SB-apps

MedZeit

Privacy Policy

Effective date: 3rd April 2026
Controller: Struijker Boudier, Netherlands
Contact: p.r.struijkerboudier[at]me.com

1. Scope

This Privacy Policy describes how Struijker Boudier (“we”, “us”) processes personal data when you use the MedZeit iOS application (“App”) and our website.

2. Data we process

Depending on how you use MedZeit, we may process:

  • Account data: email address and authentication identifiers when you create or sign in to an account (for example via Firebase Authentication).
  • App content: time entries, categories, notes, settings (rates, work week, achievements configuration), and similar data you enter.
  • Device and technical data: app version, device type, and diagnostic data as needed for security and reliability.
  • Purchase data: subscription or one-time purchase status via Apple; we do not receive your full payment card details.
  • Optional AI: if you add a Google Gemini API key in Settings, requests you initiate may send relevant portions of your data to Google’s AI services under Google’s terms—only when you use that feature.
  • Notifications: if you enable reminders, the system schedules local notifications per your settings; we do not need to read your entries to show “time to review” style prompts.

3. Purposes and legal bases (GDPR)

Where the GDPR applies, we rely on:

  • Contract — providing the App, account, sync, and backup features you request.
  • Legitimate interests — securing the Services, preventing abuse, and improving stability (balanced against your rights).
  • Consent — where required (for example optional notifications or optional AI features), which you may withdraw in the App or device settings.
  • Legal obligation — if we must retain or disclose data to comply with law.

4. Storage, sync, and processors

MedZeit may store data on your device and, when you use cloud features, with providers such as Google Firebase / Firestore (or successor services) for authentication and encrypted sync. We configure services to protect your data in transit and at rest where applicable. A current list of sub-processors may be provided on request.

5. Retention

We retain personal data as long as your account is active and as needed to provide the Services. After you delete your account or data (where the App offers deletion), we delete or anonymize data within a reasonable period, subject to backup cycles and legal retention requirements.

6. Your rights

Depending on your location, you may have the right to access, rectify, erase, restrict processing, object, or port your data, and to lodge a complaint with a supervisory authority. Contact p.r.struijkerboudier[at]me.com. You can also export or clear data from within the App where those features are available.

7. International transfers

If data is processed outside your country (for example on cloud infrastructure in the United States or EU), we use appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms where required.

8. Children

MedZeit is not directed at children under 16 (or the age required in your jurisdiction). We do not knowingly collect personal data from children.

9. Security

We implement technical and organizational measures appropriate to the risk. No method of transmission or storage is 100% secure; use the App’s security features and protect your device and Apple ID.

10. Changes

We may update this Policy and will post the new version with an updated effective date. Material changes will be communicated as required by law.

11. Contact

Privacy questions: p.r.struijkerboudier[at]me.com.