Last updated: January 2026
At Salutis, we are committed to protecting your privacy and ensuring the security of your health data. This Privacy Policy explains how we collect, use, and protect your information when you use our desktop healthcare management application and optional online services.
Salutis is a Personal Health Record (PHR) application. It is NOT a medical device as defined by the EU Medical Device Regulation (MDR 2017/745). Salutis helps users organize and understand their health information, not diagnose, treat, or prevent medical conditions. AI-generated insights are provided for informational purposes only and do not constitute medical advice.
Personal Health Information: Your documents, lab results, notes, medications, and appointments are stored locally on your device in a vault. We do not upload or store your health files on our servers by default.
Account Information: If you create an account, we store basic account data (such as email and user ID) with our authentication provider (Firebase).
AI Feature Data (Optional): If you enable AI features, the data you choose to analyze is sent to our secure cloud proxy and processed by our AI provider (OpenAI). We also record limited usage metadata for rate limiting and service quality.
Local AI Model (Optional): Professional users can choose to run AI insights and chat on a local AI model (such as Ollama or LM Studio) hosted on their own machine. In this mode, that data is processed entirely on your device and is not sent to OpenAI or our servers. For accuracy reasons, lab report extraction always uses the secure cloud proxy (OpenAI) even when a local model is selected.
AI Assistant / Chat (Optional): When you use the conversational AI assistant, your messages, a summary of your health records, and the text of any documents you explicitly mention are sent to OpenAI to generate replies. Directly identifying personal data (such as names, fiscal codes, addresses, phone numbers and emails) is removed before sending, only the most recent conversation turns are transmitted, and we do not store the conversation content on our servers (only anonymous usage counts). Because health data is involved, the chat requires your explicit consent (GDPR Art. 9(2)(a)) before any data is sent, and you can withdraw that consent at any time from Account › Privacy. Data sent via the API is not used to train OpenAI's models. The assistant does not provide medical diagnosis or treatment and is not a substitute for professional medical advice.
Payments (Optional): Subscription payments are processed by Stripe. We do not store full payment details.
Website Analytics: On our website, we use Umami Analytics, a privacy-focused analytics tool that does not use cookies and does not collect personal data. Umami only tracks anonymous page views and basic usage patterns to help us improve our website experience.
We use account data to authenticate you and manage subscriptions. Optional AI data is used solely to provide the AI features you request. Website analytics from Umami are used only to understand general usage patterns and improve our website experience.
Salutis stores your files locally in a vault on your device. AES-256 vault encryption to protect files at rest is included on every plan at no extra cost. Data transmitted to online services is encrypted in transit.
We provide data export and deletion tools aligned with GDPR-style rights. You can export your data in JSON or as a full backup ZIP and delete local data at any time. Account deletion is available within the app.
Application: We use Firebase for authentication and subscription status, and Stripe for payments. Optional AI features use a secure cloud proxy and OpenAI to process the data you choose to analyze. Professional users may optionally route AI insights and chat to a local model on their own device instead, in which case no third-party AI provider is involved for that processing.
Website: Our website uses Umami Analytics for anonymous usage tracking. Umami is GDPR-compliant, does not use cookies, and does not collect personally identifiable information.
You have control over your data, including the right to export, delete, or modify your information at any time. Uninstalling the app removes local data, but your cloud account (if created) remains until you delete it in the app.
We may update this Privacy Policy from time to time. Any changes will be reflected in the application and on our website with an updated revision date.
If you have any questions about this Privacy Policy or our data practices, please contact us at volinodesign@gmail.com.