Privacy Policy

Last updated: April 7, 2026 · Effective: April 7, 2026

Menoa (“we,” “us,” or “our”) is operated by Kindservices. This Privacy Policy describes how we collect, use, store, share, and protect your personal information when you use the Menoa mobile application and website (collectively, the “Service”). We take your privacy seriously, particularly because Menoa handles sensitive health information.

1. Data Controller

The data controller responsible for your personal information is:

Kindservices
Email: privacy@menoa.health

2. Data We Collect

We collect only what is necessary to deliver Menoa’s features. Here is a full breakdown by category:

2.1 Health Data You Enter

Symptom logs— daily tracking entries for 30+ menopause symptoms including hot flashes, night sweats, sleep disruption, mood changes, brain fog, joint pain, vaginal dryness, and others. Each entry includes severity, timestamp, and optional notes.
MRS assessment responses— your answers to the 11-item Menopause Rating Scale, a clinically validated questionnaire. We store individual item scores and calculated total and domain scores (somatic, psychological, urogenital).
Medication & HRT records— treatment names, dosages, frequencies, start/stop dates, administration routes, and adherence check-ins you choose to log.
Mood and sleep ratings— daily mood entries, energy levels, sleep quality scores, bedtime/wake times, and sleep disruption counts.
Bloodwork results— lab values you upload or manually enter, including hormone levels (FSH, estradiol, progesterone, testosterone), thyroid panels, vitamin levels, and other markers relevant to menopause care.
Notes and journal entries— free-text notes you add to daily logs, appointment summaries, or AI chat sessions.

2.2 Account Information

Email address— required only if you create an account. Used for authentication, password recovery, and essential service communications.
Display name— optional, used to personalize the app experience.
Date of birth or age range— optional, used to contextualize health insights and MRS scoring.

2.3 Device & Technical Data

Device model, operating system, and app version (for bug reports and compatibility).
Crash logs and performance diagnostics (anonymized, no health data included).
Timezone and locale preferences (for accurate scheduling and date display).

2.4 Data We Do NOT Collect

Location data or GPS coordinates.
Contacts, photos, or camera data (unless you explicitly upload a lab photo).
Browsing history outside the Menoa app and website.
Advertising identifiers (IDFA/GAID).
Social media profiles or contacts.

3. How We Use Your Data

Core tracking features— displaying your symptom history, generating MRS scores, and showing treatment timelines.
AI-powered insights— analyzing patterns across your symptoms, sleep, mood, and treatments to surface correlations and trends you might not notice on your own.
Report generation— creating exportable health summaries you can bring to doctor appointments.
Bloodwork analysis— contextualizing your lab values with your symptom data to provide a fuller picture.
Personalization— tailoring content, insights, and suggestions based on your menopause stage and health profile.
Service improvements— aggregated, de-identified usage patterns (never individual health data) to improve the app.
Communications— sending essential account emails (password resets, security alerts, major service changes). We do not send marketing emails without your explicit opt-in consent.

We will never use your health data for advertising, sell it to third parties, or share it with insurers, employers, or data brokers. Your health data exists solely to serve you.

4. Legal Basis for Processing

Under GDPR and similar frameworks, we process your data on the following legal bases:

Explicit consent (Article 9(2)(a) GDPR)— for processing special category health data. You provide this consent when you first use Menoa and can withdraw it at any time.
Contract performance (Article 6(1)(b) GDPR) — processing necessary to provide the service you requested (tracking, insights, reports).
Legitimate interest (Article 6(1)(f) GDPR) — for security, fraud prevention, and aggregated service improvements, where your rights are not overridden.
Legal obligation (Article 6(1)(c) GDPR)— where we are required by law to retain or disclose information.

5. AI & Automated Processing

Menoa uses AI to generate health insights, analyze bloodwork, and power the health companion chat. Here is exactly how that works:

5.1 What Is Processed

When you use AI features, relevant portions of your health data (symptom logs, MRS scores, medication records, bloodwork values) are sent to our AI provider for analysis. Only the minimum data needed for the specific request is transmitted.

5.2 AI Provider

We use Anthropic’s Claude API for AI processing. Anthropic processes data under a strict data processing agreement. Under this agreement:

Your health data is processed ephemerally — it is not stored by Anthropic after the API call completes.
Your data is not used to train Anthropic’s AI models.
Anthropic does not access, share, or sell your data for any purpose beyond fulfilling the API request.
All data is encrypted in transit using TLS 1.2+.

5.3 No Automated Decision-Making

Menoa’s AI features provide informational insights only. No automated decisions with legal or significant effects are made based on your data. All AI outputs are presented as suggestions, not directives, and you always retain full control over how you use the information.

6. Apple HealthKit Data

If you choose to connect Apple HealthKit, Menoa may read the following data types with your explicit per-category permission:

Sleep analysis — sleep duration, bedtime, wake time, and sleep stages.
Heart rate — resting heart rate and heart rate variability (HRV).
Activity — step count and active energy burned.
Body measurements — weight and BMI, if recorded.

In compliance with Apple’s HealthKit guidelines:

HealthKit data is never sold to advertising platforms, data brokers, or information resellers.
HealthKit data is not used for purposes beyond health improvement and health research with your consent.
HealthKit data is not disclosed to third parties without your explicit permission.
We do not use HealthKit data for marketing, advertising, or use-based data mining.

HealthKit data is stored locally on your device and, if you have a Menoa account, synced to your encrypted cloud profile. You can disconnect HealthKit at any time from the app settings, and previously synced data can be deleted.

7. Data Storage & Security

7.1 Guest Mode (No Account)

In guest mode, all your data is stored locally on your device using encrypted storage. No data is transmitted to our servers. If you uninstall the app or lose your device, this data cannot be recovered.

7.2 Account Mode

With an account, your data syncs to our cloud infrastructure powered by Convex. Security measures include:

Encryption in transit — all data transmitted between your device and our servers uses TLS 1.2 or higher.
Encryption at rest — your data is encrypted at rest using AES-256 encryption on our cloud infrastructure.
Access controls — strict role-based access controls limit who at Kindservices can access production systems. Health data access is logged and audited.
Infrastructure security — our cloud providers maintain SOC 2 Type II compliance, and we conduct regular security assessments.
Authentication security — passwords are hashed using industry-standard algorithms. We support secure session management with automatic expiry.

7.3 Backups

Cloud-stored data is backed up regularly with encrypted backups. Backups are subject to the same retention and deletion policies as primary data. When you request account deletion, we ensure your data is purged from backups within 30 days.

8. Data Sharing & Third Parties

We share your data only with the following categories of service providers, and only to the extent necessary:

Provider	Purpose	Data Shared
Convex	Cloud database & sync	Account & health data (encrypted)
Anthropic	AI insights processing	Health data for analysis (ephemeral)
Vercel	Website hosting	No health data; standard web logs
Apple (RevenueCat)	Subscription management	Subscription status only; no health data

All third-party providers are bound by data processing agreements that restrict them from using your data for any purpose other than providing their service to us. We regularly review these agreements and the security practices of our providers.

8.1 When We May Disclose Data

When required by law, regulation, or valid legal process (e.g., court order or subpoena).
To protect the safety or rights of Menoa users, Kindservices, or the public.
In connection with a merger, acquisition, or sale of assets, in which case we will notify you and ensure the acquiring entity upholds this policy.

8.2 What We Never Do

Sell your personal or health data to any party, for any reason.
Share data with advertisers, data brokers, or information resellers.
Share data with insurers, employers, or pharmaceutical companies.
Use your health data to build profiles for targeted advertising.

9. Data Retention

Active account— your data is retained for as long as you maintain an active Menoa account.
Inactive accounts— if your account is inactive for 24 months, we will notify you before taking any action. You may choose to keep or delete your account.
After account deletion— all personal and health data is permanently deleted within 30 days. Anonymized, aggregated statistics (which cannot be linked back to you) may be retained.
Guest mode data— stored only on your device. Deleted when you uninstall the app or clear app data.
Support correspondence— retained for up to 12 months after the issue is resolved, then deleted.

10. International Data Transfers

Menoa’s cloud infrastructure may process data in the United States and other jurisdictions. Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

Standard Contractual Clauses (SCCs) approved by the European Commission.
Data processing agreements with all providers that meet GDPR requirements.
Verification that recipient countries or providers offer adequate data protection levels.

11. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

Right of Access

Request a copy of all personal data we hold about you. We will provide this in a structured, machine-readable format within 30 days.

Right to Rectification

Request correction of inaccurate or incomplete personal data. Most data can be corrected directly in the app.

Right to Erasure (“Right to Be Forgotten”)

Request deletion of your personal data. You can delete your account directly in the app (Settings → Account → Delete Account), or email us. Deletion is permanent and completed within 30 days.

Right to Data Portability

Export all your data at any time from within the app in a structured, commonly-used format (JSON or CSV). This includes all symptom logs, MRS scores, medication records, and notes.

Right to Restrict Processing

Request that we temporarily stop processing your data while a concern is resolved.

Right to Object

Object to processing based on legitimate interests. We will cease processing unless we have compelling legitimate grounds.

Right to Withdraw Consent

Withdraw your consent to health data processing at any time. This will not affect the lawfulness of processing carried out before withdrawal. You can withdraw consent by deleting your account or contacting us.

To exercise any of these rights, email privacy@menoa.health with your request. We will respond within 30 days. If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

Right to Know— you may request details about the categories and specific pieces of personal information we have collected, the sources, the business purposes, and categories of third parties with whom we share it.
Right to Delete— you may request deletion of your personal information, subject to certain exceptions.
Right to Correct— you may request correction of inaccurate personal information.
Right to Opt-Out of Sale/Sharing— we do not sell or share (as defined by CCPA/CPRA) your personal information. There is nothing to opt out of.
Right to Non-Discrimination— we will not discriminate against you for exercising any of these rights.
Right to Limit Use of Sensitive Personal Information — your health data is classified as sensitive personal information. We use it only to provide the Service, as described in this policy.

To make a verifiable consumer request, email privacy@menoa.health with “CCPA Request” in the subject line. We will verify your identity and respond within 45 days.

13. Cookies & Analytics

13.1 Website Cookies

The Menoa website (menoa.health) uses only essential cookies required for the site to function. These include:

Session cookies — maintain your session state across page loads. Expire when you close your browser.
Security cookies — prevent cross-site request forgery (CSRF). Essential for form submission security.

13.2 What We Do NOT Use

No advertising cookies or tracking pixels.
No Google Analytics or Facebook Pixel.
No fingerprinting or cross-site tracking technologies.
No third-party cookies of any kind.

13.3 Analytics

We may use privacy-friendly, cookieless analytics to understand overall website traffic (page views, referrers, device types). These tools do not track individual users, do not use cookies, and do not collect personal information.

14. Children’s Privacy

Menoa is designed for adults experiencing menopause or perimenopause. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@menoa.health and we will delete it promptly.

15. Data Breach Procedures

In the unlikely event of a data breach involving your personal or health information:

We will notify affected users within 72 hours of becoming aware of the breach, as required by GDPR.
We will notify the relevant supervisory authority within the same timeframe.
Notification will include: the nature of the breach, the categories of data affected, likely consequences, and the measures we are taking to address it.
We will provide clear guidance on steps you can take to protect yourself.
We maintain an incident response plan that is tested and updated regularly.

16. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes:

We will notify you via email (if you have an account) and/or a prominent notice in the app at least 30 days before the changes take effect.
We will update the “Last updated” date at the top of this page.
For changes affecting how we process health data, we will request renewed consent where required.
Previous versions of this policy will be archived and available upon request.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out:

Privacy inquiries: privacy@menoa.health

General support: support@menoa.health

Data protection officer: dpo@menoa.health

We aim to respond to all privacy-related inquiries within 5 business days, and to formal data subject requests within 30 days as required by law.