Privacy Policy

Last updated: May 15, 2026

MedDex ("we," "our," or "us") operates the MedDex website at meddex.polsia.app and the MedDex iOS application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

We collect the following categories of information:

Data Type	What We Collect	Purpose
Email Address	Provided when you sign up, use the search gate, or enter your email on any form	Account identification, welcome and follow-up emails, subscription management
Search Queries	ICD-10 code lookups and natural-language searches	Providing search results, improving search quality
Usage Data	Pages visited, features used, timestamps, referrer URLs	Analytics, product improvement, understanding usage patterns
Device Information	Browser type, operating system, screen resolution (anonymized)	Optimizing the Service for different devices
Payment Information	Processed entirely by Stripe — we never see or store card numbers	Subscription billing (web only — not available in iOS app)

What we do NOT collect: We do not collect precise location data, contacts, photos, health records, financial information beyond what Stripe processes for subscriptions, or any data from other apps on your device.

2. How We Use Your Information

• Provide, operate, and improve the ICD-10 code search Service
• Process subscriptions and payments (via Stripe, web platform only)
• Send account-related emails: welcome email upon sign-up, and a single follow-up email 24 hours later
• Analyze anonymized usage patterns to improve search quality and user experience
• Detect and prevent bot traffic and fraudulent activity
• Comply with legal obligations

3. Third-Party Services

We use the following third-party services to operate MedDex:

Service	Purpose	Data Shared	Platform
Neon (PostgreSQL)	Database hosting	All stored data (emails, search queries, analytics events)	Web + iOS
Postmark	Transactional email delivery	Email addresses, email content	Web + iOS
Stripe	Payment processing	Email address, payment details (handled by Stripe directly)	Web only
Meta Pixel (Facebook)	Marketing attribution and analytics	Page views, conversion events, anonymized browsing data	Web only — NOT used in iOS app
Render	Application hosting	Server logs, request metadata	Web + iOS

iOS App Note: The MedDex iOS app does NOT include Meta Pixel, Facebook SDK, or any third-party advertising or tracking frameworks. Analytics in the iOS app are limited to anonymized, first-party usage data stored in our own database.

4. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We share data only with the service providers listed above, strictly for the purposes described. We may also disclose data if required by law, court order, or governmental authority.

5. Medical Information

MedDex provides ICD-10-CM code lookup as a reference tool for healthcare professionals and medical billers. We do not store individual patient records or protected health information (PHI). Search queries are logged anonymously for quality improvement purposes only. MedDex is not a covered entity under HIPAA, and the Service is not intended for storing patient-identifiable health information.

6. Data Retention

• Email addresses: Retained for as long as your account is active or until you request deletion.
• Search queries: Retained in anonymized form indefinitely for product improvement.
• Analytics events: Retained for 2 years, then aggregated or deleted.
• Payment records: Retained as required by applicable financial regulations (typically 7 years for tax purposes).

You may request deletion of your personal data at any time by contacting us (see below). We will process deletion requests within 30 days.

7. Security

We implement industry-standard security measures to protect your information, including TLS encryption in transit and encrypted storage at rest via our database provider (Neon). All API communications use HTTPS. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Children's Privacy

The Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.

9. Cookies and Tracking Technologies

• localStorage: Used to maintain search counter state, email registration status, and user preferences. No personal data is stored in cookies.
• Meta Pixel (web only): Used on the website for marketing attribution. Tracks page views and conversion events. NOT loaded in the iOS app.
• First-party analytics: We record page views and search events in our own database with bot filtering. IP addresses are not stored.

You can clear localStorage in your browser settings. The iOS app does not use cookies or third-party tracking.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data ("right to be forgotten")
• Opt-out: Opt out of marketing emails by contacting us
• Portability: Request your data in a machine-readable format

To exercise any of these rights, email us at meddexapp@outlook.com. We will respond within 30 days.

11. California Privacy Rights (CCPA)

California residents have the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale of personal information. We do not sell personal information. To submit a CCPA request, contact us at the address below.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page with an updated "Last updated" date. Your continued use of the Service after such changes constitutes your acceptance of the updated policy.