top of page

Privacy Policy

Effective Date: January 12, 2026

Last Updated: January 12, 2026

Data Controller: Dev AI LTD, Bulgaria

1. Introduction

Welcome to MEDVBA. Dev AI LTD (“we,” “us,” or “our”), located at Bogdan Voivoda, № 1, Ruse 7002, Bulgaria, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Information We Collect

We collect data to provide a personalized medical learning experience:

  • Account Information: Name, email address, and profile picture provided during registration.

  • Study & Progress Data: Quiz scores, completion rates, study streaks, leaderboard rankings, and topics studied.

  • AI Tutor Interactions: Text queries submitted to the AI Medical Tutor. These are processed to provide educational responses.

  • Video Call & Live Study Metadata: If you use our Live Study Rooms or Zoom integration, we process connection metadata (time, duration). We do not record or store the audio or video content of your calls.

  • Technical & Device Data: IP address, device type, operating system, and app version to ensure stability and security.

3. How We Use Your Information

We process your data based on the necessity to perform our contract with you or our legitimate interests:

  • To personalize your anatomy learning path and track progress.

  • To generate AI-powered explanations for medical queries.

  • To maintain global and group leaderboards.

  • To process subscriptions and manage in-app purchases.

  • To monitor and improve app performance and security.

4. Third-Party Services & AI Processing

We do not sell your personal data. To provide our services, we share data with the following "Sub-processors" who are bound by strict data protection agreements:

  • Supabase: For secure authentication, database management, and file storage.

  • RevenueCat: For managing subscriptions and in-app purchase validation.

  • AI Models: Data sent to AI models is stripped of direct personal identifiers where possible and is used solely to generate educational content.

  • Zoom: Facilitated for live sessions; subject to Zoom’s privacy terms.

5. Data Security

As a medical-focused application, data integrity is our priority:

  • Encryption: We use industry-standard SSL/TLS encryption for data in transit and at rest.

  • Access Control: Access to personal data is restricted to authorized personnel on a "need-to-know" basis.

  • Monitoring: We perform regular logging and monitoring to detect and prevent unauthorized access.

6. Your Rights (GDPR Compliance)

If you are in the European Union (or regions with similar laws), you have the following rights:

  • Right of Access & Portability: Request a copy of your data in a structured format.

  • Right to Rectification: Update or correct inaccurate profile information.

  • Right to Erasure ("Right to be Forgotten"): Request deletion of your account and data via app settings or our deletion page.

  • Right to Restriction/Objection: Object to processing for marketing or specific legitimate interests.

To exercise these rights, please contact us at contact@devaieood.com.

7. Data Retention

We retain your study data as long as your account is active.

  • Inactivity: If an account remains inactive for more than 24 months, we reserve the right to anonymize or delete the associated data.

  • Legal Obligations: Some data may be retained longer if required for accounting or legal regulatory reasons.

8. Children’s Privacy

MEDVBA is designed for medical students and healthcare professionals. We do not knowingly collect data from individuals under the age of 16. If we discover we have collected data from a minor without parental consent, we will delete it immediately.

9. Contact Us

For any questions regarding this policy or to reach our Data Protection Officer:

Dev AI LTD Bogdan Voivoda, № 1

Ruse 7002, Bulgaria

Email: contact@devaieood.com

bottom of page