Privacy Policy
Effective date: June 1, 2025
Last updated: December 7, 2025
This Privacy Policy explains how Evea Cycle, Inc. ("Evea," "we," "us") collects, uses, and protects your information. By using Evea, you agree to these terms.
Table of Contents
- Introduction
- Evea's Privacy Principles
- Information We Collect
- How We Use Your Data
- AI-Powered Insights
- How We Store & Secure Your Data
- Authentication
- Third-Party Service Providers
- How We Share or Disclose Your Data
- Data Retention
- How to Export & Delete Your Data
- HIPAA Statement
- AI Model Training & Research Participation
- Additional Details
- Contact Us
1. Introduction
Evea is a health platform that helps women understand and align their lives with their menstrual cycles using wearable data, daily check-ins, and AI-powered insights.
2. Evea's Privacy Principles
Your health data belongs to you
You control how your data is used. You may export or delete your information at any time.
We protect your privacy
We collect only the data needed to provide our services and secure it using industry-standard safeguards.
We don't sell your data
We never sell or rent your personal or health data to third parties for advertising or any commercial purpose.
3. Information We Collect
Account Information
- Name and email address when you join or sign in with Google
- Onboarding data (e.g. symptoms, age etc.) used to personalize insights
Health & Wearable Data
With your explicit permission, we import:
- Sleep, heart rate, activity, readiness, recovery
- Cycle data (period dates, symptoms etc.)
Collected from sources such as Apple HealthKit or Oura. You may revoke access at any time in your device settings.
Daily Check-ins
Symptoms, emotions, lifestyle inputs, workouts, and notes you log in the app.
Support Interactions
Communications via email or in-app support.
Analytics & Device Data
Anonymized data for debugging and performance (e.g., device type, OS version). We do not track or store precise location data.
4. How We Use Your Data
Identifiable data is used to:
- Provide personalized, cycle-aware insights
- Deliver AI-generated summaries and recommendations
- Enable wearable integrations
- Support your account and troubleshoot issues
Aggregated or anonymized data is used to:
- Improve Evea's algorithms
- Conduct research on women's health
- Enhance app performance and usability
5. AI-Powered Insights
Evea uses AI to help generate personalized recommendations.
How AI processes your data
We use the following AI services:
- Google Vertex AI for generating summaries and insights
- Embeddings and semantic search for research-backed explanations
- A RAG (Retrieval-Augmented Generation) pipeline to match your symptoms and goals with relevant scientific literature
How your data flows through AI
- Your health and check-in data are processed in real time to generate recommendations
- Personal data is not retained by the AI model after the response is generated
- AI outputs may include source citations to research papers
6. How We Store & Secure Your Data
Your data is securely stored on Google Cloud Platform (GCP), including:
- Cloud SQL (PostgreSQL) for user and health data
- Cloud Storage for anonymized data and internal research assets
Security Measures
- Encryption in transit (HTTPS) and at rest
- Access control, logging, and audit trails
- No storage of passwords in plaintext
- We never access your wearable provider credentials
7. Authentication
Evea uses Google Sign-In (OAuth 2.0) for secure authentication.
When you sign in, we receive:
- Your name
- Your email address
We do not receive or store your Google password.
8. Third-Party Service Providers
We work with trusted service providers who help us operate Evea. These include:
- Cloud Infrastructure: Google Cloud Platform (data storage, computing)
- AI Services: Google Vertex AI (processing insights)
- Authentication: Google OAuth (secure sign-in)
Google is contractually required to protect your data and may only process it on Evea's behalf.
10. Data Retention
We retain your data as long as your account is active.
If you delete your account:
- All personal data is permanently deleted from our systems within 30 days
- Aggregated or previously anonymized data cannot be recovered or linked back to you
11. How to Export & Delete Your Data
You may request any of the following at eveacycle@gmail.com:
- A CSV export of your check-ins or cycle data
- Permanent deletion of your account and associated data
Responses are provided within 30 days.
12. HIPAA Statement
Evea is not a HIPAA-covered entity and does not provide medical care.
However, we handle your sensitive health data with the high standards of confidentiality.
13. AI Model Training & Research Participation
You may choose to contribute anonymized health data to help improve Evea's AI models and support women's health research.
If you opt in:
- Your data is fully de-identified (personal identifiers removed)
- Data may be used to train internal AI models that improve predictions and recommendations for other users
- Aggregated insights may be used for research
If you do not opt in:
- Your data is used only to provide your personal insights
- You still benefit from improvements developed from other users' anonymized data
Your choices:
- You can opt in or out anytime in the app settings
- Opting out does not affect anonymized data previously used
- You may ask for confirmation of your current status at eveacycle@gmail.com
Anonymized data cannot be linked back to you, and it is not possible to re-identify individual users once de-identified.
14. Additional Details
Age Requirement
You must be 18 or older to use Evea. We do not knowingly collect data from minors.
Policy Updates
We may update this policy periodically. Material changes will be communicated via email or in-app notification.
15. Contact Us
If you have questions or concerns, please contact:
Evea Cycle, Inc.