Privacy Policy

Privacy Policy

This policy explains what data may be processed when you use the Rhea mobile app and this website, why it is used, and what controls are available to users.

Last updated: February 25, 2026 Version: 1.0

1. Scope

This Privacy Policy applies to the Rhea mobile application, its in-app features (including daily logs, calendar views, reports, partner sharing, and AI chat), and this website.

By using the app or website, you acknowledge the data practices described in this policy. This policy does not limit any mandatory consumer rights available to you under applicable law.

2. Data We May Collect

Rhea may process different categories of data to provide its features. Not every category applies to every user. Processing depends on the features you use, your account status, and your permission settings.

2.1 Account and Identity Data

  • Anonymous user identifier (for anonymous or temporary app sessions).
  • Basic profile/account information when you sign in with Google or Apple (such as email and display name).
  • User identifiers associated with subscription and account management flows.

2.2 Health Tracking and Daily Log Data

  • Cycle setup data such as last period date, cycle length, period length, and irregular cycle preferences.
  • Daily logs such as flow, pain level, mood, symptoms, discharge, intercourse data, temperature/BBT, and notes.
  • Pregnancy mode entries such as weight, blood pressure, kick counts, nausea, swelling, energy, sleep quality, and related notes.
  • TTC mode entries such as ovulation test results and fertility-related notes (e.g., cervical position).
  • Perimenopause mode entries such as hot flash intensity, night sweats, and symptom logs.

2.3 App Usage and Technical Data

  • App version, device type, and operating system details (especially for bug reports and diagnostics).
  • Anonymous analytics data (depending on settings, permissions, and technical configuration).
  • Push notification token when notification features are enabled.

2.4 AI Chat Data

  • Messages you send to and receive from Rhea AI.
  • Recent chat history used to improve conversational context.
  • Usage counters or quotas for abuse prevention and service management.

2.5 Bug Reports and Support Data

  • Bug report subject and description submitted by you.
  • Optional email address for follow-up.
  • Technical metadata such as app version, device model, and operating system version.

3. Purposes of Use

Provide the service

To power calendars, predictions, daily logging, reports, and mode-specific user experiences.

Accounts and sync

To support sign-in, account continuity, and cross-device synchronization where applicable.

AI chat functionality

To provide women’s-health-focused general information and supportive guidance through Rhea AI.

Security and quality

To prevent abuse, debug issues, improve performance, and maintain product quality.

Rhea is not designed to sell sensitive health data for ad targeting or to share it with third parties for marketing profiling purposes.

4. Storage and Sync

4.1 Local-first approach

Rhea is designed with a local-first mindset for sensitive user data where possible. This is especially relevant for personal logs and health tracking records.

4.2 Cloud sync and account-based features

If you sign in or use features that require synchronization, certain data may be synced with cloud infrastructure (for example: user profile data, daily logs, partner pairing data, notification tokens, and some AI request/chat-related records).

4.3 Retention periods

Your data may be retained while your account is active or for as long as reasonably necessary to provide the service. When you use in-app deletion options, relevant data may be removed from the device and/or synchronized storage, depending on the feature.

5. Data Sharing

5.1 Partner sharing

The partner-sharing feature uses an invite-code pairing flow. Sharing is limited by product design and restricted to a subset of data (for example: mode, cycle length, last period date, irregularity status, and name/basic summary fields).

Symptoms, detailed daily notes, sensitive tracking details, and AI chat history are not shared with a partner.

5.2 Sharing with service providers

We may use third-party infrastructure providers to deliver the service. These providers may process data only to the extent needed to provide the relevant service.

6. Third-Party Services

  • Google Firebase (Auth, Firestore, Messaging, Analytics, Remote Config): may be used for authentication, synchronization, notifications, configuration, and analytics-related functionality.
  • Google Gemini / related AI services: may be used to generate general informational responses for Rhea AI.
  • RevenueCat: may be used for subscription state management and app-store subscription integration.
  • Apple App Store / Google Play: may process payment, billing, and subscription operations.
  • Telegram (bug reporting flow): user-submitted bug/feedback messages and technical details may be transmitted to a support channel.

These services operate under their own privacy policies. Rhea does not control all aspects of their independent data practices.

7. Notifications

Push notifications are enabled only when you grant permission. A device notification token may be processed and associated with your account to deliver notifications. You can change notification permissions in device settings and/or in-app settings.

8. Security

We use reasonable technical and organizational measures to help protect your data. However, no method of transmission or storage is completely secure.

You are also responsible for keeping your device and identity provider accounts (such as Apple or Google accounts) secure.

9. Your Rights and Controls

  • View and edit data inside the app.
  • Use export options (such as CSV/PDF features, if available).
  • Delete data and disconnect account links.
  • Manage notification and analytics-sharing preferences.
  • Disable or end partner sharing.

Depending on your jurisdiction, you may have additional rights. You can contact us using the information below regarding privacy requests or questions.

10. Children’s Privacy

Rhea is not designed for children. Use by minors may require parental or guardian consent under applicable law. If we become aware of data collected in violation of applicable requirements, we may take reasonable steps to delete it.

11. Changes to This Policy

This Privacy Policy may be updated from time to time. Material changes may be announced within the app or on this page. The latest version date appears at the top of this policy.

12. Contact

If you have questions about this Privacy Policy or requests related to your data, please contact us:

Email: destek@rhea.app

Note: Before publishing, replace this with your final support or legal contact address.