Privacy Policy
Last updated: 7 July 2026
Who we are
Syncira ("Syncira", "we", "us") is a cycle-tracking wellness app that helps you understand your cycle through the changing phases of your menstrual cycle, viewed as inner seasons. Syncira is operated by Jelena Korac, an individual based in Portugal, acting as the data controller for the personal data described in this policy.
If you have any questions about this policy or your data, contact us at hello@syncira.app.
What this app is (and is not)
Syncira helps you understand and work with your menstrual cycle through tracking, reflection, and gentle daily guidance. Syncira is not a medical device. It does not diagnose, treat, cure, or prevent any medical condition, and it is not a substitute for professional medical advice. Always consult a qualified healthcare provider for medical concerns.
The data we collect
We collect only what we need to provide the app.
You provide directly:
- Your email address — used to sign you in (via a one-time code) and for essential service messages.
- Cycle and wellness data you log — period start/end dates, bleeding, symptoms, moods, energy, sleep, notes, journal entries, cycle reflections, and cycle intentions (what you want to focus on, time you can devote, what success looks like to you).
Collected automatically:
- Subscription status — whether you have an active trial or paid subscription (managed through the App Store or Google Play via RevenueCat). We do not collect or store your payment card details; those are handled by Apple, Google, and RevenueCat.
We do not use third-party analytics or advertising trackers. We do not sell your data. We do not use your data for advertising.
Note: the specific fields we can and cannot read are described precisely under "How we protect your data" below.
Special-category (health) data
Menstrual cycle and related wellness data is special-category personal data under the GDPR (Article 9). We process it only with your explicit consent, given when you choose to use the app and log this information, and solely to provide the app's features to you — showing your cycle, generating your daily guidance, and keeping your history. You can withdraw consent at any time by deleting your data or your account (see "Your rights" and "Deleting your account").
How we use your data
We use your data to:
- Sign you in and keep your account secure.
- Show your cycle, its phases and seasons, calendar, and history.
- Generate your personalized daily guidance and let you set and revisit cycle intentions.
- Provide and manage your subscription and free trial.
- Respond to your support requests.
We do not use your data to make decisions about employment, insurance, or eligibility for anything, and we do not share it for advertising.
How we protect your data
Your privacy is central to Syncira's design.
Your most sensitive entries are encrypted on your device before they are stored. The following are encrypted on your device using authenticated encryption, so they are not held in directly readable form in our database:
- Your journal entries (prompts and content)
- Your cycle reflections (what supported you, what drained you, patterns you noticed)
- Your cycle intentions (your goal, focus areas, available time, blockers, and what success feels like to you)
- Your daily check-in details (symptoms, moods, energy, stress, sleep, discharge, digestion, appetite, sexual activity and drive, activities, and personal notes)
- Your bleeding intensity and your generated daily guidance
Some data is necessarily stored in readable form so the app can function. This includes: your email address; your cycle and period dates and timing (period start/end dates, cycle day, current phase); your display name and basic cycle settings (cycle length, period length); your subscription and trial status; and the limited information sent to our AI provider to generate your daily guidance (see below). Your dates and cycle timing are not encrypted.
An important, honest note on our encryption: because Syncira uses passwordless sign-in, the key used to encrypt your sensitive fields is derived from your account identifiers rather than a private password only you know. This means our on-device encryption protects your data against unauthorized access to our database (for example, a data leak or third-party access) - but it does not make Syncira "zero-knowledge." We do not routinely access your content, but you should understand that we are technically able to. We will never sell your data or use it for advertising.
We host data with Supabase in the EU (Ireland). We apply access controls and security measures appropriate to the sensitivity of the data. No system is perfectly secure, but we take the protection of your cycle data seriously.
Third parties who process data for us
We share the minimum necessary data with a small number of service providers ("processors") who help us run Syncira. They act on our instructions and are bound to protect your data.
- Supabase — database, authentication, and hosting (EU/Ireland). Stores your account and app data (encrypted where described above).
- RevenueCat — manages subscription and trial status. Receives an anonymized identifier and your subscription state; does not receive your cycle/health content.
- Google (Gemini AI) — generates your daily guidance. When your guidance is created, we send this service: your current day in the cycle, your current phase, and the details from your cycle intention (your goal, focus areas, available time, blockers, and how you define success). We do not send your symptoms, moods, bleeding, sleep, journal entries, or any other health-log data. Note that although your intention is stored encrypted on your device, its text is transmitted in readable form to this AI provider at the moment your guidance is generated - this is necessary to produce your personalized guidance. We do not send information that directly identifies you (such as your name or email) to this service.
- Apple App Store / Google Play — process your subscription payments. We never see or store your payment card details.
International transfers
Your data is primarily stored in the EU (Ireland). Some processors (e.g. Google) may process limited data outside the EU. Where that happens, we rely on appropriate safeguards as required by GDPR.
How long we keep your data
We keep your data for as long as you have an account. When you delete your account (see below), we delete your associated personal data. We may retain limited, anonymized transaction records where required for tax or accounting purposes.
Deleting your account and data
You can permanently delete your account and all your associated Syncira data at any time, directly in the app: Settings → Delete account. This removes your cycle history, check-ins, journal, reflections, intentions, and profile. This action is irreversible.
Note: if you have a paid subscription, it is billed through the App Store or Google Play. Deleting your Syncira account does not cancel that subscription — manage or cancel it in your device's Subscriptions settings.
Your rights (GDPR)
As someone in the EU, you have the right to: access your data; correct it; delete it; restrict or object to processing; data portability; and to withdraw consent at any time. You also have the right to lodge a complaint with your local data protection authority (in Portugal, the CNPD).
To exercise any of these rights, contact hello@syncira.app. Much of this you can also do directly in the app (view and edit your data, or delete your account).
Children
Syncira is not directed to children under 16. We do not knowingly collect data from children under this age.
Changes to this policy
We may update this policy. If we make material changes, we will notify you in the app or by email. The "last updated" date at the top shows the current version.
Contact
Jelena Korac, Portugal hello@syncira.app
Syncira