Legal
GDPR rights
How to access, correct, download, restrict, object to, or delete your data
Our GDPR Promise
If GDPR or UK GDPR applies to you, Flow & Glow will honour your privacy rights clearly, respectfully, and without unnecessary friction. We treat menstrual, fertility, symptom, and reproductive health data as highly sensitive. We do not sell it. We do not share it with advertisers. Your body is yours. Your data is yours.
YOUR RIGHTS
What rights you have
A plain-language guide to the rights GDPR gives you and how to use them with Flow & Glow.
Right | What it means | How to use it |
|---|---|---|
Access | You can ask whether we process your personal data and request a copy of the data we hold about you. | Settings → Privacy → Download My Data, or email privacy@flowandglow.app |
Portability | You can receive your data in a structured, commonly used, machine-readable format. | Settings → Privacy → Download My Data |
Rectification | You can correct inaccurate account details or ask us to fix incomplete information. | Edit your details in the app, or email us if the change cannot be made there |
Erasure | You can ask us to delete your account and personal data. | Settings → Account → Delete Account |
Restriction | You can ask us to pause certain processing while we review a concern. | Email privacy@flowandglow.app |
Objection | You can object to processing based on legitimate interests, including certain service-improvement activity. | Settings → Privacy → Consent, or email us |
Withdraw consent | Where we rely on consent, you can withdraw it at any time. | Settings → Privacy → Consent |
Complaint | You can contact a supervisory authority if you are unhappy with our response. | See the regulatory authorities section below |
HOW TO USE YOUR RIGHTS
How to submit a request
The fastest way to manage most privacy actions is inside the app. You should not need to chase us for routine controls.
Open Flow & Glow.
Go to Settings.
Tap Privacy.
Choose the action you want, such as download, consent changes, research preference changes, or data-use limits.
For formal privacy requests, email privacy@flowandglow.app. For DPO enquiries, email dpo@flowandglow.app.
Request type | What to expect |
|---|---|
In-app download or deletion | Starts immediately from the app flow |
Standard GDPR rights request | We aim to respond within 30 days |
Complex requests | If GDPR allows more time, we will explain why |
Identity check needed | We may ask for limited information to make sure we are acting for the right person |
IDENTITY CHECKS
Why we may verify identity
We may need to confirm your identity before we disclose, correct, restrict, or delete account-linked data. This is a safety measure to protect you, not a barrier.
We only ask for what is reasonably necessary. We do not ask for unrelated documents or extra personal information just to make the process harder.
SPECIAL CATEGORY DATA
Why your cycle data gets extra protection
Under GDPR, health data is special-category data. Flow & Glow applies that higher standard to cycle, fertility, symptom, mood, pregnancy, and reproductive health entries.
We use this data to provide the service you asked for: cycle tracking, predictions, phase guidance, symptom logging, wellness support, account controls, and data export.
Important
Flow & Glow is a wellness app, not a medical device. It does not provide medical advice, emergency care, diagnosis, or treatment. If you have a health concern, please speak with a qualified healthcare professional.
LEGAL BASIS
What legal bases we rely on
We process personal data only for specific purposes and under a defined legal basis.
Processing activity | GDPR basis | What this means |
|---|---|---|
Core account and app functionality | Contract necessity | We process data so the service can work for you |
Cycle and health logs | Explicit consent for special-category health data | You choose what to log and can withdraw consent where applicable |
Account security and abuse prevention | Legitimate interests and contract necessity | We protect your account and the integrity of the service |
Legal compliance | Legal obligation | We may keep limited records when law requires it |
Research | Separate opt-in consent only | Research is never required to use Flow & Glow |
RESEARCH CONSENT
Research stays separate
If Flow & Glow supports research, participation must be separate, specific, and consent-based.
You must opt in clearly.
Research participation is never required to use the app.
Research data should be anonymised or aggregated wherever possible.
You can withdraw research consent in Settings → Privacy → Research.
We do not sell research data.
INTERNATIONAL TRANSFERS
If your data moves across borders
Some service providers may process data outside your country. Where GDPR applies, we use appropriate safeguards such as contractual protections, access controls, and security measures designed for sensitive data.
REGULATORY AUTHORITIES
If you want to escalate a concern
We hope you contact us first so we can help quickly and directly. You also have the right to contact the relevant authority in your region.
Region | Authority | United Kingdom |
|---|---|---|
Information Commissioner’s Office (ICO) — ico.org.uk | European Union / EEA | Your national data protection authority via the EDPB member directory |
CONTACT US
Get in touch
If you have questions about your privacy rights, we want the process to feel clear, respectful, and human.
Privacy enquiries and rights requests
General privacy: privacy@flowandglow.app
Data Protection Officer: dpo@flowandglow.app
Postal address: DCODAX LTD, 63 Linthaugh Road, Glasgow, Scotland, G53 5TS, United Kingdom Response time: We aim to reply within 30 days of receiving a privacy request
Your body is yours. Your data is yours. That includes the right to ask questions, change your mind, and leave with your data.