Privacy Policy
Effective Date: March 30, 2026 | Last Updated: March 30, 2026
1. Introduction
Vigil ("we," "our," or "us") is a medication reminder application developed by Vigil Medical LLC. This Privacy Policy describes how we collect, use, store, and protect your personal information, including sensitive health data, when you use the Vigil mobile application (the "App").
We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Health Insurance Portability and Accountability Act (HIPAA) where applicable, and Google Play's Health Data policies.
By using Vigil, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the App.
2. Health Data Disclosure
Vigil handles the following categories of health and fitness data:
| Data Category | Specific Data | Purpose |
|---|---|---|
| Medication Information | Drug names, dosages, form (pill, capsule, liquid, etc.), pill color and shape | Core app functionality: scheduling reminders and identifying medications |
| Medication Schedules | Frequency, reminder times, custom cycles (e.g., 3 days on / 1 day off) | Scheduling and triggering medication reminders |
| Adherence Logs | Timestamps of doses taken, skipped, or missed; snooze events | Tracking medication adherence and generating compliance reports |
| Health Measurements | Blood pressure, blood sugar, weight, temperature, heart rate (optional) | Health journaling and trend analysis |
| Symptom Logs | Mood, pain levels, side effects (optional) | Symptom-medication correlation tracking |
| Prescription Data | Scanned prescription labels (processed locally via OCR) | Auto-populating medication details from prescription photos |
3. How We Collect Data
3.1 Data You Provide Directly
You provide data when you manually enter medications, set schedules, log doses, record health measurements, or create a profile (first name, optional).
3.2 Data Collected Automatically
The App may collect:
- Device information: Device model, operating system version, and app version (for crash reporting and compatibility).
- Notification interaction data: Whether notifications were received, opened, or dismissed (to improve reminder effectiveness).
3.3 Camera and OCR Data
When you use the "Scan Prescription" feature, the App accesses your device camera to capture an image of a medication label. This image is processed locally on your device to extract text. The image is not stored or transmitted to any server.
3.4 Data We Do NOT Collect
- We do not collect your real name, email address, or phone number unless you voluntarily provide them for support purposes.
- We do not collect location data (geofencing features use on-device processing only).
- We do not use analytics SDKs, advertising trackers, or fingerprinting technologies.
4. How We Use Your Data
Your data is used exclusively for the following purposes:
- Core functionality: Scheduling medication reminders, tracking adherence, and generating health reports.
- Drug interaction checking: Medication names (not personal identifiers) are sent to the openFDA API to check for known drug-drug interactions.
- Care Circle (optional): If you enable the Care Circle feature, selected adherence data is shared with your designated caregivers via encrypted channels.
- Cloud sync (Premium, optional): If you enable cloud sync, your medication data is encrypted and stored on secure servers to enable cross-device access.
- App improvement: Aggregated, anonymized usage patterns may be used to improve app features. No individual health data is used for this purpose.
5. Data Storage and Security
5.1 Local Storage (Default)
By default, all health data is stored exclusively on your device using the platform's native encrypted storage (iOS Keychain / Android Keystore-backed AsyncStorage). We do not have access to this data.
5.2 Cloud Storage (Premium Feature)
If you opt into cloud sync (Premium subscription), your data is:
- Encrypted using AES-256 encryption before leaving your device.
- Transmitted over TLS 1.3 encrypted connections.
- Stored on servers located in the United States with SOC 2 Type II compliance.
- Accessible only by you and your designated caregivers.
5.3 Data Retention
Local data is retained on your device until you delete it. Cloud-synced data is retained for the duration of your Premium subscription plus 30 days after cancellation, after which it is permanently deleted.
6. Data Sharing
We do not sell, rent, or trade your personal or health data to any third party. Your data may be shared only in the following limited circumstances:
| Recipient | Data Shared | Purpose |
|---|---|---|
| openFDA API | Medication names only (no personal identifiers) | Drug interaction safety checks |
| Your designated caregivers | Adherence status, missed dose alerts (only if Care Circle is enabled) | Caregiver monitoring |
| Apple/Google push notification services | Device tokens (no health data) | Delivering medication reminders |
| Law enforcement | As required by law | Legal compliance |
7. Your Rights
Depending on your jurisdiction, you have the following rights regarding your data:
- Right to Access: You can view all your data within the App at any time.
- Right to Portability: You can export your data as a PDF report from the App.
- Right to Deletion: You can delete all local data from Settings > Delete All Data. For cloud data, submit a data deletion request.
- Right to Rectification: You can edit any medication or health data within the App.
- Right to Restrict Processing: You can disable specific features (e.g., Care Circle, cloud sync) at any time.
- Right to Withdraw Consent: You can stop using the App and delete your data at any time.
8. Children's Privacy
Vigil is not intended for use by children under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at admin@vigilmed.health and we will delete it promptly.
9. International Data Transfers
If you enable cloud sync, your encrypted data may be transferred to and stored on servers in the United States. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for EU/EEA users.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes through an in-app notification or by updating the "Last Updated" date above. Continued use of the App after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:
Vigil Medical LLC
Email: admin@vigilmed.health
Vigil Medical LLC, 701 South St Ste 100, Mountain Home, AR 72653
Support: vigilmed.health/support
Data Deletion: vigilmed.health/delete-data