VerifyDrugLabel
Privacy

Your privacy, plainly stated.

This is the real privacy policy, written in plain English. No lawyer-speak buried 12 scrolls down.

What we collect

  • Your email address (for sign-in).
  • A password hash (bcrypt — we can't read your password).
  • Your accessibility preferences (font size, high-contrast, TTS speed).
  • The medicines you save to your history — the NDC code + the text extracted from the label. We never save an image of the bottle.
  • An audit log of security events (login, logout, delete) with a hashed version of your email. No cleartext identifiers.

What we don't collect

  • We don't save scanned images. When you point the camera at an NDC on a bottle, a box, or a pharmacy receipt, the image goes to our server just long enough to extract the NDC string — then it's discarded. Never written to disk, never cached, never logged. The extracted NDC is the only thing we keep, and only if you tap Save.
  • We don't track you. No third-party analytics, no advertising pixels, no fingerprinting. No Google Analytics, no Meta pixels.
  • We don't share with third parties. Your saved medications are visible only to you. Nobody at Duskfield Studios reads them for marketing, analytics, or any other purpose.

How we store it

  • Encryption in transit: every request is HTTPS. We never accept plain HTTP.
  • Encryption at rest: our database runs on managed PostgreSQL with encrypted storage.
  • Minimum data: we only keep what's needed to power the features you use.
  • Access control: you can only see your own data. Even when you're logged in, every API call is scoped to your user ID.
  • Token expiry: your sign-in token expires automatically. Logging out revokes it server-side.

Your controls

  • Export: download every row we have about you as a JSON file at any time.
  • Delete individual scans: from the My Scans page.
  • Delete your entire account: one click and everything goes — your profile, your preferences, your saved medicines. We keep the security audit log (with your email already hashed) for 90 days to protect against fraud, then it's purged.

Important honesty about HIPAA

VerifyDrugLabel is a consumer accessibility app, not a healthcare provider, insurer, or clearinghouse. We're not a "covered entity" under HIPAA, and HIPAA does not apply to consumer apps that patients voluntarily put their own information into.

That said, we build the app like HIPAA did apply — because the technical safeguards are just good privacy hygiene and they prepare us if we ever partner with a provider in the future.

If you're a healthcare provider looking to integrate VerifyDrugLabel, reach out — we'd want a Business Associate Agreement (BAA) in place before any protected health information flowed through us.

Questions or concerns

Email privacy@duskfieldstudios.com and a real human will reply.

Last updated: April 19, 2026.

← Back to the app