Account Deletion

Last updated: May 12, 2026

You can permanently delete your MedVault account and all associated health data at any time. This page explains the two ways to do that — directly inside the app, or by submitting a request to us if you no longer have access to the app — and exactly what gets deleted, what gets retained, and on what timeline.

Before you delete: Account deletion is permanent and cannot be undone after the 30-day grace period. If you want to keep a copy of your health records, export them as PDF from the app first (Settings → Export My Data) before starting deletion.

1. Delete Your Account From Inside the App

This is the fastest way and works on both iPhone and Android. Your request is processed automatically — no waiting for support.

Open the MedVault app and sign in.
Tap the Profile tab in the bottom navigation.
Tap Settings (gear icon).
Scroll to the Privacy & Security section.
Tap Delete My Account (shown in red).
Read the confirmation warning, then tap Delete Account to confirm.
You will be signed out immediately and your account enters the 30-day deletion window.

2. Request Deletion If You Cannot Access the App

If you have uninstalled the app, lost your phone, or otherwise cannot sign in to delete your account from inside the app, contact us directly. We will verify your identity and process the deletion within 30 days of receiving your request.

Send a deletion request via either channel:

Email: dpo@medvault-health.com with the subject line "Account Deletion Request"
WhatsApp: +92 324 456 5313

Please include the following so we can verify the request is from you:

The phone number registered to your MedVault account (the number you used to sign up)
The full name on the account
Your country of registration
A clear statement that you want your account and all data permanently deleted

We will respond within 5 business days to confirm receipt, complete identity verification (we may ask you to confirm a one-time code sent to the registered phone number), and then process the deletion. The full deletion is completed within 30 days of verified request.

3. What Gets Deleted

When your account is deleted, the following data is permanently removed from our systems within 30 days:

Your account profile (name, phone number, date of birth, gender, country)
All uploaded lab reports (original images and PDFs) stored on Cloudflare R2
All parsed health data (test values, reference ranges, AI-generated explanations)
All family member profiles you created and their associated health data
All medications you added
All active share links — these are revoked immediately on deletion request, so doctors can no longer view your records
Your AI chat history and health summaries
Your device tokens and notification preferences
Your subscription and payment method records (excluding the financial transaction records we are required to retain — see below)

4. What We Retain (and Why)

A small amount of data is retained after account deletion, only for the specific reasons listed below. None of this retained data is your identifiable health information.

Audit logs (12 months): Append-only records of data-access events — timestamp, action type, IP address, user agent. Retained for security investigation and breach response, as described in our Privacy Policy. Automatically purged after 12 months.
Revoked share-link tokens: The hashed token record is kept after revocation, but the linked health data is inaccessible. This lets us prove a token was properly revoked if a doctor reports they cannot access a record.
Financial transaction records: Payment transaction IDs, amounts, and dates for any subscriptions or microtransactions are retained to comply with Pakistan's tax and financial record-keeping requirements (typically 6 years). These contain no health data.
De-identified aggregate analytics: Counts of how many users uploaded a report on a given day, app crash reports without user identifiers, etc. These cannot be linked back to you.

5. Timeline

Immediately on request: Your account is signed out on all devices. All share links are revoked. Your data becomes inaccessible to you and to anyone you previously shared with.
Within 30 days: All data listed in section 3 is permanently deleted from production databases and file storage.
Within 60 days: Backups containing your data are rotated out per our backup retention policy. After this point, recovery is not possible even with database backups.

6. Can I Reactivate or Recover My Account?

No. Once you confirm account deletion (either in-app or by email/WhatsApp request), the process is final. There is no reactivation window. If you change your mind, you can create a new account with the same phone number — but none of your previous reports or health history will be available.

If you only want to take a break, you can simply sign out and uninstall the app. Your data remains intact until you actively request deletion, and you can sign back in at any time.

7. Family Members and Shared Data

When you delete your account:

Family member profiles you created are deleted with your account. The family members themselves are not contacted — they were profiles under your management, not separate users.
If you were sharing your records with a doctor or family member via a share link, those links are revoked. The recipient will no longer see your data.
If someone else added you as a family member under their account, that is a separate copy of data under their control. To have that copy deleted, contact them or, if they are unreachable, contact our DPO (see section 8) with details and we will investigate.

8. Contact & Questions

If your deletion request is not processed within 30 days, or if you have questions about what data we hold or have retained:

Data Protection Officer: dpo@medvault-health.com
WhatsApp: +92 324 456 5313
General privacy questions: privacy@medvault-health.com

For full details on how we handle health data, see our Privacy Policy.