Privacy Policy

Period Tracker: Cycle Yoga

Company: Kegel 360, LLC  |  Effective Date: April 27, 2026  |  Last Updated: April 27, 2026

1. Introduction

Welcome to Period Tracker: Cycle Yoga ("App"), operated by Kegel 360, LLC ("we," "us," or "our"). We are committed to protecting your privacy and handling your personal data with respect, transparency, and care.

This Privacy Policy explains what information we collect when you use the App, how we use it, with whom we share it, and the choices you have regarding your data. By downloading, installing, or using the App, you agree to the practices described in this Privacy Policy.

This policy has been prepared in accordance with:

• Apple App Store Review Guidelines and App Privacy requirements
• General Data Protection Regulation (GDPR) – European Union
• California Consumer Privacy Act (CCPA) – California, USA
• Information Technology Act, 2000 & IT (Amendment) Act, 2008 – India
• Other applicable data protection laws

2. Information We Collect

We collect the following categories of information to provide and improve our services:

2.1 Account Information

• Name (provided during onboarding)
• Email address (when signing in via email/password or Google Sign-In)
• Apple ID token (when signing in via Sign in with Apple)
• Guest/anonymous session token (when using the App without creating an account)

2.2 Health & Cycle Data

This is sensitive personal health data. It is collected solely to provide core App functionality and is never used for advertising or sold to third parties.

• Menstrual cycle length and period start/end dates
• Daily symptom logs (flow intensity, pain levels, mood, energy, etc.)
• Cycle phase information (menstrual, follicular, ovulation, luteal)
• Predicted ovulation and fertile window data
• Historical cycle records used for pattern analysis

2.3 Yoga & Wellness Activity Data

• Yoga sessions viewed and completed, mapped to your current cycle phase
• Individual yoga step completion status
• Streak and progress tracking data

2.4 Partner Sharing Data

• Partner sharing code (generated by the primary user)
• Partner account information (email, sign-in method, name) when a partner connects via the shared code
• Read-only access logs: which cycle phases, daily logs, and analytics a connected partner has viewed

2.5 Device & Technical Data

• Device model and operating system version
• App version
• Anonymized crash and error logs (for debugging purposes only)
• Language and locale settings

2.6 Information You Do Not Need to Provide

You may use the App as a guest without providing an email address or creating an account. In this case, your data is stored locally on your device and is not synced to our servers. If you delete the App, guest data will be permanently lost.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Core functionality: To track your menstrual cycle, predict phases (follicular, ovulation, luteal, menstrual), and display personalized calendar views and daily logs.
• Yoga recommendations: To recommend phase-appropriate yoga sessions and track your progress through each session.
• Partner sharing: To allow a connected partner to view (read-only) your cycle phase, daily logs, and analytics data.
• Analytics & exports: To generate in-app analytics and allow you to export your health data as a PDF.
• Account management: To authenticate you via Google, Apple, email, or guest session, and to manage your account.
• App improvement: To analyze anonymized, aggregated usage patterns to improve App performance and user experience.
• Customer support: To respond to your feedback, inquiries, or support requests submitted via email.
• Legal obligations: To comply with applicable laws, regulations, or lawful requests from authorities.

We do not use your health data to build advertising profiles, sell to data brokers, or for any purpose beyond operating and improving the App.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), our legal bases for processing your personal data are:

• Contractual necessity: Processing your account information and health data is necessary to deliver the App's core services you have agreed to use.
• Explicit consent: We obtain your explicit consent before collecting sensitive health data (menstrual, reproductive, wellness information) as required under GDPR Article 9.
• Legitimate interests: We process anonymized technical data to maintain and improve App security and performance.
• Legal obligation: We may process data where required by applicable law.

You may withdraw your consent at any time by deleting your account and data from within the App.

5. Partner Sharing Feature

The Partner Sharing feature allows you to generate a unique code and share it with a trusted person (your "partner"). Once a partner connects using your code and creates or signs in to their own account, they gain read-only access to your data, including:

• Your current and past cycle phases
• Your daily symptom logs
• Your yoga activity and progress
• Your analytics summaries

Important: Sharing your code with a partner is entirely voluntary. You can revoke partner access at any time by deleting the partnership from within the App. The partner cannot modify, add, or delete any of your data. Partners are bound by this Privacy Policy when they create their account.

6. How We Share Your Information

We do not sell your personal data. We may share data only in the following limited circumstances:

6.1 Connected Partners

As described in Section 5 above, data is shared with a partner only if you voluntarily generate and share a code with them.

6.2 Service Providers

We may share data with trusted third-party service providers who assist us in operating the App. These providers are contractually bound to process data only on our behalf and not for their own purposes. Examples include:

• Firebase / Google Cloud (Google LLC): Authentication, cloud database, and crash reporting services. Data may be processed in the United States.
• Apple (Sign in with Apple): Authentication services. Apple's privacy policy governs their processing.
• RevenueCat (future): In-app purchase management, when in-app purchases are introduced. No health data is shared with RevenueCat.

6.3 Legal Requirements

We may disclose your information if required to do so by law, court order, or government authority, or to protect the rights, property, or safety of Kegel 360, LLC, our users, or the public.

6.4 Business Transfers

If Kegel 360, LLC is involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you via email or prominent in-app notice before your data is transferred and becomes subject to a different privacy policy.

7. Data Storage & Security

Your data is stored on secure cloud servers (Firebase / Google Cloud) with industry-standard security measures, including encryption in transit (TLS) and encryption at rest. Guest users' data is stored locally on-device only and is not transmitted to our servers.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Your health data is treated as sensitive data and access is restricted strictly to systems and personnel necessary to operate the App.

8. Data Retention

We retain your personal data for as long as your account is active or as necessary to provide you with the App's services. You may request deletion of your account and all associated data at any time directly within the App (Settings → Delete Account & Data). Upon deletion:

• All health logs, cycle records, yoga activity data, and account information are permanently deleted from our servers within 30 days.
• Anonymized, aggregated data that cannot be linked back to you may be retained for analytical purposes.
• Partner connections are immediately severed upon account deletion.

9. Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your account and all associated data (available directly in-app).
• Portability: Export your health data as a PDF using the in-app export feature.
• Restriction: Request that we restrict processing of your data in certain circumstances.
• Objection: Object to processing of your data for legitimate interests.
• Withdraw consent: Withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal.
• Complaint: Lodge a complaint with your local data protection authority.

To exercise any of these rights, please contact us at support@kegel360.com. We will respond to your request within 30 days.

10. Children's Privacy

The App is not intended for use by individuals under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children under 13. If we become aware that a child under 13 has provided us with personal data, we will take steps to delete such information promptly. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@kegel360.com.

11. Advertising

The App currently contains no advertisements. We do not use any advertising SDKs, ad networks, or tracking technologies for advertising purposes. Your health data is never used to serve ads.

12. In-App Purchases

The App does not currently offer in-app purchases. We plan to introduce optional in-app purchases in a future update to unlock premium features. When in-app purchases are introduced:

• All payment transactions will be processed exclusively through Apple's App Store infrastructure (StoreKit). We will not directly collect or store your credit card or payment information.
• Purchase management may be facilitated by RevenueCat. No health or cycle data will be shared with RevenueCat.
• This Privacy Policy will be updated to reflect any changes before in-app purchases are enabled.

13. Third-Party Sign-In Services

The App supports sign-in via Google, Apple, and email. When you use a third-party sign-in provider:

• Google Sign-In: Governed by Google's Privacy Policy (policies.google.com/privacy). We receive your name and email address from Google.
• Sign in with Apple: Governed by Apple's Privacy Policy (apple.com/legal/privacy). Apple may provide a private relay email address. We receive your name and email (or relay address) from Apple.
• Email sign-in: Your email and encrypted password are stored securely via Firebase Authentication.

We do not receive your passwords from any third-party sign-in provider.

14. International Data Transfers

Kegel 360, LLC is based in the United States. If you are accessing the App from outside the United States (including from India, the European Economic Area, or the United Kingdom), your data may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For transfers from the EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other appropriate safeguards, to ensure your data is protected.

15. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: You have the right to know what personal information we collect, use, disclose, and sell (we do not sell your data).
• Right to Delete: You have the right to request deletion of your personal information.
• Right to Opt-Out of Sale: We do not sell personal information. You do not need to opt out.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
• Right to Correct: You have the right to request correction of inaccurate personal information.
• Sensitive Personal Information: We collect sensitive personal information (health and reproductive data) only to provide the App's core services and do not use it for any secondary purposes.

To exercise your California rights, contact us at support@kegel360.com.

16. Apple App Store Privacy Disclosure Summary

As required by Apple, here is a summary of data types collected and their use:

• Health & Fitness Data (menstrual data, symptoms, cycle logs) – Used for app functionality; linked to your identity; not used for tracking.
• Contact Info (name, email address) – Used for account management and app functionality; linked to your identity.
• Identifiers (user ID, device identifiers) – Used for app functionality and analytics; linked to your identity.
• Usage Data (yoga session progress, feature usage) – Used for app functionality and product improvement; linked to your identity.
• Diagnostics (crash data) – Used for app stability improvements; not linked to your identity.

No data is collected for tracking across third-party apps or websites. No data is sold. No data is used for advertising.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or App features. When we make material changes, we will notify you by:

• Displaying a prominent notice within the App, and/or
• Sending an email to the address associated with your account (if applicable).

The updated policy will be effective as of the "Last Updated" date shown at the top of this page. We encourage you to review this Privacy Policy periodically. Your continued use of the App after any changes constitutes your acceptance of the updated policy.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

• Company: Kegel 360, LLC
• Email: support@kegel360.com

We aim to respond to all inquiries within 30 days.