Privacy Policy

1. Who we are

MedThink is operated by Njurition AB, a company registered in Sweden, acting as the data controller. For any privacy-related question, request, or complaint, contact us at privacy@medthink.tech. The supervisory authority for Sweden is Integritetsskyddsmyndigheten (IMY). You have the right to lodge a complaint with IMY at any time.

2. What data we process

• Account data: email, authentication identifiers, display name, avatar (if provided).
• Health-related data (special category, GDPR Art. 9): cognitive test results (reaction time, sustained attention, digit span), self-rated mood, energy, stress, sleep, caffeine, meals, supplements, workouts, free-text notes, and the contents of your chats with the in-app assistant.
• Technical data: IP address and user agent — used only to populate the audit log so you can review who accessed your account.

3. Why we process it, and on what legal basis

• Providing the service (account, tracking, results): GDPR Art. 6(1)(b) — performance of a contract with you.
• Processing health-related data: GDPR Art. 9(2)(a) — your explicit consent, given at signup and withdrawable at any time. Withdrawing this consent means we can no longer operate the app for you and your account will be closed on request.
• Audit logs & account security: GDPR Art. 6(1)(f) — our legitimate interest in protecting the service against unauthorised access.
• Product development & improvement: GDPR Art. 6(1)(a) — a separate, optional consent which is off by default. You can grant or withdraw it any time in your account settings.

4. How we use your data — plainly

• Delivering the service. When you use AI features (chat assistant, extraction, insights), the data needed for the response is sent to third-party AI processors (OpenAI, Google) acting as our data processors under a Data Processing Agreement. They process the data only to answer your request and do not train their models on your data. This applies on every plan, including MedThink Private — it is the only way the AI features can work.
• Developing & improving MedThink. We may use patterns from user data to refine cognitive baselines, validate experiment templates, and improve the assistant. On the free plan you consent to this at signup. On MedThink Private, this is off by default and you control it from settings.
• We do not sell your data.
• We do not share your data with advertising networks or data brokers.
• We do not train third-party AI models on your identifiable health data without a separate, explicit opt-in. If we ever offer this, it will be off by default and clearly labelled.

5. Recipients & processors

• Lovable Cloud (managed Supabase) — hosting, database, authentication, storage.
• Lovable AI Gateway → OpenAI & Google — the in-app chat assistant and AI-powered extraction. Your messages and the data needed for the response are sent to these third-party AI processors so they can generate a response. They act as data processors on our behalf and do not train their models on your data.
• Paddle.com — Merchant of Record for paid plans. Paddle processes payment and billing data (name, email, billing address, payment method, transactions, tax) as an independent controller for tax/financial-compliance purposes. See Paddle's Privacy Notice.
• Withings — only if you connect your Withings account; used to import sleep and activity data.
• PubMed / NCBI E-utilities — public research lookups. No personal data is sent.

6. International transfers

Some of the processors listed above may transfer personal data outside the European Economic Area. Where this happens, we rely on the European Commission's Standard Contractual Clauses and any additional safeguards required by a Transfer Impact Assessment.

7. Retention

We keep your data for as long as your account exists. When you delete your account, all rows associated with you are removed immediately and irreversibly, including chat history, tracked values, test results, and audit logs. Backups are pruned on the host's standard schedule.

8. Your rights under the GDPR

You have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), objection (Art. 21), and not to be subject to solely automated decisions producing legal or similarly significant effects (Art. 22). You may also withdraw any consent at any time — withdrawal is as easy as giving consent and does not affect the lawfulness of processing before withdrawal. Use the controls below to exercise access, portability, and erasure directly:

If you believe we have mishandled your data, you can lodge a complaint with Integritetsskyddsmyndigheten (IMY).

9. Automated decision-making

MedThink does not make solely-automated decisions that produce legal or similarly significant effects. The in-app assistant and experiment results are informational and intended to support — not replace — your own judgement. Nothing in the app is medical advice.

10. Audit log

MedThink records significant events on your account — sign-ins, data exports, deletions — including timestamp, action, resource, and the IP address the request came from. You can review your own audit log via the "View access logs" button above. Audit entries are append-only and cannot be edited from the client.

11. Breach notification

If we discover a personal data breach, we will notify IMY without undue delay and, where feasible, within 72 hours of becoming aware (GDPR Art. 33). Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay (GDPR Art. 34).

12. Changes to this policy

This policy is versioned. When we make a material change we will bump the version number and re-prompt you for consent the next time you sign in. The current version is shown at the top of this page.