Privacy Policy

Last updated: March 23, 2026

Introduction

SignOut ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our secure messaging platform designed for healthcare professionals.

Information We Collect

Personal Information

When you register or use our service, we may collect:

Email address and contact information
Name and professional credentials for verification
Profile information you choose to provide

Technical Information

We may collect:

Device type, operating system, and app version
IP address and general location (country/region)
Usage data (feature usage, session duration)
Crash logs and performance diagnostics

Verification Data

To verify healthcare professional status, we may collect:

Professional credentials (e.g., institution, role)
Verification status and timestamps

Message Content and Health Data

SignOut allows users to send and receive messages that may contain health-related information, including Protected Health Information (PHI), as part of normal app usage.

Handling of Health Data

Collection: Health data is provided directly by users when they send messages.
Transmission: Health data is transmitted between users through our service.
Processing: Health data is processed only to the extent necessary to deliver messages between users.
Storage: Messages are stored in encrypted form temporarily to enable delivery and synchronization across devices.
Retention: Encrypted message data is automatically deleted after a limited period (up to 60 days).
Access: SignOut cannot access, read, or decrypt message content at any time due to end-to-end encryption.

Usage of Health Data

Health data is used solely for delivering messages between users.
Health data is not used for analytics, advertising, profiling, or any secondary purposes.
Health data is not shared with third parties.

SignOut does not collect or store health data in readable form and does not have access to message content.

Summary of Health Data Handling

Users may share health data within messages
Data is encrypted end-to-end
Data is temporarily stored in encrypted form
Data is automatically deleted after up to 60 days
Data is never accessible to SignOut
Data is never used beyond message delivery

Data We Do Not Collect

We do not collect or process:

Readable message content
Unencrypted health or medical data
Health data for analytics, advertising, or profiling
Sensitive personal data beyond what is required for account creation and verification

All sensitive communication remains encrypted and inaccessible to us.

Automatically Collected Information

We may automatically collect:

Device identifiers
Log data (access times, app events)
Diagnostic and crash data

This data is used only to operate, secure, and improve the service.

How We Use Your Information

We use the information we collect to:

Provide, maintain, and secure the service
Verify healthcare professionals
Improve performance and fix bugs
Communicate service updates
Ensure security and prevent misuse
Comply with legal obligations

Third-Party Services

We may use trusted third-party providers, including:

Google Play Services (app distribution and updates)
Analytics and crash reporting tools
Cloud hosting and authentication services

These providers process only necessary technical data under strict data protection obligations. We do not share message content with any third party.

Data Security

We use industry-standard safeguards to protect your data.

End-to-End Encryption: Message content is encrypted and cannot be accessed by SignOut.

Data Retention

We retain data only as necessary:

Messages: Automatically deleted after up to 60 days
Account data: Retained while account is active
Logs and analytics: Retained up to 90 days
Verification records: Retained as required for service integrity

Retention Summary

Messages → up to 60 days
Logs → up to 90 days
Account data → until account deletion
Deletion requests → completed within 30 days

Account Deletion and Data Removal

You can request deletion of your account at any time by:

Using the in-app deletion feature, or
Emailing support@getsignout.com

When your account is deleted:

Your personal data and profile are permanently removed
Verification data is deleted unless legally required
Data is removed or anonymized within up to 30 days

Message content is not retained in readable form and is automatically deleted after expiry.

Some limited data (e.g., security logs) may be temporarily retained where required for legal or security purposes.

Information Sharing

We do not sell your personal data.

We may share data only:

When required by law
To protect safety and security
With your consent
With trusted service providers under strict agreements

Your Rights

You may:

Access your data
Correct inaccurate data
Request deletion
Opt out of non-essential communications

To exercise your rights, contact us at support@getsignout.com.

International Data Transfers

Your data may be processed in the United States or other countries where our providers operate. We take appropriate safeguards to protect your data.

Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect data from children.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date.

Contact Us

If you have questions about this Privacy Policy, contact:

Privacy Officer
Email: support@getsignout.com
Subject: Privacy Policy Inquiry