Privacy & Security Checklist — Daisycle

Last updated: 1st November, 2025
Daisycle is designed to keep your health data private, secure, and under your control. Below is a clear, copy-pasteable checklist you can use on your site, in-app, or store listing.

Our Promise

• We do not sell or rent your personal data. Your information is used only to provide features you choose.

• Data minimization: We collect the least amount of data needed to run the app and features you enable.

• Your control: You can access, export, correct, or delete your data using in-app controls (where available) or by contacting support@daisycle.app.

Your Choices

• Account-optional use: You can use Daisycle with device-only data (no email/name). Cloud sync/restore and cross-device use require an account or OS backup.

• Consent for extras: Analytics, crash reports, and personalization are opt-in. We request consent before enabling any non-essential data use.

• Granular settings: Turn on/off notifications, backups, analytics, location, and other options at any time in Settings → Privacy.

Note: On iOS/Android, OS-level device backups may include app data unless you disable OS backups.

How We Protect Your Data

• Encryption in transit & at rest: All network traffic uses HTTPS/TLS; stored data is encrypted at rest on our servers.

• Limited access: Production data access is role-based, logged, and restricted to essential personnel for support and operations.

• Secure development: Dependency monitoring, secrets management, and least-privilege infrastructure.

• App-lock: Optional PIN/biometric lock (Face ID/Touch ID/Fingerprint) where supported by your device.

• Backups: Encrypted backups; restore requires your account/device credentials.

Data Sharing & Service Providers

• No third-party selling.

• We use vetted sub-processors (e.g., hosting, storage, notifications, optional analytics/crash reporting) solely to operate Daisycle.

• Providers are bound by data-processing agreements and must meet security and privacy requirements.

A current list of essential service providers is available upon request: privacy@daisycle.app.

Your Rights

• Access & portability: Download or export your records.

• Correction: Fix inaccurate information.

• Deletion: Delete your account and associated personal data (subject to legal/operational retention requirements).

• Consent management: Change or withdraw consent for analytics/personalization at any time.

Retention

• We keep personal data only as long as needed to provide the service you’re using or to meet legal obligations.

• Local-only users: Data lives on your device unless you enable cloud/OS backups. Deleting the app may remove local data not included in OS backups.

Special Care for Health Data

• Daisycle may process sensitive information (e.g., cycle logs, symptoms, medications, pregnancy notes) only to deliver features you choose.

• We do not use sensitive health data for advertising or sell it to third parties.

Children & Teens

• Daisycle is intended for users 13+ (or the age required by local law).

• If we learn we’ve collected personal data from a child below the allowed age, we delete it and may disable the account.

Security Testing & Monitoring

• Routine vulnerability scanning and dependency patching.

• Penetration testing may be conducted periodically by qualified testers; findings are tracked to remediation.

• Logging & alerting for suspicious activity.

Incident Response

• We maintain an incident response process (detect → contain → eradicate → recover → review).

• If a data breach creates a risk to your rights and freedoms, we will notify affected users and regulators as required by law.

Contact & Requests

• Privacy requests / DSR (access, export, delete): privacy@daisycle.app

• General support: support@daisycle.app

• We aim to respond within 30 days (or faster where legally required).

At-a-Glance Checklist

• □ No data selling or renting

• □ Data minimization by default

• □ Opt-in analytics/personalization

• □ Encryption in transit & at rest

• □ Account-optional, device-only mode available

• □ App-lock (PIN/biometric)

• □ Access / export / correction / deletion

• □ Vetted sub-processors only, with DPAs

• □ Defined retention & local-only options

• □ Routine security scanning; periodic pen testing

• □ Incident response & breach notification policy

Disclaimer: This checklist describes Daisycle’s intended privacy and security posture. Actual features (e.g., app-lock, local-only mode, export) depend on your app version and device capabilities. Always review the in-app Privacy settings and our full Privacy Policy for details specific to your region.