data handling is governed by Google's privacy policy.
- Important: Even with authentication, your core health records remain stored locally in IndexedDB on each device you use. They are not synchronized or stored on Firebase servers.
4. Information We Do Not Collect
We explicitly state that TrackCure AI does not collect, store, or transmit any of the following personal or health information:
- Your name, address, phone number, or any other personally identifiable information, unless you voluntarily provide it for subscription verification via email.
- Your health records (as explained above, these are local).
- Your location data.
- Any usage analytics that can identify you personally.
5. Third-Party Services
TrackCure AI utilizes the following third-party services:
- Firebase (Google): For optional user authentication.
- Google Gemini API: For AI assistant functionality (proxied through our serverless function).
- Tailwind CSS, Google Fonts: For styling and typography (loaded directly from CDNs).
These services have their own privacy policies. We encourage you to review them.
6. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
7. Contact Us
If you have any questions about this Privacy Policy, please contact us:
Thank you for trusting TrackCure AI with your health journey.