Privacy Policy

At MedRewards, we treat patient data with the same care we expect from our own doctors. This Privacy Policy explains what we collect, how we use it, and the choices you have. 1. Data we collect When you join a clinic's loyalty programme via MedRewards, we collect: your name, email, phone number (optional), date of birth (optional), the points and rewards you earn or redeem, and your membership tier within that clinic. 2. How we use your data Your data is used solely to operate the loyalty programme of the clinic you joined: to award points for healthy behaviour, to send you membership notifications, to display your digital membership card, and to enable family-account linking and referrals you initiate. 3. Tenant isolation MedRewards is a multi-tenant platform. Each clinic's patient data is isolated and is never shared across clinics. Your participation in one clinic's programme does not create an account in any other. 4. Third parties We use vetted cloud providers for hosting, object storage (for logos and card designs) and Google sign-in (only if you choose it). We do not sell your data, ever. 5. Your rights You have the right to access, correct or delete the data we hold about you. Email hello@medrewards.app or contact your clinic directly to exercise these rights. 6. Children Family-account features allow a parent to manage a child's records. The parent is responsible for that consent. 7. Changes We may update this policy as the platform evolves. Significant changes will be communicated by email or in-app notification. Contact: hello@medrewards.app