# Privacy Policy
Last Updated: March 12, 2026
1. Introduction
NatProFamSpace ("we," "our," or "us") operates FertilityFlow, a fertility tracking and family planning application. We are committed to protecting your privacy and handling your personal data transparently and securely.
This Privacy Policy explains:
- Your rights regarding your data
2. Data Controller
NatProFamSpace
Email: privacy@natprofam.pl
Website: https://fertilityflow.app
For GDPR-related inquiries, contact: dpo@natprofam.pl
3. Legal Basis for Processing (GDPR)
We process your personal data under the following legal bases:
- Consent: You explicitly consent to data collection and processing
- Contract Performance: Processing necessary to provide the Service
- Legitimate Interests: Improving our Service and preventing fraud
- Legal Obligation: Complying with applicable laws
4. Data We Collect
4.1 Account Information
4.2 Health and Cycle Data
This is
special category data under GDPR:
- Menstrual cycle dates (period start/end)
- Cycle length and patterns
- Symptoms (physical and emotional)
- Basal body temperature (if tracked)
- Cervical mucus observations
- Intimate relations timing
- Fertility signs and observations
- Health notes and observations
4.3 Usage Data
- Device information (browser, OS)
- IP address (anonymized after 90 days)
- Error logs and crash reports
4.4 AI Interaction Data
- Questions asked to AI assistant
- Feedback on AI suggestions
4.5 Partner Data
- Partner email addresses (if you invite a partner)
4.6 Payment Information
- Payment method (processed by Stripe - we do not store card details)
4.7 Communication Data
- Email communications with us
- Feedback and survey responses
5. How We Use Your Data
5.1 Service Provision
- Create and manage your account
- Track your cycles and fertility windows
- Generate predictions and insights
- Provide AI-powered recommendations
- Enable partner collaboration features
- Process subscriptions and payments
5.2 Service Improvement
- Analyze usage patterns (anonymized)
- Improve accuracy of predictions
- Fix bugs and technical issues
5.3 Communication
- Send account notifications
- Respond to support requests
- Send important service updates
- Marketing communications (with consent only)
5.4 Legal Compliance
- Comply with legal obligations
- Enforce our Terms of Service
- Protect against fraud and abuse
- Respond to legal requests
6. Data Sharing and Third Parties
We do NOT sell your personal data. We share data only in limited circumstances:
6.1 Service Providers
We use trusted third-party providers who process data on our behalf:
Supabase (Database & Authentication)
- Handles user authentication
- Location: EU servers (GDPR compliant)
- Privacy Policy: https://supabase.com/privacy
Anthropic (AI Features)
- Processes AI chat interactions
- Data Processing Agreement in place
- Privacy Policy: https://www.anthropic.com/legal/privacy
Stripe (Payment Processing)
- Privacy Policy: https://stripe.com/privacy
6.2 Partner Sharing
If you invite a partner:
- They can access data you mark as "shared"
- You control what they can see
- You can revoke access anytime
6.3 Legal Requirements
We may disclose data when required by law:
- Court orders or subpoenas
- Protection of rights and safety
6.4 Business Transfers
If NatProFamSpace is acquired or merged, your data may be transferred. You will be notified of any such change.
7. Data Retention
7.1 Active Accounts
We retain your data as long as your account is active or as needed to provide services.
7.2 Closed Accounts
After account closure:
- Active data deleted within 30 days
- Backups deleted within 90 days
- Legal/financial records retained as required by law (up to 7 years)
7.3 Anonymized Data
We may retain anonymized, aggregated data indefinitely for research and service improvement.
8. Your Rights (GDPR & UK GDPR)
8.1 Right to Access
Request a copy of all personal data we hold about you.
8.2 Right to Rectification
Correct inaccurate or incomplete data.
8.3 Right to Erasure ("Right to be Forgotten")
Request deletion of your data, subject to legal retention requirements.
8.4 Right to Data Portability
Export your data in machine-readable format (JSON/CSV).
8.5 Right to Restriction of Processing
Limit how we use your data in certain circumstances.
8.6 Right to Object
Object to processing based on legitimate interests or for marketing.
8.7 Right to Withdraw Consent
Withdraw consent at any time (does not affect prior lawful processing).
8.8 Right to Complain
Lodge a complaint with your data protection authority:
- UK: Information Commissioner's Office (ICO) - https://ico.org.uk
- EU: Your local data protection authority
8.9 Exercising Your Rights
To exercise any rights, contact: privacy@natprofam.pl
We will respond within:
- 60 days (complex requests)
9. Data Security
9.1 Technical Measures
- End-to-end encryption for sensitive data
- TLS/SSL for data in transit
- Encrypted database storage
- Access controls and authentication
9.2 Organizational Measures
- Employee training on data protection
- Access on need-to-know basis
- Confidentiality agreements
- Incident response procedures
9.3 Data Breach Notification
If a breach occurs, we will:
- Notify affected users within 72 hours
- Notify relevant authorities as required
- Take immediate remedial action
10. International Data Transfers
10.1 Data Location
Your data is primarily stored in the EU (Supabase EU servers).
10.2 Transfers Outside EU/UK
When data is transferred to providers outside the EU/UK (e.g., Anthropic in the US):
- We use Standard Contractual Clauses (SCCs)
- We ensure adequate data protection measures
- We comply with GDPR Chapter V requirements
11. Children's Privacy
FertilityFlow is not intended for users under 18. We do not knowingly collect data from minors. If we learn we have collected data from a minor, we will delete it immediately.
12. Cookies and Tracking
12.1 Cookies We Use
- Essential Cookies: Required for site functionality (e.g., session management)
- Analytics Cookies: Help us understand how you use the Service (anonymized)
- Preference Cookies: Remember your settings
12.2 Cookie Control
You can control cookies through:
- Our cookie preferences tool (available at login)
12.3 Do Not Track
We respect Do Not Track (DNT) browser signals.
See our Cookie Policy for details.
13. Marketing Communications
13.1 Consent Required
We only send marketing emails with your explicit consent.
13.2 Opt-Out
You can unsubscribe from marketing emails:
- Click "unsubscribe" in any marketing email
- Adjust preferences in account settings
- Contact privacy@natprofam.pl
13.3 Service Emails
We will still send essential service emails (account notifications, security alerts) even if you opt out of marketing.
14. AI and Automated Decision-Making
14.1 AI Processing
FertilityFlow uses AI (Claude by Anthropic) to:
- Answer health-related questions
- Provide personalized insights
- Suggest educational content
14.2 No Automated Decisions
We do NOT use automated decision-making that produces legal or similarly significant effects.
14.3 Human Review
You can always request human review of AI-generated insights.
15. Changes to Privacy Policy
15.1 Notification of Changes
We will notify you of material changes via:
- Email to registered address
15.2 Review Date
We review this policy annually.
15.3 Continued Use
Continued use after changes indicates acceptance. If you disagree, you may close your account.
16. Data Protection Officer
For GDPR-related inquiries, contact our Data Protection Officer:
Email: dpo@natprofam.pl
17. Contact Us
For privacy questions or concerns:
NatProFamSpace - Privacy Team
Email: privacy@natprofam.pl
Website: https://fertilityflow.app
Response time: Within 5 business days
---
Your privacy matters to us. If you have any questions about how we handle your data, please don't hesitate to reach out.