Privacy Policy
Your health readings are yours. Here's exactly how صحتي (Sehaty) respects that.
Last Updated: May 29, 2026
1. Introduction
Welcome to صحتي (Sehaty) ("we," "our," or "us"), developed and published by MainCreator Lab. This Privacy Policy explains, in plain language, how the صحتي (Sehaty) iOS mobile application (the "App") handles your information.
By downloading, installing, or using the App, you agree to the practices described in this Privacy Policy. If you do not agree with the terms of this policy, please do not use the App.
2. Summary - In One Paragraph
صحتي (Sehaty) is a privacy-first health tracker for blood pressure, blood sugar, weight, and medications. We do not operate any servers that hold your health readings, and we do not require an account, email, or password. Your measurements, medications, reminders, reports, and every preference you set live only on your iPhone or iPad. For app stability and to keep the App free, the App integrates two well-known third-party services from Google - AdMob for non-personalized advertising and Firebase (Analytics + Remote Config) for aggregate usage statistics and remote configuration. Both are governed by Apple's App Tracking Transparency framework and are described in detail below. Your health data is never part of advertising or analytics.
3. Health Information Disclaimer
صحتي (Sehaty) is a personal logging and tracking tool. It is not a medical device and does not provide medical advice. The App does not measure anything by itself - every value is entered by you, manually or from your own home device - and it does not diagnose, treat, cure, or prevent any disease. Nothing displayed in the App (including charts, averages, comparisons, or reports) should be interpreted as a medical opinion. Always consult a qualified healthcare professional before making any decision about your health or your medication. You are solely responsible for the health decisions you make, and MainCreator Lab disclaims any liability arising from your use of the App or reliance on the information it displays.
4. Information We Do NOT Collect
صحتي (Sehaty) is designed with a privacy-first approach. We want to be completely transparent about what we do not collect:
- We do not collect your name, email address, phone number, or any personal identification information.
- We do not require account creation, sign-in, or user registration.
- We do not collect, store, or transmit any of your health readings - including blood pressure, pulse, blood sugar, weight, or any tags and notes you add.
- We do not collect, store, or transmit your medications, dosages, schedules, or adherence history.
- We do not access Apple Health (HealthKit) or any other health database on your device.
- We do not access your contacts, photos, camera, microphone, or location.
- We do not sell, trade, or rent any information to third parties.
- We do not embed social-media tracking SDKs (e.g., Facebook SDK, TikTok SDK) and we do not share data with such networks.
5. Local Data Storage
صحتي (Sehaty) stores all user-generated content and preferences locally on your device. This includes:
- Health Readings: Every blood pressure, blood sugar, and weight entry you log - including values, the meal or time-of-day context, tags, and notes - is stored exclusively on your device using Apple's SwiftData framework.
- Medications & Adherence: The medications you add, their dosages and schedules, and the record of which doses you marked as taken or skipped are all stored locally as part of the same on-device database.
- Reports: The PDF reports the App generates are created on your device on demand. They are only shared if and when you choose to share them (for example, via WhatsApp, Mail, or AirDrop).
- App Preferences: Your theme (light/dark), haptics setting, reminder times, and other preferences are stored locally using UserDefaults/AppStorage.
This data is never uploaded, synced, or transmitted to our servers or any external service. If you delete the App, all locally stored data will be permanently removed from your device. We strongly recommend using the App's built-in JSON export to keep your own backup.
6. Advertising (AdMob)
صحتي (Sehaty) is free and may be supported by occasional non-intrusive advertisements served via Google AdMob. To deliver these ads, AdMob may process certain device-level information in accordance with Apple's App Tracking Transparency framework:
- If you tap "Ask App not to Track" on the ATT prompt, ads remain non-personalized - no Identifier for Advertisers (IDFA) is shared with AdMob, and Google's SDK is instructed to serve contextual ads only.
- If you allow tracking, AdMob may use the IDFA and standard ad-delivery signals to show more relevant ads.
- You can review or change your tracking choice at any time under iOS Settings > Privacy & Security > Tracking > Sehaty.
- AdMob's own data practices are governed by Google's Advertising Policies. Ads never contain or use any of your health readings, medications, or reports.
7. App Tracking Transparency (ATT)
In full compliance with Apple's App Store Review Guidelines and the App Tracking Transparency framework:
- The App will show the standard iOS ATT prompt before any tracking-eligible signal is shared with Google AdMob.
- You can decline tracking - the App will continue to work, and any ads shown will be non-personalized.
- We do not use your IDFA, fingerprint your device, or correlate identifiers across apps in any other way.
- You can review or change your tracking preferences at any time under Settings > Privacy & Security > Tracking on your iOS device.
8. Notifications
The App may request permission to send local notifications. These are used for:
- A reminder for each medication dose you schedule.
- An optional daily reminder to log your readings, if you enable it.
All notifications are scheduled locally on your device using Apple's UserNotifications framework. No remote push server is involved, no notification metadata is sent to MainCreator Lab, and you can turn notifications off at any time from iOS Settings.
9. Analytics, Diagnostics & Firebase
To improve the App's stability and understand high-level usage patterns, صحتي (Sehaty) relies on a combination of Apple's own built-in tools and Google's Firebase platform:
- Apple Crash & Analytics Reports: If you have opted in to "Share iPhone Analytics" under Settings > Privacy & Security > Analytics & Improvements, Apple may share anonymized crash and performance data with developers. You can turn this off at any time in iOS Settings.
- Firebase Analytics (minimal): Firebase Analytics collects aggregated, non-personal events - such as app open, screen view, and broad device/region buckets - so we can understand which features are useful and which need improvement. We do not log custom events containing your blood pressure, blood sugar, weight, medication data, or any user content. IP addresses processed by Firebase are truncated/anonymized as documented by Google.
- Firebase Remote Config: The App fetches a small set of configuration values (feature flags, default presets, ad-pacing parameters, etc.) from Firebase Remote Config so we can adjust the experience without shipping a full update. The fetch request sends only standard Firebase metadata (app version, OS version, locale, country, Firebase Installation ID); it does not send any of your health data. The response we receive contains only the configuration values - no personal data about you flows back from Google.
- Firebase Installation ID: Firebase generates a random, per-install identifier used by Analytics and Remote Config. It is not tied to you personally and is automatically reset if you reinstall the App.
- No advertising signals from Firebase: We do not enable Firebase's advertising features (e.g., Google Signals, IDFA collection from within Firebase). All advertising-related identifiers are handled separately by AdMob and only with your ATT consent.
- Where the data is processed: Firebase services are operated by Google and may store data on servers located in the United States, the European Union, or other regions. Google participates in mechanisms recognized for international data transfers (such as Standard Contractual Clauses). Firebase's own privacy practices are governed by the Firebase Privacy and Security overview and Google's Privacy Policy.
- Your control: You can opt out of Firebase Analytics entirely by declining the ATT prompt - when you decline, the App disables Analytics data collection. You can also reset your Firebase Installation ID at any time by reinstalling the App, or revoke iOS-level analytics consent under iOS Settings > Privacy & Security > Analytics & Improvements.
10. Children's Privacy
صحتي (Sehaty) is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe that a child under 13 has provided personal information through the App, please contact us so we can take appropriate action.
11. Third-Party Services and Links
The App may contain links to third-party websites (for example, our website or App Store pages) that are not owned or controlled by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites. We encourage you to review the privacy policies of any third-party services you interact with.
12. Data Security
We take the security of your data seriously. Since all of your health data is stored locally on your device, it benefits from the hardware-level encryption and security features provided by Apple's iOS platform, including device passcode protection and Secure Enclave encryption. Because health information is sensitive, we recommend protecting your device with a passcode or Face ID / Touch ID.
13. Your Rights under the GDPR (EU / EEA / UK)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) - and its UK equivalent - grants you a set of rights regarding your personal data. This section explains how those rights apply to صحتي (Sehaty).
13.1 Data Controller
The data controller responsible for any personal data processed in connection with the App is:
MainCreator Lab
Email: contact@maincreator.com
You can reach us at the address above for any privacy-related question or request. We do not currently meet the thresholds that would require us to appoint a formal Data Protection Officer (DPO), but the contact above will handle every GDPR enquiry directly.
13.2 What Personal Data We Process
- On your device only: blood pressure, blood sugar, and weight readings, medications and adherence, preferences. We do not receive a copy of this data.
- Via Firebase Analytics & Remote Config: aggregated app open / screen-view events, device model, OS version, locale, country, truncated IP address, and a randomly generated Firebase Installation ID used to deliver configuration values back to the App.
- Via Google AdMob (only if you allow tracking via ATT): the IDFA and standard ad-delivery signals. If you decline tracking, only contextual, non-personalized ad signals are processed.
13.3 Legal Basis for Processing (GDPR Article 6)
- Legitimate interests (Art. 6(1)(f)) - for security, abuse prevention, and the minimal Firebase processing required to keep the App stable. We have weighed this against your rights and concluded that diagnostic data limited to aggregated metrics has a minimal privacy impact.
- Consent (Art. 6(1)(a)) - for personalized advertising via AdMob and any tracking-eligible Firebase signals. Consent is obtained through Apple's App Tracking Transparency prompt and any in-app Google User Messaging Platform (UMP) consent banner shown to EU/EEA/UK users. You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
- Compliance with legal obligations (Art. 6(1)(c)) - where applicable (for example, responding to lawful requests from authorities).
13.4 Your Rights
Subject to the conditions set by the GDPR, you have the right to:
- Access (Art. 15) - request confirmation of whether we process personal data about you and obtain a copy of it.
- Rectification (Art. 16) - ask us to correct inaccurate personal data.
- Erasure / "right to be forgotten" (Art. 17) - ask us to delete personal data we hold about you. Because your health readings live only on your device, the most direct way to exercise this right is to delete the App; for Firebase / AdMob signals you can also reset your identifiers and reinstall the App.
- Restriction of processing (Art. 18) - ask us to stop processing your data while a complaint or correction request is being resolved.
- Data portability (Art. 20) - receive your personal data in a structured, machine-readable format. Since your data is stored locally in SwiftData on your device, you already have direct, complete portability through the App's JSON export.
- Object (Art. 21) - object to processing based on legitimate interests, including profiling. We will stop the relevant processing unless we demonstrate compelling legitimate grounds that override your interests.
- Withdraw consent - at any time, from iOS Settings (ATT) or by tapping any in-app consent toggle.
- Lodge a complaint - with your local supervisory authority (for example, the CNIL in France, the ICO in the UK, the AEPD in Spain, the Garante in Italy, or any other EU/EEA data protection authority).
To exercise any of these rights, contact us at contact@maincreator.com. We will respond within one month (extendable by two further months for complex requests, in line with Art. 12(3)). There is no fee for reasonable requests.
13.5 International Data Transfers
Some of our processors - notably Google (Firebase, AdMob) - operate global infrastructure that may transfer personal data outside the EU/EEA or the UK, including to the United States. Such transfers rely on safeguards recognized under the GDPR, including the European Commission's Standard Contractual Clauses (SCCs) and applicable adequacy decisions. You can request more information about these safeguards by contacting us.
13.6 Data Retention
- On-device data: retained for as long as the App is installed; permanently removed when you delete the App.
- Firebase Analytics: retained for the default user-and-event retention period configured for our project (up to 14 months), then aggregated.
- AdMob signals: retained by Google per its own retention policies.
13.7 California (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act ("CCPA") as amended by the California Privacy Rights Act ("CPRA") grants you similar rights - including the right to know what categories of personal information we collect and share, the right to delete personal information, the right to correct inaccurate information, and the right to opt out of the "sale" or "sharing" of personal information for targeted advertising. We do not sell your personal information for money. The processing of advertising identifiers via AdMob may qualify as "sharing" under the CPRA - you can opt out at any time by declining the ATT prompt or by enabling "Limit Ad Tracking" in iOS Settings. To exercise your CCPA/CPRA rights, contact us at contact@maincreator.com.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be communicated by posting the updated Privacy Policy on this page and updating the "Last Updated" date at the top. We encourage you to review this page periodically. Continued use of the App after changes constitutes your acceptance of the updated policy.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
MainCreator Lab
Email: contact@maincreator.com