Privacy Policy

Last updated: March 9, 2026

PredictHer ("we", "our", "the app") is a cycle-aware health intelligence app. We take your privacy seriously — especially given the sensitive nature of the health and biometric data we handle. This policy explains what we collect, why, and how we protect it.

1. Information We Collect

Account information: Name, email address, and password when you create an account. Authentication is handled securely through Supabase.

Health and cycle data: Period start and end dates, cycle length, and symptoms you choose to log. This data is used to calculate your cycle phase, hormone estimates, and fertile window.

Biometric data (optional): If you connect an Oura Ring, we access your nightly temperature deviation, heart rate variability (HRV), resting heart rate, sleep score, sleep duration, sleep efficiency, readiness score, and step count. This data is fetched through the Oura API with your explicit authorization.

Astrological data (optional): Birth date, birth time, and birth location for natal chart calculation. This is used solely to compute your natal planetary positions and transit aspects.

Usage data: Intentions, synch journal entries, and friend/partner connections you create within the app.

2. How We Use Your Data

• Calculate your menstrual cycle phase, hormone estimates, and fertile window
• Detect ovulation using real temperature data from your Oura Ring (coverline 3-over-6 method)
• Generate personalized AI health insights based on your cycle phase and biometrics
• Compute your natal chart and current planetary transits
• Send phase-aware notifications to you and, with your permission, your partner
• Display astronomical data (moon phase, NASA imagery, near-Earth objects)

3. Data Storage

Local storage: Much of your data is stored locally on your device using browser localStorage. This includes cached biometric data, chat history, notification preferences, and astrological calculations. This data never leaves your device unless you explicitly sync it.

Cloud storage: Account information, period data, friend connections, and synch entries are stored in a Supabase PostgreSQL database with row-level security (RLS) enabled. Each user can only access their own data.

AI processing: When you use the AI advisor ("Her") or request health insights, your cycle context and biometric data are sent to Anthropic's Claude API for processing. Anthropic does not use this data for training. These requests are ephemeral and not stored by Anthropic.

4. Third-Party Services

• Supabase — authentication and database hosting
• Anthropic (Claude) — AI-powered health insights and chat
• Oura Health — biometric data (only with your explicit OAuth authorization)
• NASA APIs — astronomical imagery and near-Earth object data (no personal data sent)

We do not share, sell, or rent your personal data to any third party for advertising or marketing purposes.

5. Data Security

All network communication uses HTTPS encryption. Database access is protected by Supabase row-level security policies, ensuring users can only read and modify their own records. API requests are rate-limited to prevent abuse. Oura Ring tokens are stored locally on your device and transmitted only to our server for authenticated API calls — we do not store your Oura credentials.

6. Your Rights

• Access: You can view all your data within the app at any time.
• Deletion: You can delete your account and all associated data from within the app. This permanently removes your data from our servers. Local data can be cleared from your browser settings.
• Portability: You can request an export of your data by contacting us.
• Disconnect: You can disconnect your Oura Ring at any time. This removes stored biometric data from your device.

7. Children's Privacy

PredictHer is not intended for children under 13. We do not knowingly collect data from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated data is permanently removed from our servers within 30 days. Cached data on your device is removed immediately upon account deletion or when you clear your browser data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the app after changes constitutes acceptance of the revised policy.

10. Contact

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at hello@predicther.ai.