Privacy Policy

Introduction

CycleFlow ("we," "our," or "the App") is a privacy-first period tracking application developed by PixelForge Apps. This Privacy Policy explains how we handle your information when you use our mobile application.

Our Core Privacy Promise: CycleFlow is designed with privacy as its foundation. We do not collect, store, transmit, or share any personal information or health data with our servers or any third parties. All data remains locally on your device.

1. Information We Collect

1.1 Personal Health Information (Stored Locally Only)

When you use CycleFlow, the following information is stored exclusively on your device:

• Menstrual Cycle Data: Period start dates, end dates, and flow intensity
• Symptom Data: Physical symptoms (cramps, fatigue, bloating, headaches, breast tenderness), mood indicators, and custom symptoms with intensity ratings
• User Preferences: Language selection, app settings
• Calculated Data: Cycle predictions, ovulation estimates, fertile window calculations, and cycle statistics

Important: This data is stored in an encrypted local database on your device using SQLCipher encryption. We do not have access to this data, and it is never transmitted to our servers or any third party.

1.2 Information We Do NOT Collect

CycleFlow explicitly does NOT collect:

• Personal identifiers (name, email, phone number, address)
• Device identifiers (IMEI, advertising ID, device ID)
• Location data (GPS, IP address)
• Usage analytics or telemetry
• Crash reports or diagnostic data
• Cookies or tracking pixels
• Any data from your device outside the app
• Any information that could identify you personally

1.3 No Account or Registration

CycleFlow does not require account creation, registration, or sign-in. You can start using the app immediately without providing any personal information.

2. How We Use Information

2.1 Local Data Processing

All data processing occurs locally on your device for the following purposes:

• Cycle Tracking: Recording and displaying your menstrual cycle history
• Predictions: Calculating predicted period dates, ovulation days, and fertile windows based on your historical data
• Insights: Generating statistics about cycle length, regularity, and patterns
• Symptom Patterns: Identifying correlations between symptoms and cycle phases
• Calendar Visualization: Displaying your cycle data in an easy-to-read calendar format

2.2 No Server Communication

CycleFlow operates completely offline and does not communicate with any servers, including:

• No data synchronization to cloud services
• No data transmission to analytics platforms
• No communication with advertising networks
• No crash reporting services
• No remote configuration updates

The only network activity occurs when you:

• Voluntarily click external links (Privacy Policy, Feedback forms, About page)
• Explicitly choose to share exported data files via your device's sharing functionality

3. Data Storage and Security

3.1 Local Encrypted Storage

All your health data is stored in an encrypted local database on your device using SQLCipher, an industry-standard encryption extension for SQLite databases. This provides:

• Military-grade AES-256 encryption
• Protection against unauthorized local access
• Secure storage even if device is compromised

3.2 Data Location

Your data is stored in the following location on your Android device:

/data/data/com.pixelforgeapps.cycleflow/databases/

This location is protected by Android's application sandbox and is only accessible by CycleFlow.

3.3 Security Best Practices

• No Network Transmission: Data never leaves your device through network requests
• No Cloud Backup (by default): Android auto-backup is disabled for the app's encrypted database
• Encryption at Rest: All data is encrypted when stored
• Minimal Permissions: App requests only essential Android permissions (no sensitive permissions required)

4. Data Sharing and Third Parties

4.1 No Data Sharing

CycleFlow does not share, sell, rent, or disclose any user data to third parties. This includes:

• No sharing with advertisers
• No sharing with analytics companies
• No sharing with data brokers
• No sharing with marketing platforms
• No sharing with social media networks
• No sharing with healthcare providers (unless you explicitly share exported data)
• No sharing with insurance companies
• No sharing with government agencies (except as required by law)

4.2 No Third-Party Services

CycleFlow does not integrate with or use any third-party services, including:

• Analytics services (e.g., Google Analytics, Firebase Analytics)
• Crash reporting services (e.g., Crashlytics, Sentry)
• Advertising networks (e.g., AdMob, Facebook Audience Network)
• Cloud storage services (e.g., Google Drive, Dropbox)
• Authentication services (e.g., Google Sign-In, Facebook Login)

4.3 External Links

The app contains links to:

• Our Privacy Policy (this document)
• Feedback forms (Google Forms - voluntary participation)
• About/Developer website

Clicking these links opens your device's web browser and is governed by the respective website's privacy policies. We do not track whether you click these links.

5. Your Data Rights and Control

5.1 Complete Data Control

You have full control over your data:

• Access: View all your data within the app at any time
• Export: Export your complete data in JSON or CSV format to your device storage
• Import: Import previously exported data back into the app
• Delete: Delete all your data at any time through the Settings screen
• Modify: Edit or delete individual periods, symptoms, or entries

5.2 Data Portability

You can export your data in two formats:

• JSON Format: Complete structured data for backup and restoration
• CSV Format: Spreadsheet-compatible format for analysis in Excel, Google Sheets, etc.

Exported files are saved to your device's Downloads or Documents folder and can be:

• Backed up to your preferred cloud storage (manually)
• Shared with healthcare providers
• Imported into other applications
• Kept for personal records

5.3 Data Deletion

You can delete your data in two ways:

1. Delete Specific Entries: Remove individual periods or symptom logs from within the app
2. Delete All Data: Use the "Delete All Data" option in Settings to permanently remove all data from your device

Important: Once deleted, data cannot be recovered unless you have a previously exported backup.

5.4 Uninstalling the App

If you uninstall CycleFlow, all locally stored data is permanently deleted from your device as part of the Android app uninstallation process. Make sure to export your data before uninstalling if you wish to keep it.

6. Children's Privacy

CycleFlow is intended for users aged 12 and above. The app is rated for Teen (12+) on Google Play Store due to the nature of menstrual health tracking.

We do not knowingly collect information from children under 13 (or equivalent minimum age in your jurisdiction). Since CycleFlow does not collect any data from our servers, we cannot determine the age of users.

If you are a parent or guardian and believe your child under 13 is using CycleFlow, you can simply delete the app from their device to remove all data.

7. International Users and GDPR Compliance

7.1 GDPR Compliance (European Union)

CycleFlow is designed to be fully compliant with the General Data Protection Regulation (GDPR):

• Data Minimization: We collect zero personal data
• Purpose Limitation: All data processing occurs locally for the sole purpose of period tracking
• Storage Limitation: Data is stored only on your device and only as long as you choose
• Integrity and Confidentiality: Data is encrypted using industry-standard encryption
• Rights of Data Subjects: You have complete control to access, export, and delete your data

Since CycleFlow does not collect or process personal data on servers, most GDPR obligations (such as data breach notification) are not applicable. Your data stays entirely within your control.

7.2 Other Privacy Regulations

CycleFlow's privacy-first design also complies with:

• CCPA (California Consumer Privacy Act)
• PIPEDA (Canada)
• APP (Australia)
• LGPD (Brazil)
• Other international privacy regulations

Since no data leaves your device, there is no data to be sold, shared, or processed by third parties.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

• Legal or regulatory requirements
• App features or functionality
• Industry best practices

When we make changes:

• We will update the "Last Updated" date at the top of this policy
• Significant changes will be announced through the app or our website
• Your continued use of the app after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically. The current version is always available at: http://pixelforge-apps.com/app/cycleflow/privacy-policy

9. Data Retention

9.1 Local Data Retention

Data is retained on your device:

• For as long as you keep the app installed
• Until you manually delete specific entries or all data
• Until you uninstall the app (which deletes all local data)

9.2 No Server-Side Retention

Since we do not collect data on our servers, there is no server-side data retention. Your data exists only on your device.

10. Technical and Organizational Measures

10.1 Security Measures

CycleFlow implements the following security measures:

Technical Measures:

• SQLCipher AES-256 encryption for local database
• Android application sandbox for data isolation
• No network communication to prevent data leakage
• Minimal permission requests
• Secure coding practices

Organizational Measures:

• Privacy-by-design development methodology
• Regular security reviews of codebase
• Commitment to transparency in privacy practices
• No third-party data processing agreements (since no data is shared)

10.2 No Data Breaches

Since your data never leaves your device and we do not maintain servers with user data:

• There is no central database to be breached
• Your data security depends on your device security
• We recommend using device lock screens and encryption

11. Your Responsibilities

To maintain the privacy and security of your data:

• Secure Your Device: Use a screen lock (PIN, pattern, password, biometric)
• Keep Software Updated: Install Android security updates promptly
• Backup Carefully: If exporting data, store backup files securely
• Share Consciously: Only share exported data with trusted parties
• Device Access: Limit physical access to your device

12. Disclaimer

12.1 Medical Disclaimer

CycleFlow is for informational and tracking purposes only and should not be used as:

• A method of birth control or contraception
• A medical diagnostic tool
• A replacement for professional medical advice
• A pregnancy planning tool (without consulting healthcare providers)

Always consult qualified healthcare providers for medical advice, diagnosis, or treatment related to menstrual health and reproductive health.

12.2 Prediction Accuracy

Cycle predictions and fertility calculations are estimates based on historical data and established medical guidelines. Individual variations in menstrual cycles may affect prediction accuracy. Predictions improve with more tracked cycles but are never 100% accurate.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data privacy, please contact us:

PixelForge Apps

Email: privacy@pixelforge-apps.com Website: http://pixelforge-apps.com/ App Website: http://pixelforge-apps.com/app/cycleflow/

Response Time: We aim to respond to privacy inquiries within 30 days.

14. Governing Law

This Privacy Policy is governed by the laws of the European Union (for EU users) and applicable local laws based on your jurisdiction. By using CycleFlow, you consent to this Privacy Policy.

15. Transparency Report

CycleFlow maintains complete transparency about its privacy practices:

Data Requests Received: 0 (we have no data to provide) Government Requests: 0 (we have no data to provide) Law Enforcement Requests: 0 (we have no data to provide) Data Breaches: 0 (no server-side data to breach)

Since we do not collect or store user data on our servers, we cannot comply with requests for user data. All data remains exclusively on user devices under their control.

16. Summary

CycleFlow in a Nutshell:

✅ We DON'T collect your data ✅ We DON'T track you ✅ We DON'T share with anyone ✅ We DON'T use analytics ✅ We DON'T require accounts ✅ Your data stays on your device ✅ You have complete control

Privacy-First. Always.