Effective date: 21 April 2026 Last updated: 21 April 2026

This Privacy Policy describes how MediTime (the "App," "we," "us," or "our"), operated by Cookie Apps, collects, uses, and protects information when you use our medication reminder mobile application.

By downloading, installing, or using the App, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the App.

1. Who We Are

Data controller: Cookie Apps Contact email: cookie.apps1@gmail.com

For users in the European Economic Area (EEA), United Kingdom, and Türkiye, Cookie Apps is the data controller under the GDPR, UK GDPR, and KVKK (Kişisel Verilerin Korunması Kanunu) respectively.

2. Information We Collect

2.1 Information You Provide

When you use the App, you may voluntarily provide:

Medication details you enter, such as medication category (e.g., prescription, supplement), dose, frequency, schedule times, and personal notes.

Reminder preferences such as notification times, days of the week, and snooze settings.

Account information (only if you create an account or sign in): email address, display name, and authentication identifiers.

Subscription information when you purchase a paid plan: the plan you selected, purchase date, renewal status, and transaction identifiers. We do not collect or store your credit card or payment card details. Payments are processed securely by Google Play Billing.

All medication entries and personal notes are stored locally on your device and, if you enable cloud sync, on secure cloud servers associated with your account. Medication names and personal notes are treated as sensitive data and are never shared with analytics or advertising providers.

2.2 Information Collected Automatically

When you use the App, we automatically collect:

Device and technical information: device model, operating system version, app version, language, country, time zone, and anonymous device identifiers (such as Android Advertising ID, only if you do not opt out).

Usage data: which screens you open, features you use, session duration, in-app events (e.g., "reminder set," "dose marked taken"), and crash reports.

Subscription events: trial starts, purchases, renewals, cancellations, and refunds (received from Google Play Billing and RevenueCat).

This data is aggregated and does not identify you personally. It is used solely to improve the App.

2.3 Information We Do Not Collect

We do not collect:

Your medication names, doses, or personal notes through analytics. Location data (unless explicitly requested and granted by you for a specific feature). Contacts, photos, microphone, or camera data. Biometric or genetic data.

3. Permissions We Request

Notifications — To deliver medication reminders at the times you set.

Exact alarms / Schedule exact alarms — To ensure reminders trigger at the precise time scheduled.

Boot completed — To restore your reminders after device restart.

Foreground service — To reliably deliver reminders even when the App is in the background.

Internet — To sync data (if you enable cloud sync), deliver analytics, and process subscriptions.

You may revoke these permissions at any time in your device settings.

4. How We Use Your Information

We use the information we collect to:

Provide core functionality: store your medications, schedule reminders, deliver notifications, and track adherence.

Process and manage subscriptions, trials, renewals, and refunds.

Send you in-app communications related to reminders or service updates.

Analyze usage patterns to improve features, user experience, and performance.

Diagnose crashes and fix bugs.

Prevent fraud, abuse, and violations of our Terms of Service.

Comply with legal obligations.

5. Legal Bases for Processing (GDPR / UK GDPR)

We process personal data under the following legal bases:

Contract (Art. 6(1)(b) GDPR): to deliver the App's core functionality and manage your subscription.

Consent (Art. 6(1)(a) GDPR): for optional analytics and crash reporting. You may withdraw consent at any time in the App's privacy settings.

Legitimate interests (Art. 6(1)(f) GDPR): to secure the App, prevent fraud, and improve services.

Legal obligation (Art. 6(1)(c) GDPR): to comply with applicable laws and respond to lawful requests.

For users in Türkiye, processing is carried out based on your explicit consent or the legal grounds set out in Article 5 of KVKK.

6. Third-Party Services

We use the following third-party services to operate and improve the App. Each provider acts as an independent data processor or controller with respect to the data it receives. We recommend you review their privacy policies.

Firebase Analytics (Google) — Usage analytics. Data shared: anonymous app events, device info, approximate country. Privacy policy: https://policies.google.com/privacy

Firebase Crashlytics (Google) — Crash reporting. Data shared: crash logs, device state, anonymous identifiers. Privacy policy: https://policies.google.com/privacy

Google Play Billing — Subscription processing. Data shared: transaction identifiers, subscription status. Privacy policy: https://policies.google.com/privacy

RevenueCat — Subscription analytics and entitlement management. Data shared: anonymous user identifier, subscription status, country. Privacy policy: https://www.revenuecat.com/privacy

Google Play Services — Push notifications, core Android services. Data shared: device tokens, service diagnostics. Privacy policy: https://policies.google.com/privacy

We do not sell your personal information to any third party.

7. Data Retention

Local medication data is retained on your device until you delete it or uninstall the App.

Cloud-synced data (if enabled) is retained while your account is active. If you delete your account, data is permanently deleted within 30 days, except where retention is required by law.

Analytics data is retained for up to 14 months in anonymized form.

Crash reports are retained for up to 90 days.

Subscription and billing records are retained for 10 years to comply with tax and accounting obligations.

8. Data Security

We apply industry-standard technical and organizational measures to protect your data, including:

Encryption in transit (TLS 1.2+) for all network communications. Encryption at rest on servers where cloud sync is used. Access controls and audit logging on backend systems. Regular security reviews and dependency updates.

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

Some of our service providers (such as Google and RevenueCat) may process data in countries outside the European Economic Area, the United Kingdom, or Türkiye, including the United States. Where such transfers occur, we rely on:

European Commission Standard Contractual Clauses (SCCs). Adequacy decisions where applicable. Other lawful transfer mechanisms under GDPR and KVKK.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you. Correct inaccurate or incomplete data. Delete your data ("right to be forgotten"). Restrict or object to certain processing. Data portability: receive your data in a structured, machine-readable format. Withdraw consent at any time where processing is based on consent. Lodge a complaint with your local data protection authority (e.g., your national DPA in the EU/UK, or KVKK Board in Türkiye).

To exercise any of these rights, email us at cookie.apps1@gmail.com. We will respond within 30 days.

California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights, including the right to know what personal information is collected, the right to delete, and the right to opt out of "sale" or "sharing" of personal information. We do not sell or share personal information as defined under the CCPA.

11. Children's Privacy

The App is not intended for children under the age of 13 (or 16 in the EEA, or as otherwise required by local law). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at cookie.apps1@gmail.com and we will delete it promptly.

12. Analytics Opt-Out

You can disable analytics and crash reporting at any time in the App under Settings → Privacy → Usage Data. When disabled, no analytics or crash data will be collected.

You may also opt out of personalized advertising identifiers in your device settings:

Android: Settings → Google → Ads → Delete advertising ID.

13. Health Information Disclaimer

The App is a medication reminder tool and is not a medical device. It does not provide medical advice, diagnosis, or treatment. Always consult a qualified healthcare professional regarding any medication or health decision. We are not responsible for missed doses, medication errors, or any health outcomes resulting from use of the App.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will:

Update the "Last updated" date at the top. Notify you in the App for material changes. Obtain new consent where required by law.

Your continued use of the App after changes take effect constitutes acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: cookie.apps1@gmail.com Developer: Cookie Apps