AuthGuard Privacy Policy

Effective date: 2026-05-07 · Last updated: 2026-05-15

Short version: Your records — treatments, prior authorization requests, denials, appeals, step therapy attempts, communications, regulatory complaint filings, and attached documents — stay on your iPhone. We have no servers and no analytics; we never see your records. The only network communication the app performs is with Apple StoreKit, to verify your subscription status. Records are included in your standard iOS device backup (iCloud Backup or Finder), so a new-iPhone Restore brings them with you.

1. Who we are

AuthGuard is published by an independent iOS developer (Apple Developer Team ID ZM8LF8494F). For any privacy-related question, write to captainlongevity@gmail.com.

2. Information we do not collect

We do not collect, transmit to a server we control, store on a server we control, sell, share, or analyze:

Your treatments, indications, providers, NPI numbers, NDC or CPT codes, or frequency settings
Your prior authorization requests, insurance carrier names, plan names, plan types, member IDs, group numbers, reference numbers, or decision dates
The text or attachments of any denial letter, approval letter, Medical Necessity letter, peer review note, or appeal document you store in the app
The content of any step therapy attempt, communication entry, or regulatory complaint filing
Your name, email, phone number, or any account identifier
Family member names, relationships, or caregiving status
Device identifiers (IDFA, IDFV) for advertising or tracking purposes
Location data
Crash reports or analytics events sent to any third party

3. Information stored on your device

All records you enter are stored locally on your iOS device using Apple's SwiftData framework. AuthGuard does not transmit your records to any server we operate, and the app contains no integration with any cloud sync service. Your records are included in your standard iOS device backup (iCloud Backup or Finder), so that a new-device Restore brings them with you. We do not have access to your device backups; only Apple does, under their published privacy terms.

4. We do not log into your insurance carrier

AuthGuard does not request, store, or use your insurance carrier login credentials. The app does not connect to any insurance carrier API, portal, claims system, or pharmacy benefit manager. All PA, denial, approval, and appeal information is entered by you (typed or photographed). This is by design — many of our users are mid-dispute with the carrier they would otherwise be asked to log into.

5. We do not use AI to read your records

The app does not run any artificial-intelligence or machine-learning model on your denial letters, approval letters, peer review notes, or call notes. There is no OCR text extraction, no document parsing, no automatic categorization, and no appeal-letter generation. You read the documents; you enter the values; you write the appeal. We make no decisions about your case.

6. On-device processing (Pro features)

Several Pro features process data locally on your device only:

Document scanning uses Apple's VisionKit framework on-device. Scanned denial / approval / Medical Necessity letters are saved as PDFs to your device's app sandbox; they are never transmitted off-device.
PDF report generation (six formats) is performed entirely on-device using PDFKit. Record content is read from local storage and written to a PDF file in your device's local share sheet. No content is transmitted off-device during generation.
App Lock uses Apple's LocalAuthentication framework. Your Face ID or Touch ID biometric data never leaves Apple's Secure Enclave; the app only receives a success or failure signal.
Deadline reminders are scheduled via Apple's UserNotifications framework and fire locally on your device. No remote push servers are involved. Notification text is neutral and contains no carrier names or denied / approved status.

7. Subscriptions and StoreKit

AuthGuard offers an optional Pro subscription via Apple's StoreKit 2. When you subscribe, restore a purchase, or when the app verifies your entitlement, your device communicates directly with Apple's servers. AuthGuard receives only the entitlement status (active or inactive) and a purchase identifier. We do not see your Apple ID, payment method, billing address, or transaction history. Apple's handling of subscription information is governed by Apple's Privacy Policy.

8. Permissions the app requests

Camera — only when you tap "Scan Document" in a record's attachment section (the system VisionKit scanner triggers the prompt).
Photo Library — only when you tap "Import from Photos".
Face ID / Touch ID — only after you enable App Lock in Settings.
Notifications — only after you enable a deadline reminder.

You can revoke any of these permissions at any time in iOS Settings > AuthGuard.

9. Children's privacy

AuthGuard is designed to be used by adults — patients managing their own care or family caregivers (for example, an adult child managing a parent's Medicare Advantage PA decisions). We do not knowingly collect any information from anyone, including children. The records you enter live on your device and (optionally) in your private iCloud account; we never receive them.

For United States users: HIPAA applies to "covered entities" (health plans, providers, clearinghouses) and their business associates — not to patients documenting their own records. AuthGuard facilitates that patient record-keeping; it is not a covered entity, business associate, or healthcare provider, and does not transmit records to any covered entity.

10. Data retention and deletion

Because data lives on your device, you control retention completely. To delete all records, delete the app from your device; the data goes with it. If you have iOS device backup turned on, you may also want to remove the AuthGuard data from your most recent backup. There is no copy on any server we operate for us to delete.

11. International users

The app does not transfer your data internationally because it does not transfer your data anywhere we control. The app is published in English and is primarily marketed in North America.

12. Not legal, financial, medical, or insurance advice

AuthGuard is a personal documentation tool. The Insurance Glossary, the 12-category denial reason library, the Deadline Engine, and any in-app text about prior authorization rules, appeal levels, or federal and state time limits is general information only. It is not legal, financial, medical, or insurance advice. Consult a licensed advocate, attorney, or healthcare provider for your specific case.

13. Changes to this policy

If we ever change how the app handles data — for example, if a future version adds a feature that transmits data to a server we control — we will update this policy and surface the change in the app before you can use that feature. The "Last updated" date at the top of this page reflects the most recent revision.

14. Contact

Privacy questions: captainlongevity@gmail.com