Legal
Privacy Policy
Your health data stays on your device. codeXX.health is built privacy-first. Our AI processes your cycle and health data locally on your iPhone — it is never sent to our servers. We collect only the minimum data needed to operate the app and improve the service.
1. Who We Are
codeXX.health ("we", "us", "our") operates the codeXX.health mobile application available on the Apple App Store. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our Service.
If you have questions, contact us at codexx.health@gmail.com.
2. Information We Collect
2.1 Information You Provide
- Account data: email address and password (if you create an account).
- Profile data: optional information you enter such as age range, cycle length, and wellness goals.
- Health & cycle data: period start/end dates, symptoms, mood, energy levels, nutrition, fitness, and sleep entries you log in the app. This data is stored on-device and, if you enable iCloud sync, in your personal iCloud account.
2.2 Information Collected Automatically
- Usage data: feature interactions, session duration, and crash reports — used to improve app stability and user experience.
- Device data: device model, iOS version, and app version — used for technical support and compatibility.
2.3 Federated Learning (Aggregate AI Improvement)
codeXX.health uses on-device federated learning. Your device may contribute anonymised, mathematically obfuscated model gradients (not raw health data) to improve shared AI models. This process uses differential privacy to ensure no individual's data can be identified or reconstructed. You can opt out of federated learning in the app's Privacy Settings.
3. How We Use Your Information
| Purpose | Legal Basis |
|---|---|
| Provide and personalise the app's features and recommendations | Performance of contract / consent |
| Authenticate your account and maintain security | Performance of contract |
| Process subscription payments (via Apple) | Performance of contract |
| Improve AI models through federated learning | Consent (opt-out available) |
| Analyse aggregate, anonymised usage trends | Legitimate interests |
| Send important service notifications and updates | Performance of contract / legitimate interests |
| Comply with legal obligations | Legal obligation |
4. How We Share Your Information
We do not sell your personal information. We share information only in the following limited circumstances:
- Apple / App Store: Subscription and purchase data is processed by Apple under their own privacy policy.
- Firebase (Google): We use Firebase for authentication and, where you enable cloud sync, secure storage of anonymised app data. Google's data processing terms apply.
- Legal requirements: We may disclose information if required by law, court order, or governmental authority.
- Business transfers: If codeXX.health is acquired or merged, your information may be transferred as part of that transaction with appropriate notice.
We never share raw health data with third-party advertisers or data brokers.
5. Data Storage and Security
Your health and cycle data is stored primarily on your device. If you enable cloud backup, data is stored in your personal iCloud account or encrypted Firebase storage, with industry-standard AES-256 encryption in transit and at rest.
We implement technical and organisational measures to protect your information. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
6. Data Retention
On-device data is retained until you delete it or uninstall the app. Account data associated with your email is retained as long as your account is active. You may request deletion of your account and associated data at any time by contacting codexx.health@gmail.com.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: request a copy of the personal data we hold about you.
- Correction: request correction of inaccurate data.
- Deletion: request deletion of your data ("right to be forgotten").
- Portability: receive your data in a structured, machine-readable format.
- Objection: object to processing based on legitimate interests.
- Withdraw consent: withdraw consent for federated learning at any time in app Settings.
To exercise any of these rights, contact us at codexx.health@gmail.com. We will respond within 30 days.
8. Children's Privacy
The App is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately and we will delete it.
9. International Transfers
codeXX.health is operated from Austria. If you are located outside the European Union, your information may be transferred to and processed in the EU. We ensure appropriate safeguards (such as Standard Contractual Clauses) are in place for any such transfers.
10. Third-Party Links
The App may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last Updated" date at the top of this page and, where appropriate, by sending an in-app notification. Your continued use of the App after such changes constitutes acceptance of the updated policy.
12. Contact Us
For privacy questions, requests, or complaints:
- Email: codexx.health@gmail.com
- Website: www.codexx.health
For subscribers in the EU/EEA, you also have the right to lodge a complaint with your local supervisory authority.