Privacy Policy

Ovaela ("Company," "we," "us," or "our") operates Ovaela (the "Service"). This Privacy Policy explains how we collect, use, store, protect, and share your personal information when you use the Service.

Your health data is deeply personal. We designed this policy to be transparent about exactly what happens with your information. If anything is unclear, please contact us at admin@ovaela.ai.

Our regulatory status.Ovaela is a general wellness product. We are not a healthcare provider, a health plan, or a health care clearinghouse, and we do not act as a business associate of any of them. Because of this, the federal Health Insurance Portability and Accountability Act (HIPAA) does not govern the health information you provide to the Service, and we do not describe ourselves as "HIPAA-compliant" or "HIPAA-certified". No government body certifies products as HIPAA-compliant. We nonetheless treat your health information as sensitive data, protect it with the safeguards described in this Policy, and comply with the consumer-privacy and consumer-health-data laws that do apply to us.

Where the Service is offered. Ovaela is offered to, and intended for, residents of the United States. We do not target or market the Service to individuals in the European Union, the United Kingdom, or other regions outside the United States, and this Policy is written to reflect United States federal and state privacy law. The Service is not intended for use outside the United States; if you access it from elsewhere, you do so on your own initiative.

1. Information We Collect

a. Health Data You Provide

• Blood work results (lab values, panel types, dates)
• Nutrition logs (meals, macronutrients, caloric intake) including voice-logged and photo-logged meals
• Supplement information (products, dosages, timing) and the user's current medication list
• Workout data (exercises, sets, reps, duration) including Pilates and running sessions
• Wearable data from WHOOP, Oura Ring, Apple HealthKit, Fitbit, Garmin, Polar, Withings, and Suunto, including HRV, recovery scores, strain, sleep architecture, body battery, training load, and similar physiological metrics depending on the device
• Menstrual cycle data and symptom logs (when applicable)
• Daily check-in responses (self-reported wellness data) and free-form chat transcripts you provide during the daily check-in or onboarding intake. These transcripts are user-generated text content that may contain a mix of structured health data and free-form narrative; they are stored alongside your account and used to generate AI wellness insights and to improve our prompts at the aggregate level (see Sections 2 and 13).

b. Account Information

• Email address
• Name (if provided, the display name you choose during onboarding, which may be your first name or a nickname)
• Account credentials (passwords are hashed, never stored in plain text)
• Subscription plan tier (Free / Plus / Pro / Family), retained for feature gating, billing reconciliation, and customer support. Payment card details are entered in Stripe Checkout outside the app and are never visible to Ovaela (see Section 4 for details).
• Demographic information you optionally provide during onboarding (age, biological sex, height, and weight), used to personalize your wellness analyses. We do not collect your race or ethnicity. You may update or delete these fields at any time from Settings → Profile.
• Health profile and lifestyle context you provide during onboarding or in-app forms, including medical conditions you currently have, allergies, wellness goals, activity level, alcohol use, tobacco or nicotine use (including tobacco product type), and similar health-context information you choose to share. We use this to personalize wellness analysis, surface relevant safety language, interpret trends, and provide product functionality. You can edit some of these fields from Settings → Profile; others may require re-doing the relevant onboarding flow or contacting us to delete the value. You can also delete your entire account, which removes all profile data per Section 6.
• Profile preferences and settings

c. Usage Data

• Pages visited and features used within the Service (product interaction events, including page views, taps, and which features you open). On the web app, these events are collected via PostHog (see Section 4). The native iOS app does not collect first-party product-interaction analytics and does not use PostHog; if you opt in to sharing app analytics with developers in your iOS Privacy & Security settings, Apple may provide Ovaela with its own aggregate, non-identifiable App Analytics; that telemetry is collected and aggregated by Apple, not by Ovaela.
• Device type, browser type, and operating system
• Diagnostic and performance signals. Crashes and error reports are collected via Sentry from the iOS, web, and server tiers (see Section 4). Aggregate app-launch-time and hang-rate metrics, where available, come from Apple's standard diagnostic frameworks when you opt in to sharing diagnostics with developers in iOS settings; Sentry performance tracing is disabled on the iOS app. These signals help us find and fix bugs and improve app responsiveness.
• IP address (used for security and approximate geolocation for state-specific compliance)
• Apple Push Notification service (APNs) device token and related registration metadata, if you enable notifications or use the native mobile app, Ovaela stores the APNs token, platform, and registration timestamps so we can deliver notifications, maintain notification preferences, and protect account security. These tokens are linked to your account but are not sold or used for cross-app tracking.
• ZIP / postal code, only when you choose to use the doctor referral feature (used to surface geographically nearby providers; not retained beyond the referral session unless you save a doctor to your profile)
• Photos you take or upload (meal photos, supplement labels, blood-work document scans). Ovaela does not store the original photo or document scan with the saved log entry; after processing, Ovaela stores only the derived analysis, such as foods, macros, supplement details, or parsed lab markers.
• Date and time of access

d. Information Processed but Not Persisted

• Genetic data: Where Ovaela offers genetic-file interpretation (for example, a 23andMe or AncestryDNA export), the raw file is processed locally in your browser or on your device when you use that feature. Ovaela does not intentionally upload or store your raw genetic file, and does not currently persist derived genetic markers, variant flags, or wellness interpretations to our servers. If a future version of the Service stores any genetic-derived information, we will disclose that storage and obtain any consent required by applicable law before enabling it.

e. Device Permissions (Native iOS App)

The native iOS app may ask for the following device permissions. Each is optional, is requested only when you first use the related feature, and can be changed at any time in the iOS Settings app:

• Microphone, used only for voice-driven daily check-ins. When you start a voice check-in, the app captures audio from your microphone so that it can be transcribed to text. The raw audio is processed in real time; it is not saved to a file and is not stored by Ovaela.
• Speech recognition, used to transcribe a voice check-in into text using Apple's Speech framework. On devices that support on-device recognition, the audio is transcribed entirely on your device. On other devices or for some languages, the audio may be sent to Apple's speech-recognition service to produce the transcript. The resulting text becomes part of your check-in entry, which, like any typed check-in, is then sent to and stored by Ovaela to generate your wellness insights. Ovaela does not receive the audio itself.
• Camera and photo library, used so you can photograph or attach meal photos, supplement labels, and blood-work document scans. These photos are handled as described in Section 1c.
• Face ID, if you turn on the optional app lock, Face ID is used to unlock the app. The biometric match is performed by iOS; biometric data never leaves your device and is never sent to Ovaela (see Section 1f).
• Apple Health, read-only access to the Health data categories you approve, as described in Section 1a. Ovaela does not write data back to Apple Health.

f. Information We Do Not Collect

• Biometric identifiers (fingerprints, facial geometry)
• Insurance information
• Social Security numbers
• Payment information from minors (the Service is for users 18 and older)

2. How We Use Your Information

• To provide AI-generated wellness insights based on your health data
• To display trends, patterns, and educational information about your health data
• To detect patterns that may warrant a recommendation to consult your healthcare provider
• To detect potential mental health crisis language and redirect to appropriate crisis resources (988 Suicide & Crisis Lifeline)
• To support the planned doctor-sharing workflow described in Section 5, under which you could prepare and share a wellness summary with a healthcare provider with your explicit consent. This workflow is not yet enabled in production
• To improve the accuracy and quality of our AI wellness insights
• To communicate with you about your account and the Service
• To comply with legal obligations

3. How We Store and Protect Your Information

We take the security of your health data seriously and employ the following safeguards to protect it:

• Encryption at rest: All health data is encrypted using AES-256 encryption in our database (Supabase)
• Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS 1.2+
• Access controls: Row-level security ensures you can only access your own data. No other user can see your information.
• Employee access: No Ovaela employee can view your individual health data without a formal access request logged in our audit trail
• Audit logging: Ovaela maintains audit logs for key account, consent, export, deletion, sharing, administrative, and security events, and uses database and infrastructure logs for additional operational monitoring. We continue to expand audit-log coverage as workflows that depend on it (such as user-directed health-data sharing) are enabled.
• Infrastructure: Our database is hosted on Supabase, a managed cloud database provider, with encryption and automated backups

4. Third-Party Services

We use the following third-party services to operate the Service. Each has access only to the data necessary to perform its function:

5. Doctor Directory and Doctor-Sharing Scope

a. iOS App (Current Version)

In the current iOS version of Ovaela, the doctor feature is an informational directory only. You can search the directory by ZIP code, specialty, or telehealth availability; you can view a provider's profile. Ovaela does not match, recommend, rank, or score providers for your specific health situation; Ovaela does not book appointments; and Ovaela does not transmit any health summary to a provider from the iOS app. Browsing or contacting a provider through the directory does not create a doctor-patient relationship with Ovaela or with the listed provider.

b. Web App (Current Version)

In the current web version of Ovaela, the doctor feature is likewise an informational directory only. Ovaela does not currently transmit any wellness summary from the web app to a provider, and does not currently generate provider-facing shareable links on the user's behalf.

c. Doctor-Sharing Workflow (Planned; Not Yet Enabled in Production)

Ovaela is designing a future doctor-sharing workflow under which a user could generate a wellness summary in the web app and share it with a healthcare provider the user selects. As designed, that workflow would have the following properties:

• Explicit consent required: A summary would be generated and made available only when the user specifically chooses to share, and each share event would require its own consent.
• User chooses what to share: The user would select which categories of data to include (such as blood work, nutrition, supplements, workouts, and wearable data).
• Raw data only: The shared summary would contain raw wellness data and trends only. AI-generated interpretations, wellness insights, and internal detection flags would not be included.
• Access by token, not by provider login: Ovaela would deliver the summary by generating a unique shareable link that the user forwards to a chosen provider. Providers would not have a login to Ovaela, would not browse Ovaela users, and would not request access to user data.
• Expiration and revocation:Shared summaries would be accessible only while the link is active. The user could revoke access at any time, which would permanently delete the shared summary from Ovaela's servers; links would also expire after a limited time.

Important note on current status:This doctor-sharing workflow is not yet enabled in production on either the iOS app or the web app. No wellness summaries are currently transmitted from Ovaela to any provider on the user's behalf, and no provider-facing shareable links are currently generated. Before this workflow is enabled, Ovaela will update this Policy to describe it as live, obtain any consent required by applicable law, and complete the security review needed to support sharing health data with a third party.

d. Future Versions

Ovaela may, in a future version, enable provider matching, appointment booking, share-with-doctor transmission from the iOS app, or related provider workflows. We will disclose those features in this Policy and obtain any consent required by applicable law before activating them in the Service.

6. Your Rights

You have the following rights regarding your personal information:

• Right to access: You can download all your health data in a portable format at any time
• Right to delete: You can request permanent deletion of all your data. We delete your data from our active systems, and copies in our routine encrypted backups are removed as those backups age out of our backup-retention cycle.
• Right to correct: You can request corrections to any inaccurate health data
• Right to portability: You can export your data in a machine-readable format
• Right to opt-out: You can opt out of non-essential data processing
• Right to know: You can request a detailed accounting of what data we hold, how it has been used, and who it has been shared with
• Right to withdraw consent: You can withdraw consent for data collection at any time by discontinuing use of the Service

To exercise any of these rights, contact us at admin@ovaela.ai or use the controls available in your account settings. We will respond to your request within 30 days.

7. "Do Not Sell or Share My Personal Information"

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.

We have never sold personal information, and we have no plans to do so. Your health data is used solely to provide you with the Service.

If you are a California resident and wish to exercise your right to opt out of the sale or sharing of personal information, you may submit a request at admin@ovaela.ai. We will honor the Global Privacy Control (GPC) signal as a valid opt-out request.

8. Children's Privacy

Ovaela is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will promptly delete that information. If you believe a child under 18 has provided us with personal information, please contact us at admin@ovaela.ai.

9. Data Retention

We retain your data for the following periods. Rows labeled planned describe the retention schedule that will apply to the doctor-sharing workflow described in Section 5 once it is enabled in production; no shared or prepared summaries are currently stored.

10. California Residents, CCPA/CPRA Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to know: You may request the specific categories and pieces of personal information we have collected about you, the sources from which it was collected, the business purposes for collection, and the categories of third parties with whom it has been shared.
• Right to delete: You may request deletion of your personal information.
• Right to correct: You may request correction of inaccurate personal information.
• Right to opt out: You may opt out of the sale or sharing of your personal information. We do not sell or share personal information for cross-context behavioral advertising.
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
• Right to limit: You may limit the use and disclosure of sensitive personal information. Your health data is classified as sensitive personal information under CPRA.

Categories of personal information collected: Identifiers (email, display name, account user ID), commercial information (subscription plan tier; payment card details are never collected by Ovaela and are handled directly by Stripe), health data (blood work, nutrition, supplements, workouts, WHOOP / Oura / Apple Health / Fitbit / Garmin / Polar / Withings / Suunto data, menstrual cycle, daily check-ins, medications), sensitive personal information (your health and medical information, which is treated as sensitive personal information under the CCPA/CPRA; we do not collect your race or ethnicity), photos (meal images, supplement labels, blood-work document scans, when you choose to upload them), internet activity (usage data, device type, browser type, OS version, crash and error logs), and geolocation data (approximate, from IP address; ZIP / postal code only when you use the doctor referral feature).

To submit a request, email admin@ovaela.ai with the subject line "CCPA Request." We will verify your identity and respond within 45 days.

11. Washington Residents, My Health My Data Act Rights

If you are a Washington State resident, you have additional rights under the My Health My Data Act (MHMDA):

• Consent before collection: We will obtain your consent before collecting consumer health data, separately from our general terms of service.
• Right to delete: You may request deletion of your consumer health data. We will comply within 30 days.
• Right to withdraw consent: You may withdraw consent for the collection and use of your health data at any time.
• Separate health data privacy policy: This Privacy Policy serves as our consumer health data privacy policy as required by the MHMDA.

To submit a request, email admin@ovaela.ai with the subject line "MHMDA Request."

12. Residents of Other U.S. States

A number of U.S. states have comprehensive consumer-privacy or consumer-health-data laws that give their residents privacy rights. These include, among others, Colorado, Connecticut, Virginia, Texas, Oregon, and Nevada, and the list of states with such laws continues to grow. Rather than apply the lowest standard each law allows, Ovaela applies a single, strong set of protections to every U.S. user:

• We treat your health data as sensitive data subject to your opt-in consent, and we obtain your consent before your data is sent to our third-party AI providers for analysis. We do not rely on a buried opt-out.
• We do not sell your personal information or your health data, and we do not process it for targeted advertising or for profiling that produces legal or similarly significant effects.
• We collect and use only the data needed to provide and improve the Service.

Depending on the law of your state, you may have the right to confirm whether we process your personal data and to access it; to correct inaccuracies; to delete it; to obtain a portable copy; and to opt out of any sale, targeted advertising, or qualifying profiling (we do not engage in these). Where the applicable law provides one, you also have the right to appeal a decision we make about a privacy request; if we deny your appeal, that law may let you contact your state Attorney General.

Illinois residents: Ovaela does not collect, capture, or store biometric identifiers or biometric information as defined by the Illinois Biometric Information Privacy Act (BIPA). Face ID, where you enable it, is handled entirely by your device and is never transmitted to Ovaela (see Section 1f). New York residents: we maintain reasonable administrative, technical, and physical safeguards for your information and follow applicable breach- notification requirements, consistent with the New York SHIELD Act.

To exercise any of these rights, email admin@ovaela.ai with the subject line "State Privacy Request." We will verify your identity, respond within the timeframe your state's law requires (typically 45 days), and will not discriminate against you for exercising any of these rights.

13. Cookies and Tracking Technologies

We use essential cookies to maintain your session and authenticate your account. We do not use third-party advertising cookies or cross-site tracking technologies.

We do not include health data in client-side product analytics events. Web-app product analytics, when collected via PostHog, are limited to aggregate, non-identifiable interaction metrics about which features are used. The native iOS app does not use PostHog. On the iOS app, Ovaela's only client-side telemetry is the crash and error reporting described in the next paragraph (and in Section 4); Sentry performance tracing and profiling are disabled on the iOS app (tracesSampleRate = 0), and Ovaela does not transmit aggregate tap, screen-view, or session-replay analytics from the iOS app. Any aggregate diagnostic signals that may surface to Ovaela are limited to Apple's own platform telemetry under the user's iOS Privacy & Security settings. Nothing in this paragraph contains your health data, and Ovaela does not use any of these signals for cross-app tracking or third-party advertising.

Separately, we may analyze aggregated health data internally to improve the accuracy and quality of our AI wellness insights, for example, looking at population- level distributions of common patterns to refine prompts or identify failure modes. This kind of analysis is performed on aggregated data only and never identifies any individual user. We do not transmit this aggregated data to third parties for advertising, marketing, or cross-app tracking.

Crash and error logs are transmitted to Sentry from both the iOS and web apps so we can find and fix bugs. The Sentry client is configured with sendDefaultPii = false; device identifiers, IP addresses, and user contexts are not included by default, and every event passes through a redaction callback before leaving the device. See Section 4 for full Sentry details.

14. Contact for Privacy Requests

For any privacy-related questions, requests, or concerns, contact us at:

15. App Store Privacy Nutrition Labels Summary

This section summarizes the data types Ovaela discloses for the current native iOS app via App Store Connect's Privacy Nutrition Labels. Each row corresponds to a category Apple displays on the App Store listing. None of the data listed below is used for cross-app tracking; Ovaela does not use any third-party advertising, does not share data with data brokers, and does not sell personal information (see Section 7).

Web analytics, hosting telemetry, and any other web-only data collection described elsewhere in this Policy are additional to (and may differ from) what appears on the App Store listing. Apple's Privacy Nutrition Labels describe the iOS app only.

Data Linked to You (iOS app):

• Email Address: App Functionality (account creation, login, password recovery; support correspondence is handled via email and is bundled under this purpose by Apple's taxonomy).
• Name: App Functionality (display name used to greet you in the app).
• User ID: App Functionality, Analytics (Supabase auth identifier, used for row-level security and aggregate cohort metrics).
• Device ID: App Functionality (Apple Push Notification service token and related device identifier, stored linked to your account so we can deliver notifications and maintain notification preferences; see Section 1c).
• Health: App Functionality, Product Personalization, Analytics (the core product purpose; aggregated analysis is used internally to improve AI accuracy).
• Fitness: App Functionality, Product Personalization, Analytics (workouts, wearable data routed through Apple Health, and similar fitness signals; same scope as Health).
• Coarse Location: App Functionality (ZIP / postal code only, used for the doctor directory).
• Photos or Videos: App Functionality (meal photos, supplement labels, blood-work document scans, when you choose to upload them).
• Other User Content: App Functionality, Product Personalization, Analytics (free-form text from the daily check-in chat, onboarding intake, and Ask AI conversations; see Section 1a).
• Purchase History: App Functionality, Analytics (subscription tier, Free / Plus / Pro / Family, used for feature gating, billing reconciliation, and aggregate paid-vs-free analytics; payment cards are never seen by Ovaela and are handled by Stripe; see Section 4).

Data Not Linked to You (iOS app):

• Crash Data: App Functionality, Analytics (Sentry, configured with sendDefaultPii = false and a redaction callback, see Section 4).

The current iOS app does not declare Product Interaction or Performance Data as separate App Store nutrition-label categories. The native iOS app does not include a third-party product-analytics SDK (no PostHog on iOS), and Sentry performance tracing and profiling are disabled in the iOS configuration. Web analytics (PostHog) and server-side performance telemetry (Sentry) are described in Sections 1c, 4, and 13 and apply to the web product only.

If you believe any of the disclosures on the App Store do not match this Policy, please contact us at admin@ovaela.ai with the subject line "App Store Disclosure Question."

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and notify you through the Service or by email. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically.