MyHealthOS Privacy Policy
Your health records belong to you. Here's exactly what we store, access, and protect.
What we store
MyHealthOS stores account information (name, email), structured health metadata extracted from your documents (hospital, doctor, record type, date, biomarkers, AI-generated summaries), and references to where your original files live. We do not permanently store the raw contents of your emails or original document files on our servers.
Gmail access
If you connect Gmail, MyHealthOS requests read-only access (gmail.readonly) solely to find health-related attachments such as lab reports, prescriptions, and discharge summaries. We never send, delete, or modify your email.
Google Drive access
If you connect Google Drive, original files you upload or import are saved into a "MyHealthOS" folder inside your own Google Drive account — not on our servers. You retain full ownership and control of that folder at all times.
Data security
Your account data is stored in an encrypted, access-controlled database with row-level security, meaning only you can read or write your own records. Authentication is handled via Google OAuth and Supabase Auth.
Your control
You can disconnect Gmail or Google Drive at any time, delete individual records, and request deletion of your account and associated data.
Contact
Questions about this policy can be sent to the MyHealthOS team via the contact details on our website.