Legal
Privacy Policy
Effective date: April 1, 2026 · Last updated: April 1, 2026 · Contact: contact@meriod.app
Plain language summary: Meriod collects your health data to help you understand your cycle. We do not sell your data. We store it securely in the United States. You can delete your account and all your data at any time.
1. Who we are
Meriod ("we," "our," or "us") is a cycle and symptom tracking application. Our contact email is contact@meriod.app.
2. What data we collect
Account data
- Email address and name (when you create an account)
- Password (stored as a one-way hash — we cannot read it)
Health data
- Menstrual cycle dates, flow intensity, and duration
- Symptoms you log (physical, emotional, and other)
- Notes and observations you add manually
Usage data
- App interactions and feature usage (anonymized)
- Device type and operating system (for technical support)
Waitlist data
- Email address and optional first name (if you signed up at meriod.app)
3. How we use your data
- To provide the service — show you your cycle history, generate insights, and power Mia (our AI companion)
- To send you the app — confirmation emails, account notifications, and (with your consent) product updates
- To improve Meriod — understand how features are used (anonymized, never individual health data)
- To process payments — subscription management via RevenueCat
We do not use your health data for advertising. We do not sell your data to third parties.
4. AI features (Mia)
Mia is powered by Anthropic's Claude AI. When you chat with Mia, your messages and relevant cycle context are sent to Anthropic's API to generate a response. Anthropic's privacy policy applies to this processing. We do not store your Mia conversations beyond the current session, and Anthropic does not use your data to train their models (as per their API terms).
5. Partner Mode
If you invite a partner to view your cycle data, they will see only the information you explicitly choose to share. You can revoke partner access at any time from your settings. Your partner's email address is used solely to send the invitation.
6. Data storage and security
Your data is stored on Supabase infrastructure located in the United States (us-east-1). We use industry-standard security measures including:
- Encrypted connections (HTTPS/TLS) for all data in transit
- Encrypted storage at rest
- Sensitive data (your profile) stored in the device's secure keychain
- Row-level security on our database — you can only access your own data
7. Third-party services
- Supabase — database and authentication (United States)
- Anthropic — AI processing for Mia conversations
- Resend — transactional email delivery
- RevenueCat — subscription and payment management
- Apple / Google — in-app purchases processed through their platforms
8. Your rights
You have the right to:
- Access your data — view everything Meriod has stored about you
- Delete your account and all associated data — available directly in the app under Settings → Delete Account
- Export your data — contact us at contact@meriod.app
- Correct inaccurate data — directly in the app or by contacting us
- Opt out of marketing emails — via the unsubscribe link in any email
These rights apply regardless of your location. If you are in Brazil, these rights are also guaranteed under the LGPD (Lei Geral de Proteção de Dados).
9. Children's privacy
Meriod is not intended for users under 13 years of age. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us at contact@meriod.app.
10. Changes to this policy
We may update this policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of Meriod after changes constitutes acceptance of the updated policy.
11. Contact
Questions about this policy? Email us at contact@meriod.app.