Plain English

Data Handling Statement

Last updated: 21 April 2026

A short, jargon-free summary of how your data is handled inside Myopia Focus. This page is designed to explain clearly and simply how your data is handled in practice. The Privacy Policy covers the same ground in more formal terms.

Minimal by design

We collect only what is needed to run the app and track eye growth. We do not use analytics SDKs, advertising trackers, or marketing pixels.

You're in control

Your child's data is visible only to you and to a practitioner you have explicitly approved, or who has created the record as part of providing care. You can revoke access or delete the account at any time.

Research is opt-in

Anonymised data goes to our research dataset only when you switch it on, and we remove direct identifiers before it is included.

No data selling

We do not sell, rent, or share your personal data with marketers or third parties for advertising or commercial purposes.

What we hold for you

This is the information required to operate the app and provide its core functionality.

Your account — name, email, hashed password, optional country and town.
Your children's profiles — nickname, sex, month + year of birth, ethnicity / reference group.
Clinical measurements — axial length and refractive error per eye, dates, treatment notes.
Practitioner accounts — name, email, practice details and patient links (only for users in the practitioner role).

What we never hold

Photos of your child, biometric data or device location.
Camera frames from the live Vision Simulator — these stay on your device.
Plain-text passwords (we only store a one-way bcrypt hash).
Any third-party tracking identifiers or advertising IDs.

Practitioner access

A practitioner can only see a child's record if (a) the parent has approved a link request, or (b) the practitioner created that record as part of providing care. Either side can unlink at any time. Practitioner notes are visible to the practitioner who wrote them and to the parent who owns the child profile. Practitioner notes are controlled by the practitioner who created them.

Research dataset, in one paragraph

When you opt in, we copy a small subset of each measurement into a separate research table — year of birth (not the month), sex, ethnicity, country, axial length, refractive error, treatment type and date. Records are linked using a private, anonymous token per child so we can study growth over time without knowing which specific child a record belongs to. Names, emails, towns, exact birth dates, account IDs and free-text notes are never copied across.

Where it lives

Your data is stored in a PostgreSQL database hosted on Replit Deployments in the United States. This means data is stored outside the UK/EU. Password-reset emails are sent via SendGrid (also US-based). All connections to the platform are made over HTTPS.

Getting your data out (or deleting it)

You can view and edit everything you've added, directly in the app.
You can export a child's profile, measurement history and chart as a PDF from the Edit Child screen.
You can delete your account from Profile → Delete Account; this removes your account and all linked child profiles and measurements.
For anything else, email info@myopiafocus.org.