Your privacy
Privacy center
Our Privacy Promise Flow & Glow will never sell your personal health data. We will never share your menstrual, fertility, or reproductive health data with advertisers, not now, not ever. Your body is yours. Your data is yours. That is our promise.
OUR COMMITMENTS
What we promise you
Six things you can count on, always, no fine print, no exceptions.
π« | We never sell your data Your period data, symptoms, mood, and cycle information are never sold to anyone, not data brokers, not insurance companies, not anyone. This is a hard commitment with no exceptions. |
π’ | We never share with advertisers No advertising SDKs touch your health data. Meta, Google Ads, AppsFlyer, Branch, and data brokers never see what you log in this app. We do not run ads inside the app either. |
ποΈ | Delete everything, anytime You can delete your entire account and every piece of data you have ever logged, in two taps, in the app. We complete deletion within 30 days, the strictest legal standard globally. |
βοΈ | We fight government requests If any authority requests your private health data, we will require a valid legal order and challenge any demand we believe is overbroad, loudly and publicly, including in court if necessary. |
π | Your identity stays separate Your email and login are stored apart from your health data by design. Even we cannot easily link the two, making it technically hard to hand over your health records even under legal compulsion. |
π | Full transparency, always We publish an annual transparency report showing every government request we received and how we handled it. No hidden disclosures, no quiet compliance. |
SECURITY
How we protect your data
Real security measures, not buzzwords. Here is exactly what we do.
1 | Encryption at rest and in transit All data is encrypted with AES-256 at rest. All data in transit uses TLS 1.3 minimum. Nobody can intercept or read your logs in transit or at rest. |
2 | Identityβhealth data separation Your email and health logs are stored in separate systems, linked only by a random non-identifying account ID. This is an architectural protection, not just a policy statement. |
3 | No advertising trackers We do not embed Meta Pixel, Google Analytics for Firebase, AppsFlyer, Branch, Mixpanel, or Adjust in any screen that handles health data. We audit this before every release. |
4 | Annual penetration testing An independent, accredited security firm tests our systems every year and after major feature releases. Results directly inform our security roadmap. |
5 | Need-to-know access only No engineer can access your health data in plaintext. All employee access is logged, role-based, and reviewed regularly. Production data is never used in development environments. |
6 | Pursuing ISO 27001 and ISO 27701 We are in the process of certifying to international information security (ISO 27001) and privacy management (ISO 27701) standards. |
VISIBILITY
Who can see your data?
Direct answers to the questions you are actually asking. No hedging.
Question | Answer |
Can advertisers see my cycle data? | Never |
Is my data sold to data brokers? | Never |
Can my partner, family, or employer see my logs? | No |
Can Flow & Glow employees read my personal logs? | No, encrypted, no plaintext access |
Can the government access my reproductive health data? | Only valid legal order, we will challenge it |
Do third-party apps like Apple Health see my data? | Only if you grant explicit permission |
Can I see everything Flow & Glow holds about me? | Yes, download anytime in the app |
Can I delete all my data permanently? | Yes |
YOUR CONTROLS
Manage your data
Everything you can do with your data, all accessible in the app, no email required for routine actions.
Control | What it does | Where to find it |
Download your data | Full export of everything we hold, period logs, symptoms, and insights, in JSON or CSV format. | Settings β Privacy β Download |
Delete your account | Permanently deletes your account and all health data. Completed within 30 days. No waiting period, no friction. | Settings β Account β Delete |
Manage consent | Control research participation, marketing emails, and optional analytics. Granular toggles. Change any time. | Settings β Privacy β Consent |
Limit sensitive data use | Restrict your health data to core service delivery only. Required under CPRA, available to all users globally. | Settings β Privacy β Limit Use |
Opt out of research | Withdraw consent for anonymised research use of your data at any time, even if you previously opted in. | Settings β Privacy β Research |
Notification control | Control when and how Flow & Glow contacts you, reminders, health content, product updates, and period alerts. | Settings β Notifications |
Do not sell / share | Formal CCPA/CPRA opt-out request, we do not sell data, but you can submit a recorded opt-out if you wish. | Settings β Privacy β Do Not Sell |
Correct your data | Fix any inaccurate account information or incorrect health entries. | Edit in-app or email us |
QUESTIONS
Frequently asked
Real answers to the questions we hear most, written for people, not lawyers.
Q: Is Flow & Glow safe to use after Roe v. Wade was overturned? A: Yes. We designed our privacy architecture with this exact concern in mind. Your identity (email, login) is stored separately from your health data by design, meaning even if a government agency served us with a legal demand using your name, we may be technically unable to retrieve your health records. We also commit to challenging any government request we believe is overbroad or could harm our users. Anonymous Mode (coming soon) will allow tracking with zero identifying information. |
Q: Does Flow & Glow use my data to show me ads? A: No. Flow & Glow does not show advertising inside the app and does not share your health data with any advertising network. We generate revenue through our premium subscription, not by monetising your personal health information. We do not embed Meta Pixel, Google Ads SDK, AppsFlyer, or similar advertising trackers in any part of the app that processes health data. |
Q: What happens to my data if I delete my account? A: When you delete your account, all your personal data, every period log, symptom entry, note, and insight, is permanently deleted from our systems within 30 days. We apply this standard globally. The only exception is anonymised, aggregated research data if you previously opted in, this cannot be linked back to you. |
Q: Can my employer or insurance company see my health data? A: No. We do not share your data with employers, insurance companies, healthcare providers, or any third party for those purposes. Your health data is yours alone. We do not sell it, and we do not share it for purposes beyond what is strictly necessary to run the app. |
Q: What legal protections cover my data? A: Multiple layers depending on where you live. EU/UK: GDPR Article 9 (menstrual and reproductive data is special-category data requiring explicit consent). US: the FTC Health Breach Notification Rule; California CCPA/CPRA (health data = Sensitive Personal Information); Washington State My Health My Data Act (the strongest reproductive health data law in the US); Nevada SB 370. We apply the strongest standard globally. |
Q: Is HIPAA applicable to Flow & Glow? A: HIPAA applies to healthcare providers, health plans, and their business associates, not to direct-to-consumer wellness apps like Flow & Glow. We want to be honest about this rather than imply protections that do not legally apply. The FTC Health Breach Notification Rule, state consumer health data laws, and GDPR provide the applicable legal framework. Our own commitments go beyond what any of these laws require. |
Q: Does connecting Apple Health or Google Fit share my data with them? A: Only if you grant explicit permission, never by default. If you connect Apple Health or Google Health Connect, we pull only the specific categories you approve to enrich your personal insights. We are bound by Apple's and Google's developer policies, which prohibit using HealthKit and Health Connect data for advertising or sharing it with data brokers. |
Q: How long does Flow & Glow keep my data? A: Active account: data kept to provide the service. After account deletion: personal health data deleted within 30 days. Device/technical logs: 90-day rolling purge. Support messages: 3 years. Transaction records: 7 years (legal requirement). Full retention periods for every data category are in Section 8 of our Privacy Policy. |
Q: Can I use Flow & Glow without giving my real name or email? A: Currently a username and email are required. We are building Anonymous Mode, core app features with no identifying information, data stored locally on your device with optional end-to-end encrypted backup. You do not need to use your real name as a username in the meantime. |
Q: How do I submit a privacy rights request? A: For most actions, download, delete, consent changes, act directly in the app under Settings β Privacy. For formal rights requests (access, correction, restriction, portability, appeal), email privacy@flowandglow.app. We respond within 30 days. We never charge a fee for straightforward requests. |
GOVERNMENT REQUESTS
Our firm commitment
We take this seriously, especially given the reproductive health data our users trust us with.
We will never cooperate voluntarily: We will never proactively share your data with law enforcement or any authority. Any request must be accompanied by a valid legal order.
We will challenge overbroad demands: If we receive a subpoena, warrant, or court order for your data, we will scrutinise it carefully. Where we believe a demand is overbroad or legally deficient, we will challenge it loudly and publicly, including through the courts.
We will notify you where lawful: Unless prohibited by law or court order, we will notify you before complying with any legal process targeting your data so you can seek independent legal advice.
Architectural protection: Because we separate your identity from your health data, responding to a request naming your email may not yield your health data, we may be technically unable to produce a link.
Annual transparency report: We will publish the number and type of government requests received, how many were challenged, and how many resulted in disclosure at flowandglow.app/transparency.
No voluntary cooperation clause, ever: This policy does not and will never contain language stating we may cooperate voluntarily whether or not legally required. If you ever see such language, report it immediately to dpo@flowandglow.app.
CONTACT US
Get in touch
We respond personally to every privacy enquiry. Our Data Protection Officer reads every message sent to the DPO address. You will always hear back from a real person, not an automated system.
Privacy Enquiries and Rights Requests General privacy: privacy@flowandglow.app Data Protection Officer: dpo@flowandglow.app Postal address: DCODAX LTD (UK Representative for Flow & Glow), 63 Linthaugh Road, Glasgow, Scotland, G53 5TS, United Kingdom Response time: We aim to reply within 30 days of receiving any privacy enquiry. For complex requests under the My Health My Data Act, we may use the additional 45-day period permitted by law. |
Regulatory Authorities
If you are not satisfied with our response, you have the right to contact the relevant regulatory authority in your jurisdiction. We encourage you to reach out to us first, as we can often resolve concerns more quickly directly.
Jurisdiction | Authority | Contact |
European Economic Area | National data protection authority (varies by member state) | |
United Kingdom | Information Commissioner's Office (ICO) | |
Washington State (US) | Washington State Attorney General (My Health My Data Act rights) | |
California (US) | California Privacy Protection Agency (CCPA and CPRA rights) |
Your body is yours. Your data is yours.
We are honoured you trust us with it.