Privacy Policy

At NexaFem, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

We may collect basic information such as:

• Name and email address
• Browsing behavior and website usage patterns
• Phone number (optional)
• Mailing address (optional)
• Payment information (when applicable)
• Account credentials

We use the information we collect to:

• Improve our website and content
• Respond to user queries and support requests
• Analyze website traffic and user behavior
• Send promotional communications (with your consent)
• Enhance user experience and personalization
• Detect and prevent fraudulent activities
• Comply with legal obligations

We use cookies to enhance user experience. Cookies help us understand user behavior and improve our services. You can control cookie settings through your browser preferences. For more information, see our Cookie Policy.

We may use third-party services like Google Analytics and Google AdSense. These services may collect data in accordance with their own privacy policies. We are not responsible for the content or policies of third-party websites.

We take appropriate measures to protect your information against unauthorized access, alteration, disclosure, or destruction. However, we cannot guarantee complete security as no method of transmission over the Internet is 100% secure.

NexaFem processes sensitive health information including menstrual cycle phases, mood logs, menopause symptoms, fertility tracking, thyroid, diabetes, alcohol consumption, symptoms and other reproductive and hormonal health data. This is treated as a special category of personal data under GDPR Art. 9 and equivalent laws. We process it only with your explicit consent and for the health-tracking purposes for which you provided it. We do not sell sensitive health data, ever.

In line with Google Play's Health Content and Services policy, we expressly do not:

• Use your health data to serve advertisements.
• Transfer or sell your health data to third parties for advertising.
• Use your health data to determine employment eligibility or hiring decisions.
• Use your health data to determine insurance eligibility, pricing or coverage.
• Use your health data for lending or credit-scoring decisions.
• Share your health data on social platforms without your explicit consent for each such share.

NexaFem is intended for users aged 13 years and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us data, please contact us via [email protected] and we will delete it.

We keep your data only as long as we need it:

• Account & profile data — for as long as your account is active.
• Health logs (cycle, mood, symptoms, lab results) — for as long as your account is active, so you can see your historical trends.
• Audit & security logs — up to 12 months for fraud and abuse prevention.
• Backups — purged within 30 days of account deletion.

When you delete your account from Settings > Your Data, your account and health data are removed from active systems immediately and from backups within 30 days.

You can exercise your data rights directly from within the app:

• Access & Portability — download a JSON export of all your data from Settings > Your Data.
• Rectification — update your profile, health information and preferences from your settings pages.
• Erasure — permanently delete your account and all associated health data from Settings > Your Data.
• Withdraw consent — adjust cookie consent at any time via the cookie banner.

We respond to data-subject requests within 30 days, in line with GDPR.

In the unlikely event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Art. 33, and will notify you without undue delay when the breach is likely to result in a high risk to your rights and freedoms.

Where your data is transferred outside your country of residence (for example to our cloud and AI service providers), we rely on appropriate safeguards including the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, and equivalent mechanisms.

We use carefully selected third parties to operate NexaFem. They process data only on our instructions under data-processing agreements:

• Cloud hosting and database providers
• Email delivery providers
• Analytics (only with your cookie consent)
• AI service providers (OpenAI, Anthropic, Google, xAI, OpenRouter) for in-app AI features — content is sent only when you use those features

By using our website, you consent to our Privacy Policy and the collection and use of your information as described herein.

We may update this policy from time to time to reflect changes in our practices or technology. Please review it periodically for any updates.