Privacy Policy

Last Updated: January 10, 2026

Introduction

Lilac ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website.

Information We Collect

We collect information that you provide directly to us and information collected automatically when you use our services:

  • Personal Information: Name, email address, phone number, date of birth
  • Health Information: Medical history, medications, health metrics, lab results
  • Usage Data: App interactions, features used, session duration
  • Device Information: Device type, operating system, unique device identifiers

Health Data We Collect

Our app collects and processes the following types of health data to provide our services:

  • Medications: Names, dosages, schedules, and adherence tracking
  • Blood Pressure: Systolic and diastolic measurements
  • Blood Glucose: Glucose levels and measurement context
  • Heart Rate: Heart rate measurements in beats per minute
  • Weight: Body weight measurements
  • Steps: Daily step count and physical activity
  • Sleep: Sleep duration and quality
  • Lab Results: Laboratory test results and reference ranges

Health Platform Integration

Our app integrates with device health platforms to provide a comprehensive health experience:

  • Google Health Connect (Android): We request permission to read and write Steps, Heart Rate, Weight, Blood Pressure, and Blood Glucose data
  • Apple HealthKit (iOS): We request permission to read and write Steps, Heart Rate, Weight, Blood Pressure, Blood Glucose, and Oxygen Saturation data
  • All health platform access requires your explicit permission. You can revoke access at any time through your device settings
  • Data from health platforms is synced to provide unified health tracking and may be shared with your connected healthcare providers

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our healthcare services
  • Display your health data for personal tracking and monitoring
  • Send medication reminders and health task notifications
  • Share health data with healthcare providers you explicitly connect with
  • Communicate with you about appointments, medications, and health updates
  • Analyze usage patterns to improve user experience
  • Comply with legal obligations and protect our rights

How We Do NOT Use Your Data

We are committed to protecting your health data:

  • We do NOT sell your personal or health data to third parties
  • We do NOT use your health data for advertising purposes
  • We do NOT share your health data with third parties except healthcare providers you connect with

Information Sharing

We do not sell your personal information. We may share your information with healthcare providers you choose to connect with, service providers who assist in our operations, and when required by law or to protect our rights.

Data Storage

Your health data is stored securely:

  • Local Storage: Health data is stored locally on your device using encrypted SQLite database for offline access
  • Cloud Sync: When you enable sync, data is stored on secure cloud servers with 256-bit encryption
  • Data Retention: Your data is retained while your account is active. Health records may be retained as required by medical record retention laws

Data Security

We implement industry-standard security measures including 256-bit encryption, secure data centers, and regular security audits. All health data is stored in HIPAA-compliant environments.

Your Rights

You have the right to:

  • Access your personal data and request a copy
  • Correct inaccurate or incomplete data
  • Request deletion of your data
  • Export your data in a portable format
  • Revoke health platform permissions at any time through device settings

Data Deletion

You can delete your account and all associated data:

  • In-App Deletion: Go to Settings > Account > Delete Account
  • Email Request: Send a deletion request to privacy@lilac.health
  • Deletion Timeline: Your data will be deleted within 30 days of your request
  • Some data may be retained for legal compliance as required by healthcare regulations

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@lilac.health