User Data Governance Policy – MDFlow Applications

1. Purpose and Scope

This policy outlines the responsibilities and standards for the access, collection, processing, use, and sharing of user data within MDFlow’s applications. It applies to all personal, sensitive, and health-related information (PHI) processed by the application and its integrated services.

2. Data Transparency and Accountability

MDFlow’s app developers must ensure full transparency about how they access, collect, use, and share user data. Personal and sensitive user data may include personally identifiable information, financial or payment data, authentication credentials, contact lists, call/SMS logs, device location, microphone, camera, protected health data (PHI), app usage, and device identifiers. We limit collection and use strictly to the features and services that users expect, ensure secure transmission (e.g., HTTPS), and request runtime permissions as needed. We do not sell personal or sensitive data.

Disclosures must be clear, accessible, and written in user-friendly language.

• All practices must comply with applicable privacy laws (e.g., HIPAA, GDPR, PIPEDA) based on the operating jurisdictions.
• Special care must be taken when handling health-related data, symptoms, medical history, or any biometric data that could identify a patient or user.

3. Third-Party Code and Vendor Compliance

Developers are responsible for ensuring that all third-party SDKs, APIs, or services integrated into their app (e.g., for analytics, storage, or communication) comply with this policy and applicable health data protection standards. We ensure any embedded SDKs comply with our data handling practices. Upon request, we will provide proof of user disclosure and consent mechanisms.

• No third party may collect, use, or sell health data for unauthorized purposes, including advertising.
• Third-party processors must sign Business Associate Agreements (BAAs) or equivalent legal contracts where required.

4. Handling of Personal, Sensitive, and Health Data

Sensitive data may include medical records, symptoms, treatments, prescriptions, biometric data, geolocation, and contact information.

Developers must:

• Minimize data collection to what is strictly necessary.
• Secure all data transmissions and storage using encryption (e.g., TLS/HTTPS, AES).
• Use runtime permissions before accessing any data protected by platform permissions (e.g., health sensors, camera, microphone).
• Prohibit the sale or unauthorized transfer of any sensitive or health-related data.
• Ensure data integrity and auditability, especially when used for clinical decision-making or diagnostics.

5. Consent and Prominent Disclosure

Sensitive use cases such as handling financial information, contacts, persistent identifiers, and child-directed services are subject to specific restrictions. Data must not be published or linked inappropriately and must be disclosed clearly.

Whenever personal or health data is collected, a clear, in-app disclosure must explain:

• What data is being accessed and/or collected
• Why it's being collected
• How it will be used
• Whether it will be shared (and with whom)
• Consent must be explicit and require affirmative user action (e.g., checkbox or confirmation button) and freely given
• Consent must be obtained before any collection or processing. It must not use auto-dismissing or expiring messages as a means of obtaining user consent; and must be granted by the user before the app can begin to collect or access the personal and sensitive user data
• Background collection or passive tracking must be prominently disclosed

Example:“MDFlow collects heart rate and activity data to help monitor patient recovery progress even when the app is not actively used. This data is securely shared with your care provider.”

6. Privacy Policy and Data Safety Label

All apps must include a publicly accessible privacy policy, clearly labeled and consistent with in-app practices. It must disclose data collection, usage, sharing, retention, security, and developer contact information. All developers must accurately complete the Data Safety section in the Play Console, aligned with the app’s privacy policy.

All apps must:

• Provide a publicly accessible privacy policy (not geofenced or in PDF format).
• Detail in the policy:
• Data types collected
• Purpose of use
• Third parties involved
• Retention periods
• Deletion processes
• Contact information for privacy concerns
• Maintain an up-to-date Data Safety section that matches actual app practices and disclosures

7. Special Requirements

• Medical Device Integration: Apps connected to medical devices must follow regulatory protocols for device data transmission (e.g., FDA, MDR).
• Child Patients: Apps involving minors must comply with COPPA, GDPR-K, or equivalent local laws. Use of third-party SDKs must be carefully vetted.
• Financial and Insurance Data: Must not be publicly exposed and should be encrypted and stored securely.
• Persistent Identifiers: Only use when medically justified (e.g., linking data across sessions), with user awareness and disclosure.

8. User Rights: Access, Deletion, and Portability

If the app allows user account creation, users must be able to delete their account and associated data both in-app and via a website. If data is retained for legal reasons, this must be disclosed.

Users must have the ability to:

• Request and receive a copy of their health data.
• Correct inaccuracies.
• Delete their data and account (unless retained for legal reasons).
• App must provide both in-app and online options for account and data deletion.

9. Use of App Set ID or Identifiers

The App Set ID must not be used for ad personalization or linked to other identifiers. Its use must be disclosed and consent obtained where necessary:

• App Set ID and similar identifiers must not be used for advertising or tracking.
• Must not be linked to other identifiers or PHI.
• Usage must be disclosed in the privacy policy and subject to consent if required.

10. International Data Transfers

MDFlow currently does not handle data outside the US. If the app would handle data from the EU, UK, or Switzerland, developers must:

• Comply with GDPR, Data Privacy Frameworks, and local regulations.
• Limit access to only what is necessary and aligned with user consent.
• Notify relevant authorities in case of a breach or inability to maintain protection standards.

11. Enforcement and Audit

Developers must maintain logs and audit trails where required and be prepared to provide documentation to regulators or platform providers (e.g., Google Play, App Store) demonstrating compliance with this policy.