Last updated April 2026

Privacy Policy

MedScannr is built around one principle: your medical information belongs to you. Here's exactly how we handle it.

1. Information we collect

When you create a MedScannr account and build an emergency profile, we collect:

  • Account information — your name, email address, and authentication details provided through your identity provider (e.g. Google, or an organization SSO).
  • Profile information — the medical details you voluntarily enter, including conditions, allergies, medications, blood type, and emergency contacts.
  • Usage data — access events such as the date and time a QR code was scanned, whether public or PIN-protected data was requested, and masked network information used for security alerts.
  • Device and browser information — standard request metadata such as masked IP address and browser details collected automatically by our servers for security and debugging purposes.

We do not collect payment information directly. If billing is introduced, it will be handled by a compliant third-party payment processor.

2. How we use your information

We use the information we collect to:

  • Provide, operate, and improve the MedScannr service.
  • Display your emergency profile to people who scan your QR code, subject to your PIN settings.
  • Send you important service notices (account changes, security alerts). We do not send marketing email without your explicit opt-in.
  • Detect and prevent fraud, abuse, and security threats.
  • Comply with legal obligations.

We never sell your data to third parties, and we never use your medical information for advertising purposes.

3. Who can see your profile

Your emergency profile has three access tiers that you control:

  • Critical information (always visible) — shown to anyone who scans your QR code, no authentication required. You choose what goes in this tier.
  • Extended information (PIN-protected) — only visible to people who enter the PIN you set. You are responsible for sharing that PIN with trusted individuals such as your doctor or family members.
  • Owner-only information (signed-in access only) — sensitive fields such as insurance identifiers and physician contact details remain hidden from the public scan flow unless you explicitly opt specific fields into PIN-based sharing.

MedScannr staff do not access your profile content except when required to investigate a reported technical fault, and only with your consent or as required by law.

4. Data storage and security

Your data is stored on servers located within the United States. We apply industry-standard safeguards including encrypted connections (TLS), encrypted data at rest, access controls, audit logging, PIN verification controls, and regular security reviews.

MedScannr is not a HIPAA-covered entity, but we apply equivalent safeguards because the information you store is sensitive and deserves that level of care.

No system is completely immune to risk. If a breach occurs that affects your personal data, we will notify you and relevant authorities as required by applicable law.

5. Data retention

We retain your account and profile data for as long as your account is active. QR code access logs are retained for 12 months and then automatically purged. Security notifications remain visible in your dashboard until the related account data is deleted.

6. Your rights

Under applicable US state privacy laws (including the Utah Consumer Privacy Act), you may have the right to:

  • Know what personal data we hold about you and how it is used.
  • Access a copy of the personal data we have collected about you.
  • Correct inaccurate personal data.
  • Request deletion of your personal data.
  • Opt out of the sale of your personal data (we do not sell personal data).

You can permanently delete a profile from the dashboard by confirming the profile PIN and typing DELETE. That removes the profile, related medical items, access logs, and related alerts. To exercise any other privacy rights, contact us at privacy@medscannr.com. We will respond within 30 days.

7. Cookies

MedScannr uses a single session cookie to keep you signed in. We do not use advertising cookies, third-party tracking pixels, or analytics cookies that profile your behavior across other websites.

8. Children's privacy

MedScannr is not directed at children under 13. Parents and guardians may create and manage profiles on behalf of minors in their care. If you believe a child's data has been submitted without appropriate consent, contact us immediately and we will remove it promptly.

9. Third-party services

We use a small number of third-party service providers to operate MedScannr, including our hosting provider and identity provider. Each is contractually required to handle your data consistently with this policy. We do not embed third-party social media widgets or advertising networks in the application.

10. Changes to this policy

We may update this policy from time to time. We'll notify you of material changes by email or by displaying a notice in the application before the change takes effect. The "Last updated" date at the top of this page always reflects the most recent revision.

11. Contact

Questions or concerns about this policy? Reach us at:
privacy@medscannr.com