← Back to home

Privacy Policy

Last updated: March 28, 2026

1. Introduction

Medalyn ("we," "our," or "us") is operated by Cassini Design Group. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and related services (collectively, the "Service").

2. Information We Collect

We may collect the following types of information:

  • Account Information: name, email address, and authentication credentials.
  • Health Information: symptoms, medications, vitals, and other health data you choose to enter.
  • Usage Data: how you interact with the Service, including pages viewed and features used.
  • Device Information: browser type, operating system, and device identifiers.

3. How We Use Your Information

  • To provide, maintain, and improve the Service.
  • To personalize your experience and deliver AI-powered health insights.
  • To communicate with you about updates, support, and service-related notices.
  • To ensure the security and integrity of the Service.

4. Data Sharing & Disclosure

We do not sell your personal information. We may share data with trusted service providers who assist in operating the Service, or when required by law. All third-party providers are bound by confidentiality obligations.

5. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit and at rest. However, no method of electronic transmission or storage is 100% secure.

6. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us. Where applicable, you may also have the right to data portability and to withdraw consent.

7. CCPA — California Privacy Rights

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it is used.
  • Delete your personal information (available in your profile settings or by contacting us).
  • Opt out of the sale of personal information. We do not sell your data.
  • Non-discrimination for exercising your privacy rights.

To exercise any of these rights, use the account deletion feature in your profile or contact us at samira@cassinidesigngroup.com. We respond within 45 days as required by the CCPA.

8. GDPR — European Privacy Rights

If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights under the General Data Protection Regulation:

  • Access: Request a copy of your personal data (use the "Download my data" feature in your profile).
  • Rectification: Correct inaccurate personal data via your profile settings.
  • Erasure: Request deletion of your data (use the "Delete my account" feature in your profile).
  • Data portability: Export your data in a machine-readable format (JSON).
  • Restriction: Request that we limit processing of your data.
  • Objection: Object to processing of your data for specific purposes.

Legal basis for processing: We process your data based on your consent (account creation) and legitimate interest (providing the Service). You may withdraw consent at any time by deleting your account.

Data controller: Cassini Design Group LLC, contact: samira@cassinidesigngroup.com. We respond to all GDPR requests within 30 days.

9. Cookie Policy

Medalyn uses only essential cookies required for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No consent is required for essential cookies under GDPR, but we inform you of their use via a banner on first visit.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at samira@cassinidesigngroup.com.