Privacy Policy
Last Updated: March 16, 2026
1. Introduction
Welcome to MedFile.one ("we," "our," or "us"). We are committed to protecting your privacy and handling your medical information with the utmost care and security. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and join our waitlist.
MedFile.one is designed as a local-first medical records management platform that stores all medical data exclusively on your device. We cannot access your medical records, passwords, or encrypted data.
2. Zero-Knowledge Architecture: What We Can and Cannot Access
Our Zero-Knowledge Promise
MedFile.one operates on a zero-knowledge architecture. This means we have designed our system so that we physically cannot access your sensitive medical information. Your data remains encrypted and under your control at all times.
Data We CANNOT Access (Zero-Knowledge):
- Your Medical Records: We cannot see, read, or access any of your medical files, documents, images, or health information
- Your Password: We cannot see or recover your account password. It is encrypted and never transmitted to our servers
- Encrypted Data: All medical data is encrypted on your device before any potential transmission, and we cannot decrypt it
- File Contents: We cannot view the contents of any files you store in MedFile.one
- Search Terms: We cannot see what you search for within your medical records
Data We CAN Access (Limited to Essential Operations):
- Account Information: Your name and email address for account management
- Payment Information: Encrypted payment details processed through secure payment processors (we never see full credit card numbers)
- Serial Number: A unique, anonymous identifier assigned to your account for license verification
- Account Status: Whether your account is active, expired, or suspended
3. HIPAA Compliance Enforced by Design
MedFile.one embeds HIPAA safeguards directly into the code, making data access technically impossible except by authorized users.:
- Local Encryption: All medical data is encrypted on your device using your password (which we never see)
- No Medical Data Storage: We do not have servers that store your medical records
- End-to-End Encryption: If you choose to share records, they are encrypted before leaving your device and can only be decrypted by the intended recipient
- Password Isolation: Your password never leaves your device in a form we can read
- No Analytics: We do not collect any usage data or analytics
- Minimal Server Contact: Only serial number verification during installation
4. Information We Collect
4.1 Waitlist Information
When you join our waitlist, we collect:
- Your full name
- Email address
- User type (patient, healthcare professional, caregiver, or other)
4.2 Account Information (Upon Launch)
When you create a MedFile.one account, we will store:
- Your name
- Email address
- Anonymous serial number (for license verification only)
- Account creation date and subscription status
4.3 Payment Information
We use secure, PCI-compliant payment processors. We only receive:
- Confirmation of payment success/failure
- Last 4 digits of credit card (for your reference only)
- Billing period and subscription type
We never receive or store full credit card numbers, CVV codes, or full bank account information.
4.4 What We NEVER Collect
- Your medical records or health information
- Your account password or encryption keys
- The contents of files you store in MedFile.one
- Diagnoses, medications, or treatment information
- Doctor's notes or lab results content
- Usage analytics or behavior tracking
- Device information or IP addresses (beyond basic web analytics)
5. How We Use Your Information
We use the limited information we have access to for:
- Account creation and management
- License verification via serial number
- Processing payments through secure third-party processors
- Sending important service notifications
- Providing customer support
- Complying with legal obligations
We cannot use your medical information because we don't have access to it. Our architecture makes this technically impossible.
6. Data Storage Architecture
6.1 Medical Records Storage
Your medical records are stored exclusively on your device(s):
- Encrypted using AES-256 encryption
- Encryption keys are derived from your password (which we never see)
- No unencrypted medical data is ever transmitted to our servers
- All processing (search, organization, tagging) happens locally
- Once installed, software works completely offline
6.2 Account Information Storage
Your account information (name, email, serial number) is stored on secure, encrypted servers separate from any medical data.
6.3 Server Minimalism
Our servers have only one function related to the software:
- Serial number verification during installation
- No medical data storage
- No analytics collection
- No ongoing connections after installation
7. Your Data, Your Control
Because of our zero-knowledge architecture:
- You control who sees your medical information
- You control what gets shared and with whom
- We cannot recover your password if lost (by design, for your security)
- We cannot access your medical records even if required by law (we don't have the encryption keys)
- You can delete your account and all associated data at any time
- Your data remains accessible even if our servers are offline
- Termination only affects new installations, not existing software
Important User Responsibility
Since we cannot access your data, you are solely responsible for:
- Backing up your medical records
- Remembering your password (we cannot reset it)
- Securing your devices where medical data is stored
- Managing data sharing with healthcare providers
8. Contact Us
If you have questions about our privacy practices or data access limitations:
Email: hello@medfile.one
Important Note: Due to our zero-knowledge architecture, we cannot access your medical records to assist with support requests about specific file contents. We can only help with account, billing, installation, and general technical issues.
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last Updated" date
- For significant changes, sending an email notification
Your continued use of our services after changes constitutes acceptance of the updated Privacy Policy.