Privacy Policy

Legal

Last updated: February 13, 2026

Table of Contents

1. Information We Collect

We collect only the information necessary to provide DemTracker's cognitive health screening services. Here's exactly what we collect:

Account Information

  • Email address (used for account access and essential notifications)
  • Password (encrypted and never stored in plain text)
  • Account creation date and last login

Profile Information

  • For "Self" member: Age and sex (required for accurate screening)
  • Optional profile photo

Family Member Profiles

  • Name and relation (e.g., Mother, Father, Spouse)
  • Age and sex (required for accurate screening)
  • Optional fields: Known diseases, mobile number, postcode
  • Optional profile photo

Test Responses and Results

  • Binary responses only: Correct (1) or Incorrect (0) for each question
  • Test completion date and duration
  • Calculated probability scores and signal bands (low/medium/high)
  • Question categories answered correctly

Usage Data

  • Device type and browser information
  • Pages visited within DemTracker
  • Features used and interaction patterns (anonymized)
  • Error logs for troubleshooting

2. How We Use Your Information

We use your information solely to provide and improve DemTracker's services:

  • Provide screening services: Calculate probability scores based on test responses
  • Track trends over time: Compare results across multiple tests to identify patterns
  • Generate AI summaries: If enabled, create personalized insights comparing recent test results (using Azure OpenAI)
  • Improve the application: Analyze usage patterns to enhance features and fix bugs
  • Send essential notifications: Account security alerts and critical service updates (if opted in for email notifications)
  • Provide support: Respond to your questions and troubleshoot issues
đź’ˇ

Important: We never sell, rent, or share your personal data with third parties for marketing purposes. Your information is used exclusively to provide DemTracker's services.

3. Data Storage and Security

We take data security seriously and implement industry-standard protections:

  • Encrypted at rest: All database records are encrypted using AES-256 encryption
  • Encrypted in transit: All data transmission uses HTTPS/TLS 1.3 protocols
  • Secure cloud infrastructure: Hosted on secure, SOC 2 compliant cloud providers
  • Password protection: Passwords are hashed using bcrypt with salt
  • Regular security audits: Periodic vulnerability assessments and penetration testing
  • Access controls: Strict internal access policies with multi-factor authentication
  • Data backups: Regular automated backups with encrypted storage

4. What We Don't Store

⚠️

Privacy-First Design

This is critical: DemTracker is designed to maximize your privacy by never storing sensitive raw data.

Here's what we specifically DO NOT collect or store:

  • Raw test answers: We never store the actual text or content of answers to test questions. Only binary (correct/incorrect) results.
  • Free-text responses: No open-ended text input is stored anywhere in our system.
  • Audio or video recordings: We do not record, process, or store any multimedia content.
  • Detailed medical records: Beyond the optional "known diseases" field and screening scores, we store no health records.
  • Government identifiers: No social security numbers, driver's license numbers, or passport information.
  • Financial information: No payment details (DemTracker is completely free).
  • Precise location data: We never track GPS coordinates or detailed location.

This architecture ensures that even in the unlikely event of a data breach, the most sensitive information—actual test responses—simply doesn't exist in our systems.

5. Third-Party Services

DemTracker integrates with a limited number of third-party services to provide functionality:

Azure OpenAI (Optional)

  • Purpose: Generate AI-powered test summaries comparing recent results
  • Data shared: Aggregated test scores and signal bands (not raw answers)
  • Control: You can disable AI summaries in settings
  • Privacy: Microsoft Azure OpenAI enterprise agreement with data protection guarantees

Google OAuth (Optional)

  • Purpose: Allow sign-in with Google account
  • Data shared: Email address and basic profile (name, photo)
  • Control: Traditional email/password login also available

Analytics Services

  • Purpose: Understand usage patterns to improve features
  • Data shared: Anonymized page views, click events, session duration
  • Privacy: No personally identifiable information shared

Email Service Provider

  • Purpose: Send account notifications and password resets
  • Data shared: Email address only
  • Privacy: SOC 2 compliant provider with data processing agreement

5.1 Analytics & Cookies

We use Google Analytics to understand how visitors use our site. Google Analytics uses cookies to collect anonymous information such as:

  • Pages visited
  • Time spent on site
  • Browser and device information
  • Geographic location (city/country level)

You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

6. Your Rights

You have full control over your data. Your rights include:

  • Access your data: Request a copy of all data we store about you
  • Export your data: Download all test results and family member profiles in machine-readable format
  • Correct your data: Update inaccurate account or profile information
  • Delete your account: Permanently remove all your data from our systems (irreversible)
  • Opt out of AI summaries: Disable Azure OpenAI integration in settings
  • Opt out of emails: Unsubscribe from non-essential notifications (security alerts still sent)
  • Object to processing: Contact us to object to how we use your data

To exercise any of these rights, visit your account settings or contact us at support@demtracker.app. We'll respond within 30 days.

7. Children's Privacy

DemTracker is not intended for users under the age of 18. To create an account and administer tests, you must be at least 18 years old.

If you are adding a family member who is a minor (under 18), you confirm that:

  • You are the parent or legal guardian of the minor
  • You have obtained appropriate consent to administer screening tests
  • You understand you are responsible for the minor's data

If we discover that we have inadvertently collected information from a child under 18 without proper parental consent, we will delete that information as quickly as possible.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service features.

When we make material changes, we will:

  • Update the "Last updated" date at the top of this policy
  • Notify you via email (if you have opted in to notifications)
  • Display a prominent notice in the application
  • Require re-acceptance for significant changes

Your continued use of DemTracker after changes take effect constitutes acceptance of the updated policy. If you disagree with changes, you may delete your account.

9. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

Email:

support@demtracker.app

General Support:

support@demtracker.app

Contact Page:

Visit our contact form

We are committed to resolving any privacy concerns and will respond to all inquiries within 30 days.