Last updated · 2026-05-09 · Next review: August 2026

Core commitment: Your cycle, ovulation, and symptom data does not leave your device. Unless you actively enable Cloud Backup (Premium) — in which case the data is end-to-end encrypted on your device before upload, and our servers cannot decrypt it.

1. Data we collect

TypePurposePersonal?Legal basis
Cycle / ovulation / sexual activity recordsCore period tracking⚠️ Yes (sensitive health data)Explicit consent (GDPR Art 9, MHMDA §1798.99.30)
Symptom logs (pain, mood, flow, etc.)SameYes (health data)Same
Temperature logs (BBT)SameYesSame
Anonymous device UUIDPremium subscription identityNo (hashed)Contract performance
Apple ID / Google account subCross-device sync (when you sign in)Yes (hashed)User consent
Subscription metadata (timestamps, type)Premium expiration calculationNoContract performance
Crash & performance diagnostics (Sentry)Bug fixes, stabilityNo (PII filter hard rule)Legitimate interest

2. What we do NOT collect

  • Real name, address, phone, birthday (unless you actively input)
  • Bank account, credit card (handled by Apple / Google)
  • Facial / biometric data
  • Location (GPS) — QiFlux never requests location permission
  • Contacts, other app data
  • Sexual activity details (we record only "yes/no" binary)
  • Sexual orientation, religion
  • Immigration status, race, political views

"We do not collect GPS" is a key defense against WA MHMDA geofencing provisions.

3. Third-party services

ServiceProviderPurposeWhat's transmitted
Cloudflare WorkersCloudflare Inc. (US)API + E2E backup storageAnonymous hash + encrypted blob (cannot decrypt)
Apple/Google IAPApple/GoogleSubscription paymentReceipt only
RevenueCatRevenueCat Inc. (US)Cross-platform subscription mgmtAnon user hash + state
SentryFunctional Software Inc. (US)Error reportingStack trace (PII stripped)
Health SDK (Apple/Google)Apple / Google (device-only)HealthKit / Health Connect bi-directional sync (opt-in)Menstrual flow data — stays on device, never leaves OS sandbox
Google Gemini (culture pack)Google LLC (US)Cultural reference summarization (opt-in, paid tier with no-train commitment)Cycle phase + constitution tag + chosen symptoms (no PII)

We do not sell your personal data to any third party. We do not use third-party analytics (Mixpanel, Amplitude, Firebase Analytics — all excluded). We do not conduct behavioral tracking.

4. Retention periods

DataLocationRetention
Cycle / symptom / temperatureYour device onlyUntil you delete or uninstall
Cloud backup blob (Premium)Cloudflare R2Until account deletion + 30-day grace period
Subscription metadataCloudflare D190 days after subscription ends
Crash logs (Sentry)Sentry90 days auto-deleted
Culture pack anonymous query logCloudflare D17 days auto-deleted (no user ID)

5. Your rights

  • Access — Settings → Data → "Export" (JSON / CSV)
  • Rectify — Edit records directly in app
  • Delete — Settings → Account → "Delete all my data" (≤ 2 taps)
  • Restrict processing — Disable cloud backup / culture pack
  • Portability (GDPR Art 20) — Same as Access
  • Object to automated decision-making (GDPR Art 22) — N/A; QiFlux does not perform automated decision-making
  • Withdraw consent — Settings → Privacy → "Review consents"
  • Lodge complaint with regulator — TW: NCC / EU: your country DPA / WA: AG / Other US states: state AG

6. Children's privacy

QiFlux is not designed for children under 13 (COPPA), nor for minors under 16 without parental consent (GDPR-K Art 8). If we discover inadvertent collection, we will delete promptly and notify regulators.

Users aged 13–16: Onboarding will require parental/guardian consent confirmation.

7. Cross-border transfers

QiFlux uses Cloudflare's global edge network. Your requests may be served by any node globally. Safeguards:

  • Cloudflare EU Adequacy decision (GDPR)
  • TLS 1.3 for all transmissions
  • Cycle/symptom data never crosses borders (local storage)
  • Cloud backup blobs are E2E encrypted on your device — no node can decrypt

8. Security measures

  • TLS 1.3 for all API communication
  • E2E encryption using AES-256-GCM, keys generated on your device
  • Key storage: iOS Keychain / Android Keystore (OS-level)
  • SDK whitelist: all third-party dependencies publicly listed at /sdk

9. Policy changes

This policy may be updated. Material changes (new data types, new third-party services, retention changes, new jurisdictions) will be notified by:

  1. In-app push notification
  2. Mandatory re-consent screen on next app launch
  3. Website announcement at qiflux.smartrich.ai/privacy-en

Non-material changes (typo fixes): website only.

10. Region-specific provisions

10.1 Taiwan (PDPA)

Compliant with Taiwan Personal Data Protection Act. Special category data (medical) requires individual written consent per §6 — obtained during onboarding and re-confirmed on each health-related feature opt-in.

10.2 Hong Kong (PDPO)

Compliant with Hong Kong Personal Data (Privacy) Ordinance, Data Protection Principles 1-6.

10.3 EU/EEA (GDPR)

Designed to follow GDPR Articles 6, 9, 13, 17, 20, 25, 32. AI use (Asia culture pack) is disclosed in line with the EU AI Act.

10.4 California (CCPA / CPRA)

Health data is Sensitive Personal Information. We do not sell or share. Right to Know, Right to Delete, Right to Limit Use available via Settings. GPC (Global Privacy Control) signal honored.

10.5 Japan (APPI)

Health data is 要配慮個人情報. Explicit consent required prior to collection. We do not provide to third parties. Cross-border transfers via EU Adequacy and SCC.

10.6 Korea (PIPA)

Compliant with PIPA individual consent requirement for sensitive data.

10.7 China (PIPL)

QiFlux Phase 1 does not launch in China. zh-CN locale is for overseas Simplified Chinese users.

11. Washington Consumer Health Data Privacy Policy

This section applies to Washington State residents under the My Health My Data Act (RCW 19.373).

Definitions

"Consumer Health Data" (CHD) under MHMDA includes reproductive or sexual health information, menstrual cycle data, and symptom data related to health conditions.

Data we collect (CHD)

  1. Cycle tracking data (start/end dates, flow level)
  2. Symptom logs (pain, mood, sleep, etc.)
  3. Optional: BBT (basal body temperature)

We do not collect: geolocation (no GPS, ever), biometric, genetic information.

Why we collect

  • To provide period tracking core feature (with your explicit consent)
  • To provide cloud backup if you opt-in to Premium

Who we share with

We do not share, sell, or transfer CHD to anyone — not advertisers, data brokers, insurance companies, or employers. In practice your cycle and symptom data never leaves your device in readable form, so there is nothing for us to hand over.

Your rights under MHMDA

  1. Confirm whether we collect your CHD
  2. Withdraw consent at any time
  3. Request deletion of your CHD
  4. Designate an authorized agent

Exercise: email qiflux@smartrich.ai or use Settings → Account → "Delete my data".

Geofencing notice

We do not use geofencing of any kind.

Private right of action

Washington residents may bring private action under RCW 19.86.090 for violations.

12. Protecting Reproductive Privacy (US Residents)

We recognize the unique privacy concerns of US residents following Dobbs v. Jackson Women's Health (2022).

Our commitments

  1. We do not store cycle/symptom data on our servers. All data lives on your device.
  2. Cloud Backup data is encrypted on your device before upload. We cannot decrypt it.
  3. Because your cycle and symptom data never reaches our servers in readable form, we have nothing to disclose to anyone — there is simply no plaintext cycle data for anyone to request.
  4. We do not collect, infer, or store your geographic location.
  5. We do not associate cycle data with real-world identity.

If you are concerned about reproductive privacy

  • Use QiFlux without account (anonymous mode is default)
  • Do not enable Cloud Backup if your jurisdiction is hostile
  • Set a device passcode and keep your phone locked
  • Enable biometric lock in QiFlux Settings

Resources

  • ACLU Reproductive Freedom Project
  • Digital Defense Fund
  • EFF Surveillance Self-Defense

13. Contact us

ChannelUse
qiflux@smartrich.aiPrivacy questions
qiflux@smartrich.aiGeneral support

Company: Crealize LLC
Mailing: Independent developer · Taipei · 2026
DPO: voluntarily designated — same as qiflux@smartrich.ai