ddigest

Privacy Policy

Last updated: 16 May 2026

ddigest is a medical-research digest app for practicing doctors in India, built and operated by doctor context (sole proprietor, India). This policy describes exactly what we collect, why, where it lives, and what we do not do.

What we collect

What we do not collect

How we use your data

We do not sell, rent, or share any of the above with third parties for advertising, marketing, or profiling.

Where your data lives

All server-side data is stored in a Postgres database hosted on Fly.io in their bom(Mumbai) region. The database is reachable only over Fly’s private network — it has no public IP address.

OTPs are delivered via MSG91, an Indian SMS gateway that processes only your phone number and the short-lived OTP. MSG91 receives no other personal data from us.

Article metadata and abstracts displayed in the feed are sourced from PubMed and medRxiv — both public scientific databases. We do not send any user data to either.

Each card is classified for relevance and sub-specialty by Anthropic’s Claude model. We send only the public paper title, abstract, journal, and author-affiliation string to the classifier — never any user-identifying information.

Data retention and deletion

Your account and its data persist until you ask us to delete them. To delete your account, email adhyan2095@gmail.com from the phone-associated mailbox or include the phone number used to register. We will permanently remove your account row, preferences, and action history within 30 days. Hashed OTP request rows expire automatically (10-minute TTL).

Children

ddigest is intended for licensed medical practitioners. It is not designed for and is not knowingly used by anyone under 18.

Security

All traffic between the app and our API is encrypted in transit via HTTPS (TLS 1.2+). JWTs are signed with HS256 using a server-side secret that is rotatable. OTPs are stored as one-way hashes.

About this website

This site (the page you are reading) uses Vercel Web Analytics to measure aggregate traffic — how many people visit which page, from which country, on roughly what kind of device. It is cookieless, does not use any cross-site or cross-session identifier, and does not build a profile of you. It cannot identify you personally and cannot be linked back to your ddigest account. No data from the iOS app feeds into it.

Changes to this policy

If we materially change what we collect or how we use it, we will update the "Last updated" date above and notify you in-app before the change takes effect.

Contact

Questions about this policy or your data: adhyan2095@gmail.com.