Doselio is a personal organizing tool for medication and wellness records — a place to keep your medications, doses, symptoms, sleep, appointments, providers, pharmacies, and insurance information so that check-in at a medical visit is faster and your records stay accurate. Doselio does not provide medical advice, diagnose, or recommend treatments.

• Everything you enter into Doselio is stored in your browser only.
• We do not have a database of users. We do not have your medications, symptoms, or any other data you enter.
• Doselio makes no outbound network requests with your health data. No analytics, no trackers, no third-party integrations.
• The only logs that exist are standard web server logs (IP address, request path, user-agent) collected by our hosting provider when you load the app. These contain no health information.
• You can export everything you have entered as JSON, and you can permanently delete it, from Settings.

None on our side.Doselio is a static web application. Information you type into the app — medications, doses, symptoms, sleep, appointments, providers, pharmacies, insurance, devices, contacts, profile details, and any other field — is written to your browser's localStorage. It never leaves your device through any code we wrote.

This means we cannot read your data, restore it if you lose it, sync it across devices, or share it with anyone. It also means no one we work with can access it either.

When your browser loads the app, it makes ordinary web requests to our hosting provider (Cloudflare) to download the page, scripts, fonts, and images. These requests include your IP address, user-agent string, and the path you are visiting — this is how the web works. No health-related content is included in those requests.

We do not embed third-party scripts, advertising pixels, analytics, error reporters, A/B testing tools, fingerprinting libraries, social-media widgets, or chat widgets. Fonts are downloaded from Google Fonts at build time and served from our own infrastructure — your browser does not contact Google when you use the app.

Cloudflare, who hosts the application, retains standard request logs (IP, timestamp, path, status code, user-agent) as part of serving the site. Doselio runs no server-side application code — it is published as static files, so there is no backend that receives or processes the information you enter. These edge request logs contain no health data — only infrastructure metadata about web requests. They are retained according to Cloudflare's own retention policies and are not linked to any account, because Doselio has no accounts.

Doselio does not set any tracking or advertising cookies. Doselio uses localStorage to store the data you enter into the app — this is strictly necessary for the application to function and is not used for analytics or tracking.

Because we do not hold your data, requests that would normally be directed to us — access, correction, deletion, portability — you exercise yourself directly inside the app:

• Access & portability: Settings → Export data downloads a complete JSON snapshot of every store on this device.
• Correction: edit any record directly in the app.
• Deletion: Settings → Delete all data removes every Doselio entry from this browser. The deletion is immediate and cannot be undone by us, because we never had a copy.

Doselio is not directed at children under 13. We do not knowingly collect data from anyone, so we cannot knowingly collect data from children. If a parent or guardian is using Doselio to track a minor's medications, the data sits locally on that device and is the parent's responsibility to safeguard.

The U.S. Federal Trade Commission's Health Breach Notification Rule (16 CFR Part 318) applies to certain consumer health applications. Because Doselio does not store your health information on any server we control, the scenarios in which a notifiable breach could occur are limited to a compromise of the deployed application itself (for example, malicious code injected into the published site that could read localStorage). If we discover such an incident, we will publish a notice on this site and at the app home page within 60 days and report to the FTC where required.

Doselio is not a HIPAA covered entity or business associate. HIPAA generally regulates healthcare providers, plans, and clearinghouses; consumer-direct tracking tools entered into voluntarily by individuals are typically outside its scope. This does not reduce our commitment to keeping your data on your device.

Doselio is served over HTTPS. Data is stored in localStorage in plain JSON; the browser does not encrypt this storage at rest by default. If you use this app on a shared device, anyone with access to your browser profile can read your entries. We recommend using operating-system disk encryption (BitLocker, FileVault, LUKS, or equivalent) and a screen lock.

Because your data never leaves your device through our code, there is no cross-border transfer of your data by us. Routine web requests to load the application are served by Cloudflare's global network and may be answered from a data center closer to you.

If we change this policy in a way that affects how we handle your data, we will update the "Last updated" date at the top and, where appropriate, surface a notice in the app. If we ever introduce an opt-in feature that would cause data to leave your device, we will require explicit in-app consent before any data is sent.

Questions about this policy can be sent to privacy@doselio.com.