Version: v1.1
Effective Date: June 27, 2026
Required for App Function
These data flows are necessary to provide the Services:
What We Share
Email, authentication credentials
- Category of Provider
- Authentication services
- Why
- Account login and security
What We Share
Health tracking data
- Category of Provider
- Cloud infrastructure, sync services
- Why
- Data storage and multi-device sync
What We Share
Device push tokens, notification content
- Category of Provider
- Push notification services
- Why
- Deliver reminders
What We Share
Purchase receipts, subscription status
- Category of Provider
- Subscription services, app stores
- Why
- Verify purchases and entitlements
What We Share
Error logs, crash data
- Category of Provider
- Error monitoring services
- Why
- Fix bugs and maintain stability
What We Share
Supplement lookup requests, barcode/product identifiers, selected nutrition/product matches
- Category of Provider
- Nutrition data providers
- Why
- Return supplement and nutrition lookup results
Optional (Your Choice)
These data flows only occur if you opt in:
What We Share
Usage events, feature interactions
- Category of Provider
- Analytics services
- Why
- Improve product
- Your Control
- Settings > Privacy
What We Share
Session recordings (masked)
- Category of Provider
- User experience services
- Why
- Debug issues
- Your Control
- Settings > Privacy
User-Initiated (When You Use Features)
What We Share
Report-specific health data subset, prompts, generated outputs, report artifacts, provider metadata, and Doserly-curated reference/citation content
- Category of Provider
- OpenAI
- Why
- Generate AI reports and retrieve approved Doserly guide/citation content
- Your Control
- Only after you review the AI report disclosure and allow the report request
What We Share
Exported data
- Category of Provider
- Your chosen destination
- Why
- Export/share features
- Your Control
- You initiate export
Supplement and nutrition lookup requests are initiated by your use of those features. When you use supplement lookup, Doserly may query third-party nutrition data providers, including FatSecret and Open Food Facts, with the lookup input needed to return matches.
AI report requests are initiated by your use of AI report features. Before Doserly sends report data to OpenAI, Doserly asks you to allow that processing. The AI report request may include medications, supplements or compounds, dosing and adherence logs, symptoms, lab and bloodwork values, correlations, active cycles or protocols, selected report sections, report-window metadata, prompts, generated outputs, provider identifiers, usage metadata, and relevant Doserly-curated reference/citation content. Doserly does not intentionally send your account email address or profile name to OpenAI for AI report generation, but user-entered text such as protocol titles, notes, lab names, or custom goal text may be included if relevant to the report.
On-Device Only (Not Shared)
Data
Images for text recognition (OCR)
- Processing
- On-device ML
- Sent to External Servers?
- No
Data
Biometric authentication data
- Processing
- Device secure enclave
- Sent to External Servers?
- No
Data
Local encryption keys
- Processing
- Device keychain
- Sent to External Servers?
- No
Aggregate Analysis (Internal)
We perform de-identified, aggregate statistical analysis on health data internally to identify trends, improve the Services, and generate population-level insights. This analysis:
- Is conducted on our own infrastructure — aggregate health data is not shared with third parties
- Contains no personal identifiers (no names, emails, user IDs, or other information that could identify you)
- Uses only statistical summaries (counts, averages, distributions), never individual records
See our Privacy Policy and Consumer Health Data Notice for details on our de-identification practices.
We Never Sell Your Data
We do not sell your personal information or health data to:
- Data brokers
- Advertisers
- Marketing companies
- Any third party for their own commercial purposes
Provider Information
Examples of provider categories that may receive data when you use optional or feature-driven workflows include:
- OpenAI for AI-generated reports and Doserly-curated guide/citation retrieval
- nutrition data providers for supplement lookup
- analytics providers if you opt in to analytics
- communications providers for notifications and transactional messaging
For a current list of specific service providers, contact privacy@doserly.com. We will respond within 30 days.