1. Introduction and app purpose
LabSpline is an Android app provided by Saifullah Ahad. It helps adults organize laboratory reports, review captured fields before saving, and view mathematical changes across compatible results.
LabSpline does not require an account. The developer does not operate a server that receives or synchronizes your saved profiles, report images, report text, values, units, dates, laboratory names, or reference ranges.
2. Data accessed, stored, and collected
LabSpline can access and store the following information only when you choose to provide it:
- Local profile information: a profile name that you enter to separate record timelines.
- Laboratory record information: source and laboratory name, collection date, recognized report text, test labels, values, units, report-provided ranges, standard LOINC codes when mapped, and review state.
- User-selected documents: a full-resolution camera result, existing image, PDF, or CSV chosen for import.
- Local settings: theme, dynamic color, reduced-motion preference, active profile, optional app lock, and whether optional MedlinePlus information is enabled.
- User-created backup: an encrypted
.labsplinefile written to a location you select through Android's file picker.
Sensitive content fields—including profile, laboratory, and test names; recognized report text; values; units; and reported ranges—are encrypted before they are written to the local Room database using AES-GCM and a key protected by Android Keystore. Structural metadata needed for local relationships and queries, such as random IDs, collection and lifecycle dates, source type, marker key, qualifier/flag, confidence, and optional LOINC code, remains inside the app-private database but is not separately field-encrypted. Android's app sandbox and device storage encryption protect that database file. App settings are stored locally with Android DataStore. Password-protected backups use PBKDF2-HMAC-SHA256 key derivation and AES-GCM encryption.
LabSpline includes sample records for product exploration. They are labeled sample data and are not derived from a real person.
Technical metrics collected by Google ML Kit
Google's current ML Kit Android disclosure states that its SDK collects device manufacturer, model, OS version and build, available ML hardware accelerators, package name, app version, thin-feature device and per-installation identifiers, performance metrics such as latency, API configuration such as image format and resolution, feature input and output size, feature version, event types, and error codes. Google uses these data for SDK diagnostics and usage analytics. Google states that the data are encrypted in transit with HTTPS and are not shared with third parties. Report images, recognized text, and recognition results are not sent to Google.
Android permissions and system access
INTERNETandACCESS_NETWORK_STATEsupport the optional MedlinePlus lookup and connection-aware retry behavior.FOREGROUND_SERVICEandFOREGROUND_SERVICE_DATA_SYNCsupport a visible, cancellable WorkManager task while a selected document is processed.USE_BIOMETRICand the compatibilityUSE_FINGERPRINTpermission allow the optional app lock to use Android's biometric or device-credential prompt.WAKE_LOCKandRECEIVE_BOOT_COMPLETEDare used by Android WorkManager to keep a user-started import reliable and reschedule unfinished work after a device restart.- LabSpline does not request the Android camera permission. A camera capture is performed by the camera app you choose using a temporary FileProvider URI.
- LabSpline does not request broad photo, video, or storage access. Android's system file picker grants access only to a file you select.
- The app does not request location, microphone, contacts, SMS, call log, calendar, nearby-device, body-sensor, notification, accessibility-service, or all-files access.
3. How data is used
- On-device text recognition reads text from a selected image or rendered PDF page and creates an editable draft.
- Your confirmation is required before an imported draft becomes a saved report.
- Saved values are used to build local timelines, normalize supported compatible units, compare each result with the range saved from that source report, and calculate numerical trend summaries.
- Profile names separate local record timelines.
- The optional app lock asks Android to verify your biometric or device credential before opening saved records, hides the window from screenshots and readable recents previews, and relocks after the app has remained in the background for at least 30 seconds.
- An export or restore action reads or writes the encrypted backup that you select.
- If enabled and requested, a standard LOINC code is used to retrieve educational test information from MedlinePlus.
Local trend calculations describe numbers only. They are not used to diagnose a condition, determine a normal range for you, or recommend care.
4. Data sharing and third-party services
LabSpline does not include developer-controlled analytics, Firebase Analytics, Crashlytics, advertising SDKs, authentication, payments, or a developer cloud database. It does not sell laboratory records or use them for advertising. The Google ML Kit SDK metrics described below are the app's only automatic analytics and diagnostics collection.
Google ML Kit and Google Play services
LabSpline uses the unbundled Google ML Kit text-recognition component. Recognition of the input image and text runs on the device, and Google states that input data and recognition outputs are not sent to its servers. Google Play services may contact Google to download or update the recognition model, receive fixes and hardware-compatibility information, and send the technical metrics listed in section 2 for diagnostics, API maintenance, improvement, and misuse detection. Google states that these metrics are encrypted in transit and not transferred to third parties. See the ML Kit Android data disclosure, ML Kit Terms and Privacy, and Google Privacy Policy. The developer does not receive your report image or recognized report text.
MedlinePlus Connect
The official-information feature is disabled by default. If you enable it and tap to request official information, LabSpline sends the selected marker's standard LOINC code, the LOINC code-system identifier, and English language preference over HTTPS to MedlinePlus Connect, a service of the U.S. National Library of Medicine. The request does not include the result value, report image, recognized text, local profile name, or laboratory name. Normal web requests can expose technical connection data such as an IP address to the service. MedlinePlus and NLM handle that request under the NLM Web Policies.
Android camera, file picker, sharing, and external links
Camera capture and file selection use Android system activities or another app you choose. If you share a report summary, export a backup, open a MedlinePlus page, or send an email, the selected receiving app or service handles that copy under its own privacy terms. LabSpline performs these transfers only after your action.
5. Data retention and deletion
- Saved reports and profiles: remain in app-private storage until you delete a report, delete a profile, clear LabSpline's app data, or uninstall the app. Sensitive content fields are AES-GCM encrypted as described in section 2; structural metadata remains in the app-private database.
- Import drafts: structured draft content remains encrypted in app-local storage until saved or discarded. Saving or canceling removes the draft, and stale unfinished drafts are removed after 24 hours.
- Selected source copies: are copied byte-for-byte into the Android app's private files area so background processing and comparison with the original remain possible. This temporary file is protected by the app sandbox and device storage encryption but is not separately encrypted by LabSpline. An app-owned camera target is deleted after the review copy is made. The review copy is removed on save, discard, cancellation, or permanent processing failure; stale orphan copies are removed after 24 hours.
- MedlinePlus cache: public title, summary, source URL, and fetch time can remain encrypted locally until app data is cleared or the app is uninstalled. A cached item older than 24 hours is refreshed before reuse when a connection is available.
- ML Kit metrics: Google controls retention and deletion of the technical metrics collected by its SDK under the Google Privacy Policy. LabSpline's developer does not receive a copy of those metrics.
- Encrypted backups: remain wherever you save them until you delete them through that storage provider or file manager. LabSpline cannot recover a forgotten backup password.
- Shared or exported copies: are controlled by the app, email provider, or storage provider you selected.
Because the developer does not receive your local records, the developer cannot view, recover, or remotely delete them. Use the in-app delete controls, Android Settings > Apps > LabSpline > Storage > Clear storage, or uninstall LabSpline.
6. Optional feedback email
The About Developer screen includes a user-initiated feedback form. Tapping Send opens an installed email app with a visible, editable draft addressed to www.saifullah.ai@gmail.com. LabSpline does not send the message automatically or through an in-app relay.
The draft contains:
- the message you typed;
- an optional reply email address, only if you entered one; and
- a technical footer with app name, app version, Android version, SDK version, device manufacturer, and model.
No saved laboratory record is attached automatically. If you complete sending, your email provider and the developer's email provider process the message. Support emails are retained only as long as needed to respond, troubleshoot, prevent abuse, or meet legal obligations. You may request deletion by emailing the same address and identifying the message or reply address needed to locate it.
7. Children's privacy
LabSpline is intended for adults and its Google Play target audience is 18 and over. It is not directed to children under 13, does not provide public profiles or communication, and does not knowingly collect personal information from children. A parent or guardian who believes a child sent a support email can contact us to request deletion.
8. Changes to this policy
We may update this policy when LabSpline's features, data practices, providers, or legal obligations change. The current version will remain available at this URL and will show a revised effective date.
9. Contact
Use the public email address for privacy questions, support requests, or deletion of a feedback email. Do not send laboratory reports or other sensitive health information unless it is necessary for your request.