← Back to Linea

LineaJ

(pronounced “lineage”)
Personal & family health coordinator — private by default.

Privacy Policy

Last updated: June 8, 2026

Linea is built privacy-first. By default, your health information stays on your own device — we do not have servers that collect or store it, and we never sell your data. This policy explains what that means in practice.

1The short version

Linea is a personal and family health tool that runs in your browser. The health information you enter or import is stored locally on your own device by default. We do not operate servers that receive, collect, or store your health data, we do not require an account, and we do not sell or rent your information to anyone.

2Who we are

This policy applies to the Linea application and website (the “Service”). Throughout, “we,” “us,” and “our” refer to Linea. You can reach us using the contact details at the end of this policy.

3What information is involved

The Service is designed for you to record and organize health information — such as personal and family medical history, conditions, medications, lab results, immunizations, procedures, and notes about visits and appointments. You may also import some of this information from a connected health-record system such as MyChart.

Because this information stays on your device by default (see below), you are the one who holds it. We do not receive a copy of it.

4Where your data lives

By default, everything you enter or import is stored locally on your device using your browser’s on-device storage. It is not transmitted to us, and we have no server-side database of your records.

This means you are responsible for your data. If you clear your browser’s data, use a different device or browser, or uninstall the Service, your information may be permanently lost, and we cannot recover it because we never had it. We encourage you to use any export or backup feature the Service provides to keep your own copy.

5Connecting MyChart / Epic

If you choose to connect a health-record system such as MyChart (through Epic), you will be sent to that provider’s own secure login to authorize access. We use the modern OAuth 2.0 authorization-code flow with PKCE; we never see or store your MyChart username or password.

When you authorize a connection, your records are retrieved and placed into the Service on your device. You can revoke that access at any time through the health system’s own settings. The records you import are also subject to that provider’s privacy practices, which we do not control.

6Optional cloud & AI features

The Service may later offer optional features — such as cloud backup/sync or AI-assisted insights — that involve sending some data off your device. These features are off by default and strictly opt-in. We will clearly describe what data is involved before you turn any of them on, and you can choose not to use them. If and when these features are available, this policy will be updated to describe how that data is handled.

7Analytics

We may use privacy-respecting, aggregate analytics to understand general usage of the Service (for example, which features are used) so we can improve it. Where analytics are used, they are configured to avoid capturing the content of your health records — for example, by masking entered text and not recording your screen. We do not use your health information for advertising, and we do not sell it.

8How we share information

We do not sell, rent, or trade your information. Because your health data stays on your device, there is generally nothing for us to share. We may rely on standard service providers to host the Service’s website and code (for example, a static-hosting provider); such providers serve the application files to your browser and are not given your health records. We may disclose limited information if required by law.

9Your control & deletion

You are always in control of your data. Within the Service you can edit or delete individual records, and you can remove all of it by clearing the Service’s on-device storage in your browser. Because we do not hold a server copy, deleting it on your device removes it entirely. To disconnect a linked health-record account, use that provider’s settings.

10Security

We take reasonable measures to help protect the Service, including using encrypted connections (HTTPS) and secure, standards-based authorization for any health-record connection. However, no method of storage or transmission is perfectly secure, and because your data lives on your device, keeping that device and browser secure is an important part of protecting your information.

11Children’s privacy

The Service is intended for adults (18 and older) and is not directed to children. If you record information about a family member or a person in your care, you are responsible for having the appropriate authority to do so.

12Changes to this policy

We may update this policy from time to time — for example, when we add optional cloud or AI features. When we do, we will revise the “Last updated” date above, and material changes may be communicated through the Service. Your continued use after an update means you accept the revised policy.

13Contact

Questions about this policy can be sent to: lineaj.io@gmail.com.