Privacy Policy

Effective: 1 May 2026 · Last updated: 1 May 2026

This privacy policy explains what information Wardly ("we", "us", "the app") collects when you use it, how that information is used, who it's shared with, and what rights you have over it.

If anything here is unclear, email mulgundsunil@gmail.com.

1. Who we are

Wardly is a clinical-notes app for hospital ward teams, built and maintained as an independent project by Sunil Mulgund. The app is distributed via Google Play and the web; the backend runs on Google Firebase.

2. What data we collect

We collect only the data needed to run the app. There is no advertising, no analytics tracking, no behavioural profiling.

Information you provide

• Account info: name, email address, and (for email/password sign-in) a salted password hash. We never see or store your password in plain text — that's handled by Firebase Authentication.
• Profile info: optional avatar emoji and specialty (e.g. "Cardiologist") if you fill them in.
• Clinical content: the ward names, patient names and bed numbers, notes, replies, and acknowledgements you create inside the app.
• Feedback: if you email us via the "Suggest a feature", "Give feedback" or "Report a bug" buttons in Profile, your email address and message reach us directly. The "Report a bug" template includes your app version and platform — these are technical fields, not personal data.

Information collected automatically

• Device push token (FCM): a per-device identifier from Firebase Cloud Messaging, used only to deliver push notifications about ward activity. Removed when you sign out.
• Sign-in metadata: account creation timestamp and last sign-in timestamp, surfaced back to you in Profile.
• App version, build number, OS platform: read by the app on-device and only sent to us when you choose to send a bug report (and only inside the email body you preview before sending).

What we do not collect

• Location.
• Contacts, photos, microphone, camera, calendar.
• Browsing or app-usage analytics.
• Advertising identifiers.
• Any biometric data.

3. How we use the data

• To create and authenticate your account.
• To show you and your teammates the wards, patients and notes inside your wards.
• To send push notifications when a teammate posts a note in a ward you've joined.
• To respond to feedback or bug reports you send us.
• To keep the app working — e.g. caching counts on a public metrics document so the landing page can show how many wards / users / notes exist.

We do not use your data for advertising, profiling, machine-learning training, or sale to third parties.

4. Who we share it with

Your clinical content (notes, patients, replies) is visible only to other members of the same ward — enforced at the database level by Firestore security rules. People who haven't joined your ward via its 5-digit code cannot read anything inside it.

The data passes through Google's infrastructure (Firebase Authentication, Cloud Firestore, Cloud Functions, Cloud Messaging) under Google's Firebase privacy terms. Google acts as our processor; we do not authorise them to use Wardly data for any purpose other than running the service.

We do not sell, rent, or trade any personal data to anyone, ever.

5. Where data is stored

Firestore data is hosted in Google Cloud's us-central1 region. By using the app, you consent to your data being processed in the United States (and, to the extent Google replicates internally, other Google regions).

6. How long we keep it

• Account: kept while your account exists. Delete your account from Profile → Danger zone → Delete account and your user record is removed immediately and permanently.
• Wards, patients, notes, replies: kept while the owning ward exists. When the ward owner taps Delete, the entire ward and everything inside it is permanently erased — there is no backup and no way to recover it.
• Push tokens: removed on sign-out and rotated periodically by the device.
• Recent-activity log (used by the public landing page): capped to the latest events; older entries roll off automatically.

7. Your rights

Regardless of where you live, you can:

• Access your data — most of it is visible to you inside the app.
• Correct your name / specialty / avatar from Profile → Edit profile.
• Export a copy by emailing mulgundsunil@gmail.com; we'll respond within 30 days.
• Delete your account from Profile → Danger zone, or by emailing us.
• Withdraw consent for push notifications by signing out (the device token is removed) or revoking notification permission in your phone's settings.

If you are a resident of the EU, UK, California, or another jurisdiction with data-protection laws, those laws apply to your data on Wardly, and the rights above satisfy GDPR/CCPA access & deletion requirements.

8. Security

• All traffic between your device and Firebase is encrypted in transit via TLS.
• Firebase encrypts data at rest.
• Authentication is handled by Firebase Authentication — passwords are never stored in plain text.
• Firestore security rules enforce that ward members can only see their own ward's content.
• The Android app disables Google Auto Backup and Samsung Smart Switch transfer of app data, so your local cache doesn't leak across devices on reinstall.

No system is perfectly secure. If you discover a vulnerability, please email mulgundsunil@gmail.com — we'll respond and credit responsible disclosures.

9. Children's privacy

Wardly is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you are a parent or guardian and believe your child has provided us with personal information, contact us and we'll delete it.

10. Changes to this policy

If we change this policy meaningfully, we'll update the "Last updated" date at the top and, where the change reduces your rights, post a notice in the app or email account holders. Continuing to use Wardly after the change means you accept the updated policy.

11. Contact

Questions about this policy or your data:

📧 mulgundsunil@gmail.com
Sunil Mulgund · Bengaluru, Karnataka, India