Privacy Policy

Your Data, Your Device

LUCI is designed with privacy as a core principle. All your health data is stored locally on your device using secure storage mechanisms. Your symptoms, assessments, journal entries, and health information never leave your device unless you explicitly choose to share them.

Data Storage & Security

• Local Storage: All health data is stored on your device using AsyncStorage and Secure Store (for sensitive information requiring encryption).
• No Cloud Sync: Currently, LUCI does not sync your data to cloud servers. Your data exists only on this device.
• Encryption: Sensitive health information is encrypted at rest using expo-secure-store with device-level security.
• Backup: You can export your data anytime via the Clinical Summary or Data Export features. We recommend periodic backups as data is not automatically backed up to cloud services.

What Data We Collect

LUCI collects and stores only the information you provide:

• Personal health profile (age, conditions, medications)
• Symptom logs and tracking data
• Clinical assessment responses (PHQ-9, GAD-7, PSQI, MRS, STRAW-10, FRAX, ACES, SDoH)
• Vital signs (blood pressure, pulse)
• Journal entries and mood check-ins
• Wellness activity tracking
• Menstrual cycle data (if applicable)

What We Don't Do

• We don't sell your data to third parties
• We don't share your health information without your consent
• We don't use tracking pixels or behavioral advertising
• We don't require account creation or email collection
• We don't access your data remotely

Data Sharing

You control all data sharing. LUCI provides tools to share your Clinical Summary with healthcare providers:

• Share via standard system share dialog (text, email, etc.)
• Generate QR codes for in-office visits
• Export data as JSON for personal records

All sharing is explicit and initiated by you. We never share data automatically.

Data Deletion

You can delete your data anytime:

• Individual entries can be deleted within the app
• Complete data deletion: uninstall the app
• Clear app data via device settings

Important: Since data is stored locally, deletion is permanent. We recommend exporting important health records before deletion.

Third-Party Services

LUCI uses the following third-party libraries that may access device features:

• React Native / Expo SDK - App framework
• AsyncStorage - Local data storage
• Expo Secure Store - Encrypted storage
• Expo Notifications - Local notification scheduling
• Expo Sharing - System share dialog

None of these services transmit your health data to external servers.

Legal Compliance

HIPAA: LUCI is designed for personal use and is not currently a HIPAA-covered entity. If you share data with healthcare providers, ensure compliance with your local healthcare privacy regulations.

Medical Device: LUCI is a wellness and health tracking tool, not a medical device. It is not FDA-approved for diagnosis or treatment of medical conditions.

Contact & Questions

For privacy questions or concerns: privacy@navidayhealth.com

Changes to This Policy

We may update this privacy policy as LUCI evolves. Material changes will be communicated through app updates. Continued use of the app after changes constitutes acceptance of the updated policy.