Capsule Health

Privacy Policy

Effective date: May 26, 2026

This policy explains what data Capsule Health (“we,” “us,” “the app”) collects when you use the iOS app, how we use it, and the choices you have. It applies to anyone who signs up for and uses Capsule Health.

We've tried to keep this short and plain-English. If something is unclear, email privacy@capsule.health and we'll fix it.

1. Who we are

Capsule Health is a medication-tracking app that lets you log your medications and share that activity with people you trust — family, friends, a partner, your doctor, a caregiver. It's published by an independent developer; contact details are in section 12.

Capsule Health is a wellness and adherence tracker, not a medical device. It does not provide medical advice, diagnosis, or treatment. Always follow your healthcare provider's instructions.

2. What we collect

We only collect what the app needs to work. We do not run ad networks, we do not embed third-party analytics SDKs, and we do not build advertising profiles on you.

Information you give us

DataWhy
Phone numberTo sign you in. Verification is handled by Firebase Authentication using an SMS one-time code. You don't set a password — there's nothing to forget or leak.
Name, birth yearShown in your profile and in your circle members' feed when they see your activity. You can edit or remove either at any time.
MedicationsName, dose, schedule (times and weekdays), and which circle members are hidden from each medication. Stored under your account; we cannot see clinical details linked to other users by default.
Medication logsEach time you tap "Took it," we record the medication ID, timestamp, and the scheduled slot. Used to compute your streaks, "next up" card, and weekly adherence numbers.
Circle relationshipsThe Capsule Health user IDs of people you've invited or accepted, plus the role you picked (family, friend, doctor, caregiver, other) and an optional display label (e.g. "Mom").
InvitationsIf you send an SMS invite, the recipient phone number is stored in our invites collection until they accept, decline, or the invite is deleted.
Notification preferencesToggles for medication reminders and circle-activity push.

Information generated by your use of the app

What we don't collect

3. How we use your data

We never use your medication data to target you with ads, sell your information, or share it with third parties for their own purposes.

4. Who we share it with

We share data with a small set of service providers strictly needed to run the app:

ProviderWhat they handle
Google FirebaseAuthentication, Firestore database storage, Cloud Functions, Cloud Messaging (push), Hosting, and Crashlytics. Firebase processes data on Google Cloud infrastructure in the EU (eur3 multi-region) and, for some sub-services, the United States. Google acts as our data processor.
Apple Push Notification serviceDelivers push notifications to your iPhone. Apple receives only the notification payload and device token, not your medication content beyond the visible alert text.
Your mobile carrierIf you send an SMS invite from inside the app, the message is sent via your phone's standard Messages app. We don't run our own SMS gateway, and we don't see the contents of the SMS.

We share your activity inside the app with the specific people you've added to your circle — and only the medications you haven't hidden from them. Nobody outside your circle sees your medication data.

5. Device permissions

PermissionWhy we ask
NotificationsTo deliver medication reminders and circle activity. You can revoke this anytime in iOS Settings.
Microphone & Speech RecognitionUsed only when you choose "Add by voice." We prefer Apple's on-device Speech framework and request on-device transcription when your device supports it. On older devices or locales where on-device isn't available, iOS may transcribe through Apple's speech servers under Apple's privacy policy. In either case, we don't record, store, or upload your voice ourselves — we only receive the transcribed text from iOS.
Network accessRequired to sync with Firebase and deliver pushes.

6. How long we keep it

7. Your rights and controls

You have a few baked-in controls in the app, and you have legal rights on top of them.

In-app controls

Your legal rights (GDPR, UK GDPR, KVKK, CCPA, and similar)

Where the law gives you these rights, you can:

To exercise any of these, email privacy@capsule.health. We respond within 30 days.

8. International data transfers

Your data is stored primarily in Google Cloud's eur3 multi-region (Europe). Some Firebase sub-services may also process data in the United States. Where transfers leave your home jurisdiction, Google relies on Standard Contractual Clauses and equivalent transfer mechanisms; these are described in Google's Data Processing Addendum.

9. Children

Capsule Health is not directed to children under 13 (or 16 in jurisdictions where that's the minimum). We don't knowingly collect data from anyone under those ages. If you believe a minor has signed up, email privacy@capsule.health and we'll remove the account.

10. Security

No system is perfectly secure. If you spot a vulnerability, please email security@capsule.health.

11. Changes to this policy

If we change this policy in a material way, we'll update the "Effective date" at the top and, where required, notify you in-app before the change takes effect. The latest version always lives at this URL.

12. Contact us

For questions, requests, or complaints about this policy or your data: