Legal policy
How MEDIFILE.ME collects, uses, and protects your information while operating emergency medical ID cards and profiles.
Account details you provide (name, email, phone), shipping details for card orders, emergency contacts, physicians, emergency profile data, privacy settings, uploaded medical documents, scan logs, alert logs, and support/contact messages. Payment details are processed by payment providers; we receive payment status and transaction identifiers, not full card numbers.
Medical conditions, medications, allergies, blood type, medical documents, care preferences, and similar emergency profile fields may be health data. We only process this data when you explicitly consent and choose to add it to your profile. You can update visibility settings, remove documents, export your data, or delete your account from the dashboard.
We use data to create and manage your account, operate QR card scans, display public emergency information, protect PIN-only sections, send emergency alerts, fulfill card orders, provide support, prevent abuse, and maintain security logs.
We process account and order data to provide the service you request. We process health/emergency profile data based on your explicit consent. We process operational logs and anti-abuse data for security and legitimate operational needs. You may withdraw consent by deleting medical profile data or deleting your account.
We do not sell your data. We share information only with service providers who help run hosting, email delivery, payments, card fulfillment, backups, and support, or when required by law. These providers should only process data for agreed service purposes.
We use access controls, PIN-gated profile sections, upload limits, restricted document access, and audit-style privacy events for sensitive actions. Deleted accounts remove emergency profiles, contacts, physicians, privacy settings, document files, tags, scan logs, and alert logs tied to the account. Backups may retain copies for a limited backup cycle before expiry.
Safeguards include account login for editing, explicit consent before storing health profile data, per-section visibility controls, PIN-only access for sensitive sections, restricted document downloads, upload limits, time-limited password reset tokens, and audit-style records for sensitive actions such as consent updates, profile access, document downloads, exports, and deletion.
Depending on your location, you may request access, correction, deletion, restriction, objection, portability, and withdrawal of consent. Dashboard users can download a JSON data export and delete their account from Privacy & Data. For other requests, contact hello@medifile.me.
We use cookies and similar tools to keep the site working, manage login sessions, understand traffic, and improve your experience. You can disable cookies in your browser, but some features may not work properly.