Summary: PERISHIFT stores only the symptoms you log. We do not sell your data, share it with advertisers, or send any health information to analytics services. Your symptom data is treated as sensitive health information and protected accordingly.
PERISHIFT is operated by Vraxni Group, LLC, an Alabama limited liability company ([“we,” “our,” or “us”]). This Privacy Policy explains how we collect, use, and protect your personal information when you use the PERISHIFT iOS application (“App”).
Data controller contact: privacy@perishift.app
When you create an account using Sign in with Apple, we receive:
We do not collect your name, phone number, Apple ID credentials, or any other Apple account information.
The core function of PERISHIFT is symptom logging. When you use the App, we store:
This data constitutes health data under applicable law (including GDPR Article 9 and California CMIA). We only collect it with your explicit consent, recorded during onboarding.
We store timestamps recording when you accepted our Medical Disclaimer, Health Data Consent, Privacy Policy, and Terms of Service. These are required to comply with health data regulations.
We store whether your subscription is active and its expiration date. Payment processing is handled entirely by Apple (App Store). We never see or store your payment card details.
We use PostHog to collect non-health behavioral analytics only. This includes:
We have implemented strict controls ensuring no health data (symptom names, severity ratings, notes, or any symptom log content) is ever sent to PostHog. This is required by the FTC Health Breach Notification Rule and California law.
If you are located in the European Economic Area, United Kingdom, or Switzerland, we process your data under the following legal bases:
| Data Type | Legal Basis |
|---|---|
| Account identifier | Performance of contract (Art. 6(1)(b)) |
| Symptom log data (health data) | Explicit consent (Art. 9(2)(a)) — withdrawn at any time |
| Consent timestamps | Legal obligation (Art. 6(1)(c)) |
| Subscription status | Performance of contract (Art. 6(1)(b)) |
| Behavioral analytics | Legitimate interests (Art. 6(1)(f)) — no health data included |
We do not use your data for advertising, profiling, or selling to third parties.
We share data only with service providers acting as our data processors, bound by data processing agreements:
| Provider | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Supabase Inc. | Database and authentication hosting | All app data (stored encrypted at rest) | supabase.com/privacy |
| RevenueCat Inc. | Subscription management | User ID, subscription status (no health data) | revenuecat.com/privacy |
| PostHog Inc. | Behavioral analytics | Anonymous usage events (no health data) | posthog.com/privacy |
| Apple Inc. | App distribution and payment processing | As required for App Store and In-App Purchase | apple.com/privacy |
We do not sell, rent, or share your personal data with any other third party. We do not engage in cross-context behavioral advertising.
You have the right to: access, rectification, erasure (“right to be forgotten”), restriction of processing, data portability, and to object to processing based on legitimate interests. To exercise these rights, contact us at privacy@perishift.app. We respond within 30 days.
You may also lodge a complaint with your local data protection authority.
California residents have the right to know what personal information we collect, to delete personal information, to opt out of the sale of personal information (we do not sell personal information), and to non-discrimination for exercising these rights. To submit a verifiable consumer request, contact privacy@perishift.app.
Symptom data logged in PERISHIFT may constitute medical information under the California Confidentiality of Medical Information Act (CMIA). We treat all symptom log data as confidential medical information. We do not share, sell, or disclose this information to any third party except as described in Section 5 (service providers bound by DPAs). We obtain your explicit written consent before collecting this data.
Washington residents have rights over their consumer health data under the My Health MY Data Act. We collect health data only with your explicit consent (recorded at onboarding). You may withdraw consent and delete your health data at any time by deleting your account. We do not sell, share, or use your health data for advertising. Contact privacy@perishift.app to exercise your MHMDA rights.
We implement the following security measures:
No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we take commercially reasonable steps to protect your information.
PERISHIFT is designed for adult women experiencing perimenopause. We do not knowingly collect personal information from anyone under 13 years of age. If you believe a child has provided us personal information, contact us and we will delete it promptly.
Your data is stored on servers operated by Supabase in the United States. If you are located in the EEA, UK, or Switzerland, your data is transferred to the US under appropriate safeguards (Standard Contractual Clauses with Supabase).
As required by GDPR Article 27, we have appointed an EU representative. Contact details: [EU REPRESENTATIVE NAME AND ADDRESS — to be completed before EU launch].
We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice in the App or by email (if provided). The effective date at the top of this page reflects the most recent version. Continued use of the App after changes constitutes your acceptance of the revised policy.
For privacy questions, requests, or complaints:
We aim to respond to all privacy inquiries within 5 business days and to fulfill rights requests within 30 days.