Legal
Privacy Policy
Last updated: January 8, 2026
Introduction
Veteran Pain Tracker ("we," "our," or "the application") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our pain tracking application. We are designed with privacy-first principles, specifically for veterans managing chronic pain, TBI symptoms, and related conditions.
Information We Collect
Account Information
- Username: A username of your choice for account identification
- Password: Securely hashed and never stored in plain text
Note: We do NOT require an email address, phone number, or any other personal identifying information to create an account.
Health Data (Pain Entries)
When you log pain entries, we store:
- Pain intensity levels (1-10 scale)
- Pain type and location
- Triggers and symptoms
- Relief measures taken
- Date and time of entries
- Optional notes you provide
Optional Profile Information
You may optionally provide:
- Military service branch (for UI theming)
- Rank
- Bio or notes
Analytics & Usage Data
Google Analytics
We use Google Analytics to collect basic, anonymized usage data. This helps us:
- Monitor server performance: Ensure our servers can handle traffic without overloading
- Track AI feature usage: Monitor usage of AI-powered health analysis features for personal infrastructure and pricing management
- Understand usage patterns: Identify which features are most valuable to users
What Google Analytics collects: Page views, session duration, device type, browser type, and general geographic region. This data is anonymized and cannot identify you personally.
You can opt out of Google Analytics by using browser extensions like "Google Analytics Opt-out Browser Add-on" or by enabling "Do Not Track" in your browser settings.
AI-Powered Features
Our application uses Google's Gemini AI to provide health pattern analysis and generate medical briefings. When you use this feature:
- Your pain entry data is sent to Google's Gemini API for analysis
- The AI generates insights, trends, and recommendations based on your entries
- Data is processed according to Google's AI data handling policies
Important: AI-generated reports are for informational purposes only and should not replace professional medical advice. Always consult with your healthcare provider.
Cookies & Local Storage
We use the following cookies for essential functionality:
| Cookie | Purpose | Duration |
|---|---|---|
| auth_token | Keeps you logged in securely | 24 hours |
| csrf_token | Protects against cross-site request forgery | Session |
| theme | Saves your preferred military branch theme | 1 year |
Data Security
We take data security seriously:
- Encrypted transmission: All data is transmitted over HTTPS
- Secure password storage: Passwords are hashed using industry-standard algorithms
- HttpOnly cookies: Authentication tokens cannot be accessed by JavaScript
- CSRF protection: All forms are protected against cross-site request forgery
- Rate limiting: API endpoints are protected against abuse
Your Data Rights
You have full control over your data:
- Export: Download all your data in JSON or Excel format at any time
- Delete: Remove individual pain entries or request complete account deletion
- Access: View all data stored about you through your dashboard
- Self-host: Run your own instance of this open-source application for complete data sovereignty
Self-Hosting Option
Veteran Pain Tracker is open source (MIT License). You can deploy your own instance on your personal infrastructure for complete data control. When self-hosting, you manage your own database, and no data is shared with any third parties unless you configure it. Visit our GitHub repository for deployment instructions.
Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the application after changes constitutes acceptance of the updated policy.
Contact
For questions about this Privacy Policy or your data, please open an issue on our GitHub repository or contact the project maintainers.