Merra

Privacy Policy

Last updated May 22, 2026

Introduction

Merra is a personal medication reminder and tracking app for iPhone, built by an independent developer. We help you remember your medications, log what you've taken, and look back on your routine over time.

This policy explains exactly what data Merra works with, where it lives, and the choices you have about it. We've kept it as plain as we could.

The short version: Merra is local-first. Your medication data lives on your iPhone. If you have iCloud enabled, it syncs through your own iCloud account — we don't operate any servers that store your personal information, and we don't have access to your iCloud data.

Information We Collect

There are three categories. Two of them never leave your device unless you choose otherwise; the third only flows out if you opt in.

1. Data you provide (stays on your device)

When you use Merra you can enter:

  • Medication information: names, dosages, forms (tablet, capsule, etc.), Rx numbers, pharmacies, prescribing doctors, notes, optional photos of the medication, color tags, quantity on hand, and expiration dates
  • Schedules and reminder settings: times of day, days of the week, refill alerts
  • Dose history: when you took, skipped, missed, or snoozed a dose, including optional notes, mood, side effects, and effectiveness ratings
  • Household profiles: names, relationships, optional profile photos, and permission levels for the people in your household
  • Emergency contacts: names, phone numbers, optional emails, relationships
  • Optional check-ins: symptom entries (with severity) and reflection notes about how you're feeling

This data is stored in a local SwiftData database on your device. It is not transmitted to Merra — we have no servers that would receive it.

2. Health data (with your permission, via Apple HealthKit)

Merra integrates with Apple Health, but only with your explicit permission and only for two specific exchanges:

  • Read access — Sleep Analysis. If you grant access, Merra reads your sleep data from Apple Health to show how rest correlates with your medication routine on the Insights page.
  • Write access — Medication Adherence. If you grant access, Merra can save your medication adherence logs to Apple Health so you can review your routine alongside your other health data.

Health data is governed by Apple's HealthKit framework. It never leaves your device unless you choose to back it up or export it. You can revoke either permission at any time in iOS Settings → Health → Data Access & Devices → Merra, or inside Merra in Settings → Privacy.

3. Anonymous analytics (only with your consent)

Merra uses PostHog for product analytics, and only when you've opted in. By default, analytics are off.

If you opt in, the following is sent to PostHog:

  • An anonymous device identifier assigned by the PostHog SDK
  • App events — for example: app opened, medication created (with form type only, never the name), dose taken / skipped / missed, onboarding step viewed, settings changed, error occurred (domain and code only)
  • Lifecycle and crash diagnostics bundled by the PostHog SDK so we can fix bugs

What is not sent:

  • No medication names, dosages, doctor or pharmacy details, photos, notes, or any other content from your medication list
  • No symptom or reflection text
  • No household member names or contact details
  • No advertising identifiers
  • No Apple Health data
  • No personally identifying information of any kind

We do not call PostHog's identify() API, so PostHog has no way to link the anonymous device identifier to you personally.

You can disable analytics at any time in Settings → Privacy. When you do, the SDK is reset and no further events are sent.

How We Use Information

We use the data above to:

  • Deliver medication reminders and run the schedules you set up
  • Show you your own adherence summaries, streaks, and insights — visible to you, on your device
  • Sync your data across your Apple devices through your iCloud account, if you have iCloud enabled
  • Improve the app based on anonymous usage patterns, if you've opted into analytics
  • Diagnose crashes and bugs

We do not use your data for advertising, profiling, or any commercial purpose beyond running the app. We do not sell your data, ever.

Where Your Data Lives

This is the heart of how Merra is built:

  • On your device. Your medications, schedules, dose history, household profiles, symptoms, reflections, and cached sleep summaries live in a local SwiftData store on your iPhone, protected by iOS file-system encryption when your device is locked.
  • In your iCloud (when iCloud is signed in). Apple's CloudKit framework syncs your data to your private iCloud database. This is your iCloud, controlled by your Apple ID, encrypted by Apple. Merra has no access to it. We cannot read it, hand it over, or recover it.
  • Merra's servers: none. We do not operate a backend that stores your personal data. The only outbound traffic from the app is (a) syncing to your own iCloud and (b) anonymous analytics to PostHog, if you've opted in.

Household Sharing

If you invite someone into your Merra household:

  • The invite is created and delivered through Apple's CKShare mechanism via the standard iOS share sheet (Messages, Mail, AirDrop, etc.)
  • The shared records live in your iCloud, and the invitee accesses them through Apple's standard iCloud sharing
  • Merra does not operate any server to relay, store, or broker shared data — it's a peer-to-peer flow through Apple's iCloud infrastructure
  • You can change a member's permission level or stop sharing at any time in Settings → Household

Third-Party Services

Apple (iCloud, CloudKit, HealthKit). Storage, sync, sharing, and health data are governed by Apple's Privacy Policy: https://www.apple.com/legal/privacy/. Apple controls how this data is encrypted, stored, and recovered.

PostHog Inc. (anonymous product analytics). Used only if you opt in. PostHog's privacy policy: https://posthog.com/privacy. The anonymous device identifier we send cannot be used by PostHog to identify you personally, because we never call their identify() API. Events are sent to PostHog's US region (us.i.posthog.com).

That's the full list of third parties. Merra does not include advertising SDKs, attribution SDKs, or any other tracking.

Your Rights & Choices

You are in control of your data at all times:

  • View your data. Everything is accessible directly in the app.
  • Export your data. Use Settings → Backup → Export Backup. This produces a JSON file containing your medications, schedules, dose history, household profiles, symptoms, reflections, and sleep summaries that you can save, share, or import on another device.
  • Delete your data. Use Settings → Privacy → Delete All Data. This securely wipes your local store, clears your iOS Keychain entries, deletes your iCloud copy via CloudKit, and resets all preferences. After the wipe, the app returns to onboarding as if it were freshly installed.
  • Toggle analytics. Settings → Privacy. Off by default.
  • Manage HealthKit permissions. Settings → Privacy in Merra, or iOS Settings → Health → Data Access & Devices → Merra.
  • Manage household access. Settings → Household → Manage Members.
  • Optional encryption. Merra offers AES-256 (AES-GCM) encryption of sensitive medication fields using a key stored in your device's Keychain. This is off by default and can be enabled in Settings.
  • Optional app lock. You can require a PIN or Face ID to open the app, configurable in Settings.

Data Retention

  • Your active data is kept until you choose to delete it.
  • Soft-deleted medications (medications you've removed from your list) are kept indefinitely on your device so your past dose history remains visible in the dashboard. They are permanently removed when you run Delete All Data.
  • Backups you create live on your device (or wherever you exported them) until you delete them.
  • Anonymous analytics events, if you've opted in, follow PostHog's standard retention policies — see https://posthog.com/privacy.

Children's Privacy

Merra is not directed at children under 13. We do not knowingly collect data from children under 13. If you are a parent or guardian and believe your child has provided data to Merra, please contact us and we will help you delete it.

Security

We take reasonable steps to protect your data:

  • All network traffic uses Apple's standard HTTPS/TLS
  • Local data is protected by iOS file-system encryption, which is active whenever your device is locked with a passcode
  • iCloud data is encrypted at rest by Apple
  • Optional in-app encryption (AES-GCM, 256-bit) is available for sensitive medication fields, with keys stored in the iOS Keychain (kSecAttrAccessibleWhenUnlockedThisDeviceOnly)
  • Optional PIN + Face ID lock on the app
  • We do not have a backdoor. Merra cannot access your encrypted iCloud data, and we cannot recover it for you if you lose your Apple ID. This is by design — your data is yours.

No system is perfectly secure. If you become aware of a vulnerability in Merra, please email us at the address below.

Changes to This Policy

We may update this policy from time to time. When we do, we'll change the effective date at the top and note material changes in the app's release notes. Continued use of Merra after a change means you accept the updated policy.

Contact Us

For privacy questions, data deletion requests, security reports, or anything else:

Email: contact@nexusdirectsoft.com

Merra is built and maintained by an independent developer. Replies may take a day or two — thanks for your patience.

Merra does not track you across other apps or websites (NSPrivacyTracking = false). The full list of declared data types and API uses is available in Merra's privacy manifest, which Apple publishes alongside the app in the App Store.