Privacy Policy
Last updated: March 2026
1. Who We Are
Care (“we”, “our”, “us”) operates the website meno-pause-care.com and the Care - Perimenopause Tracker iOS application. We are the data controller responsible for your personal data.
Contact: shanthan95@gmail.com
If you have concerns about how we handle your data, you have the right to lodge a complaint with your local data protection authority. In Australia, this is the Office of the Australian Information Commissioner (OAIC). In the EU/UK, contact your national data protection authority.
2. What Data We Collect
We collect the following categories of personal data:
| Category | Data collected | How it is collected |
|---|---|---|
| Identity | First name, display name | Provided by you during sign-up, or received from Apple/Google sign-in |
| Contact | Email address | Provided by you during sign-up, or received from Apple/Google sign-in |
| Health & Wellness | Sleep quality, energy levels, symptom tracking (52 symptoms with severity, duration, time of day), emotional boundary check-ins, anger tracking, caregiving balance, body tension mapping, breathing exercise sessions | Entered by you in the app during daily check-ins |
| User Content | Journal notes, community posts and comments | Created by you in the app |
| Media | Photos and voice memos attached to journal entries | Created by you. Stored locally on your device only, not on our servers |
| Technical | Device type, operating system version, app version, anonymised usage events | Collected automatically via PostHog analytics |
| Identifiers | Unique user ID | Generated automatically when you create an account |
| Subscription | Subscription status (active or expired) | Received from Apple. We do not collect or store payment details |
All health and wellness data is provided voluntarily by you. We do not access any data from Apple Health, HealthKit, or any device sensors.
3. How We Use Your Data
| Purpose | Data used | Legal basis |
|---|---|---|
| Provide core app features (symptom tracking, check-ins, journal, breathing exercises, weekly insights) | Health & Wellness, User Content, Identity | Contract performance |
| Authenticate your account and sync across devices | Identity, Contact, Identifiers | Contract performance |
| Display community posts and comments | User Content, Identity | Contract performance |
| Manage your subscription access | Subscription, Identifiers | Contract performance |
| Understand app usage and improve features | Technical (anonymised) | Legitimate interest |
| Communicate service updates or respond to support requests | Contact, Identity | Legitimate interest |
We do notuse your health data for advertising, marketing, profiling, or any purpose other than providing the app's features to you. We do not make automated decisions based on your data.
4. Legal Basis (GDPR)
We process your personal data based on:
- Consent (Article 6(1)(a) GDPR) - you choose to create an account and provide your data
- Contract performance (Article 6(1)(b) GDPR) - processing necessary to provide the service you signed up for
- Legitimate interest (Article 6(1)(f) GDPR) - anonymised analytics to improve the app
For health data specifically, we rely on your explicit consent (Article 9(2)(a) GDPR). You provide this consent by actively entering your health information into the app. You can withdraw consent at any time by deleting your account.
5. How We Store and Protect Your Data
- Database: Supabase (PostgreSQL), with Row Level Security (RLS) ensuring you can only access your own data, AES-256 encryption at rest, and TLS 1.3 encryption in transit
- Authentication: Supabase Auth with secure token management. Passwords are hashed using bcrypt and never stored in plain text
- Access controls: Only authorised personnel have access to production data, and access is limited to what is necessary for operating the service
- Media: Photos and voice memos are stored locally on your device, not on our servers
- Breach notification: In the event of a data breach that affects your personal data, we will notify you and the relevant data protection authority within 72 hours as required by GDPR
6. Third Parties
We share your data only with these service providers, each under appropriate data processing agreements:
| Provider | Purpose | Data shared |
|---|---|---|
| Supabase | Database hosting and authentication | Account info, health data, journal content |
| PostHog | Anonymised app usage analytics | Technical data only. No health data is sent to PostHog |
| Apple | Sign in with Apple, subscription management | Authentication tokens, subscription status |
| Sign in with Google (only if you choose Google sign-in) | Authentication tokens | |
| Superwall | Subscription paywall management | User ID, subscription status |
| Vercel | Website hosting | Server logs |
We do not sell, rent, or share your personal data with advertisers or any other third party. We do not use your data for advertising purposes.
7. International Data Transfers
Some of our service providers operate outside of Australia and the European Economic Area (EEA). When your data is transferred internationally, we ensure it is protected by appropriate safeguards including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Service providers certified under recognised data protection frameworks
- Data processing agreements with all providers that meet GDPR requirements
By using our app, you acknowledge that your data may be processed in countries outside your country of residence, subject to these safeguards.
8. Analytics
We use PostHog for app usage analytics. PostHog helps us understand which features are used and how to improve the app. We do not send any health or wellness data to PostHog. Analytics data is not used to track you across other apps or websites. We do not use analytics for advertising or profiling.
9. Data Retention
- Account and health data: Retained for as long as your account is active. Deleted within 30 days of account deletion
- Community content: Retained for as long as your account is active. Deleted when you delete your account
- Subscription records: Retained for 6 years after the end of the subscription period for tax and accounting purposes
- Anonymised analytics: May be retained indefinitely as it cannot be linked back to you
- Support correspondence: Retained for 2 years after your last interaction
You can request deletion of your data at any time (see Your Rights below).
10. Your Rights
Under GDPR and applicable data protection laws, you have the right to:
- Access - request a copy of the data we hold about you
- Rectification - correct any inaccurate data
- Erasure - request deletion of your data (“right to be forgotten”)
- Restrict processing - limit how we use your data
- Data portability - receive your data in a machine-readable format
- Object - object to processing based on legitimate interest
- Withdraw consent - stop using the app and request account deletion at any time
- Lodge a complaint - with your local data protection authority (OAIC in Australia, or your national authority in the EU/UK)
To exercise any of these rights, email us at shanthan95@gmail.com. We will respond within 30 days. We may ask you to verify your identity before processing your request.
11. Account and Data Deletion
You can delete your account and all associated data at any time from within the app by going to Settings and selecting “Delete Account.” You can also request deletion by emailing us at shanthan95@gmail.com.
When you delete your account, we permanently remove all your personal information, health data, journal entries, community posts, and comments from our servers within 30 days. This action cannot be undone. Anonymised analytics data and subscription records required for tax purposes will be retained as described in the Data Retention section.
12. Subscriptions
Care offers optional paid subscriptions (monthly and annual) through Apple In-App Purchase. All payment processing is handled by Apple. We do not collect, store, or have access to your payment card details, bank account information, or billing address.
To manage or cancel your subscription, go to Settings > Apple ID > Subscriptions on your iPhone, or visit apps.apple.com/account/subscriptions.
13. Third-Party Links
Our app may contain links to third-party websites, articles, or resources. We are not responsible for the privacy practices or content of these external sites. We encourage you to read the privacy policy of every website you visit.
14. Cookies
Our website does not use cookies for tracking or advertising. The iOS app does not use cookies. No consent banner is required.
15. Children's Privacy
Our service is intended for users aged 16 and above. We do not knowingly collect data from anyone under 16 years of age. If we learn that we have collected personal information from a child under 16, we will delete that information promptly. If you believe a child under 16 has provided us with personal data, please contact us at shanthan95@gmail.com.
16. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of significant changes through the app or via email. The “Last updated” date at the top indicates the most recent revision. We encourage you to review this policy periodically.
17. Contact Us
For any questions about this privacy policy, your data, or to exercise your rights, contact us at:
shanthan95@gmail.com