hakantozkoparan

#Privacy Policy

Last Updated: July 28, 2025

This Privacy Policy describes how the Medicine Tracker app (“Application”, “Service”) users’ personal information is collected, used, and protected.

1. Data Controller

Application Developer: Hakan Tozkoparan Contact: hakantozkoparan0@gmail.com Application: Medicine Tracker

2. Collected Information

2.1 User Account Information

First and Last Name (for profile creation)
Email address (for registration, login, and communication)
Password (stored encrypted)
Account creation date
Email verification status
User role (member, admin)

2.2 Medication and Health Information

Medication names and dosage information
Reminder times and frequency settings
Medication use history
Personal notes and comments
Medication addition and usage statistics

2.3 Application Usage Data

Application crash reports and error logs
Performance and analytics data
Feature usage statistics
Security attempts and failures
Session information and activity records

2.4 Device and Technical Information

Device model, operating system, and version
Device name (iPhone, Samsung, etc.)
App version
Language and region settings (automatic detection)
Time zone information
Push notification token (for notifications)

2.5 Advertising and Tracking Data

Ad personalization preference (opt-in)
Tracking permission status (user choice)
Ad interaction data (only if consented)

2.6 Premium Subscription Information

Subscription type and status (monthly, 3-month, 6-month, annual)
Purchase history and RevenueCat customer ID
Subscription start and end dates
Payment platform information (App Store/Google Play)

3. Purpose of Information Use

3.1 Basic Service Provision

Providing a personalized medication tracking system
Sending timely medication reminders
User account management and authentication
Medication history and statistics Storage
Multilingual support (Turkish, English, Spanish, Chinese, Russian, Hindi)

3.2 Premium Services

Unlimited medication additions
Advanced reminder settings
Detailed statistics and analysis reports
Cloud backup and synchronization
Ad-free experience
Prioritized customer support

3.3 Service Improvement and Security

Improving application performance and debugging
Preventing security threats and fraud
Improving the user experience
Developing and testing new features
System security and data integrity

3.4 Contact and Support

Critical security notifications
Notification of application updates
User support requests and technical assistance
Premium subscription status notifications

3.5 Advertising and Marketing (Only If Allowed)

Personalized ad display (opt-in)
In-app feature promotions
Premium subscription promotions

4. Data Storage and Security

4.1 Data Storage Infrastructure

Data Google Firebase Securely stored in Cloud Firestore
Full compliance with Turkish Personal Data Protection Law (KVKK) and EU GDPR
End-to-end encryption and secure data transfer
Automatic backup and disaster recovery systems
Multi-region data replication

4.2 Security Measures

256-bit SSL/TLS encryption protocol
Secure authentication with Firebase Authentication
Multi-factor security check (SimpleCaptcha)
Brute-force attack protection and rate limiting
Regular security scanning and updates
Access control and audit logging
Data anonymization techniques

4.3 Retention Periods

Active user accounts: Until account deletion
Inactive accounts: Automatic deletion 2 years after last login
Error and crash logs: 90 days (for debugging purposes)
Security logs: 1 year (for security analysis)
Analytical data: 1 year (Anonymous statistics)
Advertising data: 30 days (only if consented)
Premium subscription records: Legal obligation period (7 years)

Medicine Tracker does not share your personal data with third parties except in the following cases:

Legal obligation: Court order, legal obligation, or public safety
Security threats: Fraud, hacking attempts, or security breaches
Technical service providers: Only the minimum data necessary for service delivery
Anonymized data: Non-personally identifiable statistical analyses

5.2 Third-Party Services Used

A) Main Service Providers

Google Firebase: Data storage, authentication, and push notification
Firebase Auth, Firestore, Cloud Messaging
Google’s Privacy Policy: https://policies.google.com/privacy
RevenueCat: Premium subscription management and payment processing
Subscription analytics and customer management
RevenueCat Privacy Policy: https://www.revenuecat.com/privacy

B) Platform Services

Apple App Store: iOS app distribution and In-App Purchase
GoGoogle Play Store: Android app distribution and subscription management
Expo Services: App development and push notification infrastructure

C) Advertising Services (Only If Allowed)

Google AdMob: Banner ads and ad personalization
Personalized ads only if the user has consented to tracking
Non-personalized ads are displayed if there is no consent
AdMob Privacy Policy: https://support.google.com/admob/answer/6128543

5.3 Data Transfer Conditions

All third-party integrations comply with the minimum data principle
Data transfer is only made when necessary for service provision
Third parties have their own privacy policies
Encryption and security protocols are used for data sharing

6. User Rights and Data Control

Right to be informed: Learn which of your personal data is being processed
Right to access: View and obtain a copy of your personal data
Right to rectification: Correct inaccurate or incomplete information
Right to erasure: Request deletion of your data (“Right to be forgotten”)
Right to object to processing: Object to certain data processing activities
Data portability: Transfer your data to other platforms
Right to restrict: Request restriction of data processing

6.2 How to Exercise Your Rights

A) In-App Controls

Profile Settings → “Data Management” section
Account Information → Edit personal information
Privacy Settings → Tracking consent management
Export My Data → Download data in JSON format
Delete My Account → Permanent account and data deletion

B) Contact Channels

Email: privacy@medicinetracker.app
General Support: hakantozkoparan0@gmail.com
Response Duration: Within 30 days (KVKK/GDPR requirement)

6.3 Rights for Special Data Categories

Health Data: You can delete your medication information at any time
Advertising Data: You can change your tracking consent at any time
Premium Data: You can view your subscription history

6.4 Data Deletion Process

The deletion request begins within 7 days of receipt.
The data is completely removed from the system within 30 days.
It is deleted from backup systems within 90 days.
Data requiring legal obligations is excluded.

7. Advertising and Tracking Technologies

7.1 Our Advertising Policy

Ad display on Medicine Tracker is entirely under user control:

A) Opt-in Tracking System

Optional tracking consent checkbox during registration
No tracking unless the user opts in
You can change your preference at any time
Apple App Store Guideline Full compliance with 5.1.2

B) Ad Types

IF Tracking consent IS GRANTED: Personalized ads
IF Tracking consent IS NOT GRANTED: Generic (non-personalized) ads
Premium users: No ads will be displayed

7.2 Technologies Used

A) Google AdMob

Display of banner ads
Personalization based on tracking consent
Distinction between test mode (development) and production mode

B) Cookies and Tracking Data

Session cookies: Session information preservation
Analytics cookies: Anonymous usage statistics
Performance cookies: Application optimization
Advertising cookies: Only if consent is given

7.3 User Control

A) Ad Settings

Change tracking consent from profile settings
Turn personalized ads on/off
By switching to Premium Remove all ads

B) External Platform Controls

iOS: Settings → Privacy & Security → Tracking
Google: My Activity → Ad Personalization
Device-Level Ad ID Reset

8. Push Notifications and Communications

8.1 Notification Types and Purposes

A) Medication Reminders

Reminders to take medications at specific times
Second reminder for missed doses (optional)
Customizable notification texts for different medications
Localized messages in 6 languages

B) System Notifications

Important safety alerts and updates
Premium subscription status changes
App updates and new feature announcements
Technical maintenance notifications

C) Support and Help

Notifications regarding responses to your support requests
Premium customer support notifications
System error resolution notifications

8.2 Notification Permissions and Control

A) Permission Process

Notification permission is requested upon initial setup
If denied, the medication Reminders will not work.
Permission status is checked every time the app is opened.

B) Control Options

In-app: Profile → Notification Settings
Device Settings: iOS Settings → Notifications → Medicine Tracker
Selective control: Only medication reminders, only system notifications, etc.

8.3 Push Token Management

Expo Push Tokens are securely stored in Firebase.
Automatically update when tokens are renewed.
Tokens are purged when the account is deleted.

9. Premium Subscription and Payment

9.1 Subscription Types and Features

A) Free Plan

Add up to 3 medicationsme
Basic reminder feature
Ad-supported experience
Standard customer support

B) Premium Subscription Options

Monthly Premium (₺29.99): 1-month subscription
3-Month Premium (₺74.99): Save 15%
6-Month Premium (₺134.99): Save 25%
Yearly Premium (₺199.99): Save 40%

C) Premium Features

Unlimited medication adding and tracking
Advanced reminder settings
Detailed statistics and analysis reports
Cloud backup and sync
Ad-free experience
Prioritized customer support

9.2 Payment and Billing

A) Payment Providers

iOS: Apple App Store In-App Purchase
Android: Google Play Store Billing
Management: RevenueCat subscription management

B) Stored Payment Information

Subscription status and type (active/inactive/cancelled)
RevenueCat Customer ID (anonymous identifier)
Purchase date and expiration date
Platform information (App Store/Google Play)
NOTE: Credit card information is not stored

C) Automatic Renewal

Subscriptions automatically renew
Use platform settings to cancel
Access continues after cancellation until the end of the current term

9.3 Refund and Cancellation Policy

Refund requests are subject to Apple/Google policies
Premium features are removed after the cancellation period expires
Data is retained after cancellation (unless account is deleted)

10. Children’s Privacy and Age Limit

10.1 Age Policy

Medicine Tracker is not intended for children under 13 years of age
For users aged 13-18 Parental/Guardian Consent Required
Age Verification is Provided at Registration

10.2 Children’s Data Protection

We do not knowingly collect personal information from users under the age of 13
Detected child accounts are immediately deleted
Parent/Guardian can request deletion of their data
COPPA (Children’s Online Privacy Protection Act) compliant

10.3 Parental Controls

Parents can view their child’s account data
Right to request data deletion
Contact: child-privacy@medicinetracker.app

11. International Data Transfer

11.1 Data Storage Locations

Your data may be stored on servers in the following countries and regions:

A) Primary Data Centers

European Union: GDPR-compliant data centers
United States: Privacy Shield and Adequacy Decision compliant
Turkey: Compliant with local data protection laws

B) Security Measures

All International transfers are encrypted.
Standard Contractual Clauses (SCC) are used.
Countries with adequacy decisions are preferred.
The principle of data minimization is applied.

11.2 Transfer Reasons

Service continuity: Global user experience
Backup: Data loss prevention
Performance: Use of CDN for fast access
Compliance: Compliance with different country laws

12. Multi-Language Support and Localization

12.1 Supported Languages

Medicine Tracker is available in the following languages:

Turkish (tr): Native language, full localization
English (en): International language, full support
Spanish (es): Latin America and Spain support
Chinese (zh): Simplified Chinese
Russian (ru): Eastern Europe and Russia support
Hindi (hi): Indian subcontinent Support

12.2 Automatic Language Detection

Automatic language selection based on the device’s system language
Manual language change upon user request
Multilingual support for privacy policy and legal texts
Notifications and reminders in the selected language

12.3 Localization Scope

All user interface texts
Error messages and system notifications
Premium subscription descriptions
Privacy settings and consent messages
Medication reminder messages

13. Data Breach and Security Incidents

13.1 Data Breach Protocol

A) Detection and Assessment (0-24 hours)

Security breach detection systems
Domain and data type analysis
Risk level assessment
Emergency response team activated

B) Legal Notifications (24-72 hours)

Notification to KVKK within 72 hours
Notification to GDPR authorities
Other relevant data protection authorities

C) User Notification (If necessary)

Email notification in case of high risk
In-app security alert
Guide to precautions to be taken
Customer service support line

13.2 Preventive Security Measures

24/7 security monitoring
Penetration testing (twice a year)
Vulnerability scanning (weekly)
Employee security training
Incident response plan updates

13.3 Post-Breach Corrective Actions

Closing the security vulnerability
Hardening of affected systems
User password reset (if necessary)
Independent security audit
Improvement plan implementation

14. Policy Changes and Updates

14.1 Update Process

A) Change Types

Minor update: Description corrections, formatting improvements
Major update: New data collection, change of processing purposes
Critical update: Legal requirement, security updates#### B) Notification Channels
Email notification: To all registered users
In-app pop-up: Upon next login
Push notification: For important changes
Website announcement: In the docs/PRIVACY_POLICY.md file

A) Automatic Acceptance

Acceptance if continued application use for minor updates
Right to object within 30 days

New data collection categories
Third-party sharing changes
Change of basic processing purposes
Tracking consent changes

C) Opt-out Options

Decline to accept policy changes
Account deletion and data export
Partial acceptance (if possible)

14.3 Version Tracking

Each update receives a date and version number
Change log documentation
Archiving of previous versions

15. Contact and Support

15.1 Data Protection and Privacy Contact

A) Official Contact Channels

Data Protection Officer: privacy@medicinetracker.app
General Support: hakantozkoparan0@gmail.com
Children’s Privacy: child-privacy@medicinetracker.app
Security Incidents: security@medicinetracker.app

B) Response Times

General inquiries: Within 7 business days
KVKK/GDPR requests: Within 30 days (legal requirement)
Security incidents: Within 24 hours
Children’s privacy: Within 48 hours

15.2 Official Complaint Bodies

A) Turkey

Personal Data Protection Authority (KVKK)
Website: https://www.kvkk.gov.tr
Email: kvkk@kvkk.gov.tr
Phone: 0312 216 50 50

B) European Union

Data Protection Authority of the relevant country
European Data Protection Board (EDPB)
Website: https://edpb.europa.eu

C) Other Countries

Data protection authority of the relevant country
Local consumer protection agencies

15.3 Technical Support and Assistance

In-app: Profile → Contact → Support Request
Email: support@medicinetracker.app
Premium users: Priority support line
FAQ and Help: Detailed guides in the docs/ folder

16. Legal Compliance and Certifications

16.1 Complied Laws