Privacy
Privacy policy
Last updated: June 2026 · Effective: June 2026
This policy explains how Onubot collects, uses, shares, protects, and deletes your information across the Onubot mobile app and website. It applies to all Onubot users.
Who we are
Onubot("we", "us", "our") is operated by Anchorblock. We are the controller responsible for your data. For any privacy question or request, contact our privacy point of contact at info@onubot.app.
Information we collect
We collect only what we need to provide the assistant. Items marked sensitive receive additional protection and are governed by your consent choice.
Account & contact data
Name, email address, and (optionally) phone number. If you sign in with Google, we receive your name, email, and profile photo from your Google account.
Health & conversation content
SensitiveSymptoms you describe, questions you ask, medication and lab values you share, and the assistant's replies. This is sensitive health information and is only stored if you grant patient-data consent.
Photos & documents (camera / files)
SensitiveImages of lab reports, prescriptions, or medication packs that you scan or upload so the assistant can read them. Stored only with consent; otherwise processed in-memory and discarded after the session.
Voice input (microphone)
SensitiveAudio is captured only while you are actively dictating to the assistant, converted to text to answer you, and not retained as audio.
Payment information
If you make a payment, it is processed by the EPS payment gateway (which supports bKash, Nagad, and cards) on its own hosted page. We receive a confirmation of payment but do not collect or store your full card or wallet credentials.
Device & usage analytics
App version, device type, crash logs, and anonymized feature-usage events used to keep the app stable. No personal health information is attached to analytics.
App permissions and why we ask
The Onubot app requests these permissions. Each is used only for the purpose below, and you can deny or revoke any of them in your device settings.
Camera
To scan lab reports, prescriptions, and medication labels. Used only when you open the scanner.
Microphone
To let you speak to the assistant instead of typing. Active only while you are dictating.
Notifications
To send medication reminders, follow-ups, and important account or beta updates.
Internet / network
To process your questions and securely sync data you have consented to store.
How we use your information
- To provide the assistant: understand your questions, read documents you share, and generate answers and next steps.
- To personalize and improve the features you actually use (only when you have granted patient-data consent).
- To send transactional messages (account, security, reminders, beta updates) and, only if you opted in, product announcements.
- To investigate bugs, abuse, and safety issues, using the minimum data needed.
We never sell your data, we don't use your health information for advertising, and we don't train shared models on your conversations.
What changes if you decline consent
You don't lose access to Onubot, but you do lose the bits that make it noticeably better than a one-shot search. Here's a side-by-side:
| Feature | With consent | Without consent |
|---|---|---|
| Quick symptom triage | Tailored to your history | Generic, single-turn answers only |
| Correct Assistant | Available, learns from corrections you make | Disabled, requires stored history |
| Document & lab scans | Saved for re-reference and follow-up questions | Processed in-memory; deleted after the session |
| Medication tracking | Reminders + interaction warnings across visits | Single-session lookups only |
| Specialist recommendations | Personalized by past concerns | Available, but not personalized |
Heads up: the Correct Assistant specifically requires stored history. Without consent, follow-up corrections won't carry over, you'll be re-introducing yourself to the assistant every session.
How we share data
We do not sell your personal or health data. We share data only with the service providers (sub-processors) needed to run Onubot, each bound by confidentiality and permitted to use it solely to provide their service to us:
- Google Firebase — authentication and, with your consent, encrypted record storage
- Google Sign-In — optional login
- AI model providers — process your questions to generate answers; bound by confidentiality and not permitted to train shared models on your data
- Vercel & Vercel Blob — website hosting and file/asset storage
- Resend — transactional email
- EPS payment gateway — processing payments (via bKash, Nagad, and cards)
We may also disclose data if required by law or to protect the safety of our users, and we may transfer data as part of a merger or acquisition, in which case we'll notify you first.
How we protect your data
Stored health records are encrypted at rest and in transit (TLS). Access is restricted to authorized personnel on a need-to-know basis, and we apply the principle of data minimization, collecting and retaining only what each feature requires.
Data retention & deletion
We keep your data only as long as your account is active or as needed to provide the service. Conversation content and documents are retained only with your consent and can be deleted from inside the app at any time.
Delete your account or data: You can request deletion of your account and all associated data in three ways:
- On the web: use our account & data deletion request page.
- In the app: Settings → Account → Delete my data, or revoke patient-data consent to purge stored records.
- By email: write to info@onubot.app with the subject "Data deletion request".
We complete deletion within 30 days, except where we are legally required to retain certain records.
Sensitive health data
Onubot handles health information you provide. We never use this data to make, or to help anyone make, decisions about employment, insurance eligibility, or credit, and we never post it publicly or share it for social purposes. Health data is used only to provide the assistant to you.
Children's privacy
Onubot is intended for adults (18+) and is not directed to children. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.
Your rights
You can request access, correction, export, or deletion of your data at any time, and you can withdraw consent without losing real-time answers. Email info@onubot.app and we'll respond within seven days.
Where your data is processed
Onubot is built for Bangladesh first. Your data may be processed on servers operated by our sub-processors outside your country, always under appropriate safeguards.
Changes to this policy
We may update this policy as the product evolves. We'll revise the "Last updated" date above and, for material changes, notify you in the app or by email before the change takes effect.
Disclaimer
Onubot is for informational purposes only and is not a substitute for professional medical advice, diagnosis, or treatment. Always consult a qualified clinician for medical decisions.
Questions about anything above? Get in touch →