Trust, Security & Privacy
This page is maintained by the MediCura team to answer common security and privacy questions about the app. It describes practices currently in place and is not an independent certification.
Access & authentication
MediCura requires every user to sign in before viewing bills, prescriptions, or reminders. We support email/password and Google sign-in. Sessions are managed by our authentication provider and expire automatically.
Data isolation
Every bill, medication, and uploaded file is scoped to the account that created it. Database row-level security policies ensure one user cannot read or modify another user's records. Uploaded files are stored in per-user folders.
Encryption
All traffic between your browser and MediCura is encrypted in transit over HTTPS. Data at rest is stored by our managed backend provider.
AI & third-party processing
Bill parsing, medication suggestions, and the chat assistant send relevant content to AI providers through a managed gateway to generate responses. We do not sell your data. Outbound email (for billing-office review requests) is delivered by our transactional email provider and only sent when you initiate it.
Your controls
You can delete individual bills, medications, and reminders from within the app at any time. To request full account deletion or a copy of your data, contact us.
Disclaimers
MediCura is a personal organization tool and does not provide medical, legal, or billing advice. AI-generated summaries can contain mistakes — always confirm charges with your provider and dosing with your pharmacist or doctor.
Contact
Security or privacy questions? Reach the maintainer through the app's support channels.