Privacy

Privacy Policy for Health Data.

Important Notice Before You Read

Menovia is a wellness and educational platform designed to support women through perimenopause, menopause, and postmenopause. We collect sensitive health-related information that you choose to share with us. This Privacy Policy explains, in plain language, what we collect, why we collect it, how we use and protect it, and the choices and rights you have.

Menovia is not a medical provider. Our AI companion, Zeina™, is not a doctor, and the information you receive through the Platform is for educational and supportive purposes only. Menovia is not subject to HIPAA as a covered entity. We are a consumer wellness app, and the information you share with us is governed by this Privacy Policy and applicable consumer privacy laws (including state-specific consumer health data laws).

If you are looking for clinical care, please consult a licensed healthcare provider.

1. Who We Are and How to Reach Us

This Privacy Policy applies to Menovia AI ("Menovia," "we," "us," "our") and our website, mobile applications (iOS and Android), AI companion Zeina™, community features, and any related services (together, the "Platform").

Contact Information
Menovia AI, 2503 S Linden Rd, 257, Flint, MI 48532-5462
Email: support@menovia.ai
Privacy Requests: support@menovia.ai (Subject Line: "Privacy Request")

2. Scope of This Policy

This Policy applies only to the Platform. It does not apply to:

  • Third-party services you interact with through the Platform (app stores, payment processors, telehealth providers, external websites)
  • Information shared by other users in our community spaces
  • Information you choose to share publicly outside the Platform

Third-party services are governed by their own privacy policies. We encourage you to review them.

3. What We Collect

A. Information You Provide Directly

Account & Profile

  • Name, email address, password
  • Age or date of birth (to confirm you are 18 or older)
  • Display name and profile photo (if uploaded)
  • Communication preferences and language

Health & Wellness Information

This is the most sensitive information we handle. We only collect what you choose to enter. This includes:

  • Menopause stage (perimenopause, menopause, postmenopause)
  • Menstrual cycle data (start dates, length, flow)
  • Symptoms you log (hot flashes, sleep, mood, joint pain, etc.) with severity, duration, time, and notes
  • Triggers and activities (stress, alcohol, exercise, etc.)
  • Treatments and medications you choose to record (HRT, supplements, lifestyle interventions)
  • Photos you upload to symptom logs (e.g., skin changes)
  • Wellness goals and personalization preferences

Communications with Zeina™ (Our AI Companion)

  • Messages you send to Zeina
  • Feedback you provide on Zeina's responses (thumbs up/down, helpful flags)
  • Conversation history (saved to your account so you can revisit prior conversations)

Community Content

  • Posts, comments, and reactions you create
  • Forums you join and follow
  • Direct messages between members (if you use this feature)
  • Reports you submit about other users or content
  • Whether you choose to post anonymously (in which case your identity is hidden from public view but retained by Menovia for moderation purposes)

Communications with Us

  • Customer support messages
  • Survey responses
  • Beta feedback

Payment & Subscription Information

  • Subscription tier and status
  • Billing email
  • Transaction history (we do not store full payment card details — these are processed by Apple, Google, or Stripe)
  • For Apple/Google App Store purchases: purchase tokens and subscription receipts

B. Information Collected Automatically

Device & Technical Information

  • Device type, model, operating system, and OS version
  • App version, browser type, language, time zone
  • Unique device identifiers (as permitted by your platform settings)
  • IP address (used for security, fraud prevention, and approximate location)
  • Crash logs and diagnostic data

Usage Data

  • Screens viewed and features used within the Platform
  • Time spent on screens
  • Interactions with Zeina (questions asked, ratings given, length of conversations)
  • Session timestamps
  • Engagement with notifications

Cookies and Similar Technologies (Website Only)

  • Strictly necessary cookies for login, security, and core functionality
  • Analytics cookies (we use PostHog and similar tools)
  • We do not use third-party advertising cookies. We do not sell your data to advertisers.

C. Information From Third-Party Sources

Apple HealthKit and Google Fit (Only If You Opt In)

You can choose to connect Menovia to Apple Health (iOS) or Google Fit (Android). We will only read data types you explicitly authorize. This may include:

  • Sleep data
  • Heart rate and heart rate variability
  • Activity (steps, workouts)
  • Weight
  • Menstrual cycle entries

We use this data to enhance the personalization of your insights and patterns within the Platform. You can disconnect HealthKit or Google Fit at any time from your device settings or within the Menovia app. When disconnected, we stop collecting new data, and cached data is deleted within 30 days.

We do not share your HealthKit or Google Fit data with any third party. Apple specifically prohibits this, and we agree.

App Stores (Apple App Store and Google Play)

  • Subscription status and renewal information
  • Purchase tokens for receipt validation
  • Limited account metadata

Service Providers

We receive limited information from service providers helping us run the Platform (hosting, analytics, customer support, security, AI providers, payment processors).

Telehealth Partners (When You Use This Feature)

If you book a telehealth appointment through Menovia, we may receive scheduling metadata, appointment status, and limited service coordination information. The clinical care itself is governed by the telehealth provider's own privacy practices and applicable healthcare laws, not by this Policy.

4. How We Use Information

We use information to:

  • Provide, operate, and improve the Platform and Zeina™
  • Personalize your experience (stage-aware content, recommended articles, smart insights, predictions, and reminders)
  • Power Zeina's responses (we send your message and relevant context to our AI provider — see Section 6 for AI specifics)
  • Enable community features, including moderation, safety, and abuse prevention
  • Process subscriptions, payments, and refunds (through third-party processors)
  • Send service messages (account confirmations, security notices, support replies)
  • Send optional notifications you've enabled (check-in reminders, community replies, AMA reminders, weekly summaries)
  • Monitor and prevent fraud, abuse, harmful content, and security incidents
  • Conduct internal research, analytics, and product development using de-identified or aggregated data
  • Comply with legal obligations and enforce our Terms of Service

5. Consumer Health Data — Special Notice

Several U.S. state laws (including Washington's My Health My Data Act, Nevada SB 370, Connecticut's amended Data Privacy Act, and others) treat reproductive health, menopause-related data, biometric data, and symptom tracking as consumer health data subject to heightened protection.

For this category of information:

  • We collect only what you choose to provide
  • We do not sell consumer health data
  • We do not share consumer health data with advertisers
  • We do not use consumer health data for targeted advertising
  • We will obtain your explicit opt-in consent before using or sharing consumer health data for any purpose beyond providing the Platform you requested
  • We honor deletion requests for consumer health data in accordance with applicable law

Residents of Washington, Nevada, Connecticut, and certain other states have specific rights regarding consumer health data. To exercise these rights, contact us at support@menovia.ai with the subject line "Consumer Health Data Request."

6. AI and Zeina™ — How Your Conversations Are Processed

Zeina™ is an AI companion built using third-party large language models (currently Anthropic's Claude). When you send a message to Zeina:

  1. Your message and limited context (e.g., your stage, recent symptoms if you've opted into personalization) are sent to our AI provider to generate a response.
  2. The AI provider processes the message to generate a reply. Our AI provider has contractually agreed not to use your data to train their models.
  3. The full conversation is stored in your account so you can revisit it. You can delete any conversation at any time.

Important things to understand about Zeina:

  • Zeina is an AI. She is not a doctor and cannot diagnose, prescribe, or provide medical advice.
  • Zeina may sometimes be inaccurate, incomplete, or out of date.
  • Always consult a licensed healthcare provider for medical concerns.
  • Zeina is designed with safety guardrails: she will not provide specific medication dosing, will refer you to crisis resources if you mention self-harm, and will encourage you to see a provider for serious concerns.

We do not use your conversations with Zeina to train AI models. Our AI provider does not train on your data either. We may use de-identified, aggregated information about Zeina interactions (e.g., how often a topic is asked about, average satisfaction ratings) to improve the Platform's safety and quality.

You can disable Zeina's memory of past conversations in your settings if you prefer her to start fresh each time.

7. Biometric Information

If you choose to use Face ID, Touch ID, or fingerprint unlock for your Menovia account:

  • All biometric processing happens on your device only. Menovia never sees, stores, or transmits your biometric data.
  • Your device's operating system (iOS or Android) handles authentication and tells Menovia only whether the unlock was successful.
  • You can disable biometric login at any time in your device settings.

This means residents of Illinois (BIPA), Texas, and Washington — states with biometric privacy laws — can use Face ID and Touch ID without Menovia collecting biometric identifiers.

8. Community Features and Anonymous Posting

When you post or comment in our community:

  • Public posts and comments are visible to all Menovia members (and may be visible on the public web if shared externally).
  • Anonymous posts display as "Anonymous Member" with no link to your profile. However, Menovia retains your identity internally for moderation, safety, and to comply with law. We do not reveal anonymous posters' identities except as required by law (e.g., subpoena) or in response to credible threats of harm.
  • Direct messages between members are visible only to the participants. Menovia retains DMs to enforce community guidelines and respond to abuse reports.
  • Reports you submit are confidential. The user you reported is not told who reported them.

Once content is posted, others may save, screenshot, or repost it outside the Platform. Be thoughtful about what you share.

You can delete your own posts and comments at any time. After deletion, content is removed from public view immediately. We retain a backup copy in our records for a limited period for moderation and legal compliance.

9. How We Share Information

We share information in the following limited circumstances:

With Service Providers (Processors)

We share information with vendors who help us operate the Platform, under contracts that require them to protect your data and use it only for our purposes. Categories include:

  • Cloud hosting and database (Supabase, AWS)
  • AI provider (Anthropic)
  • Analytics (PostHog)
  • Error monitoring (Sentry)
  • Customer support tools
  • Payment processors (Stripe, Apple, Google)
  • Push notification delivery
  • Content moderation (OpenAI Moderation API or equivalent)
  • Email delivery (transactional emails only)

A current list of subprocessors is available on request: email support@menovia.ai with the subject line "Subprocessor List."

With Other Users (Community Features)

What you post, comment, react to, and share in community is visible to other users based on the settings of where you post.

With Telehealth Providers (Only If You Book)

If you book a telehealth visit through Menovia, we share with the provider only the information necessary to schedule and coordinate that visit (e.g., name, scheduling preferences, and — only if you choose — your Menovia symptom report).

With Employers (Only for B2B Members)

If your employer sponsors your Menovia subscription, your employer receives aggregated, anonymized usage statistics (e.g., total active users, overall engagement). Your employer never receives:

  • Individual symptom data
  • Conversations with Zeina
  • Community posts or comments
  • Direct messages
  • Any data that could identify you

For Legal and Safety Reasons

We may disclose information when we believe in good faith it is necessary to:

  • Comply with applicable laws, regulations, legal process, or governmental requests
  • Enforce our Terms of Service
  • Protect the rights, property, or safety of Menovia, our users, or others
  • Investigate fraud, abuse, or security incidents

Business Transfers

If Menovia is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred. We will provide notice and continue to protect your information in accordance with this Policy.

10. What We Do NOT Do

  • We do not sell your personal information.
  • We do not share your data with advertisers.
  • We do not use your data for targeted advertising.
  • We do not allow our AI provider to train models on your conversations.
  • We do not share your HealthKit or Google Fit data with anyone.
  • We do not reveal anonymous posters' identities to other users.
  • We do not share individual data with employers in B2B accounts.

11. Your Rights and Choices

Depending on where you live, you have the following rights:

  • Access the personal information we hold about you
  • Correct information that is inaccurate
  • Delete your account and personal information (subject to limited legal/security exceptions)
  • Port certain information in a structured, machine-readable format
  • Opt out of certain processing (e.g., personalization, analytics)
  • Withdraw consent where processing is based on your consent
  • Object to processing in certain circumstances
  • Lodge a complaint with a data protection authority (EU/UK/California residents)

State-Specific Rights

  • California (CCPA/CPRA) — Right to know, delete, correct, opt out of sale/sharing, limit use of sensitive personal information, non-discrimination
  • Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and other state laws — Similar rights with state-specific procedures
  • Washington (My Health My Data Act) — Heightened protections for consumer health data, including opt-in consent for certain processing
  • EU/UK (GDPR) — Full GDPR rights including data portability and right to be forgotten

How to Exercise Your Rights

Email support@menovia.ai with the subject line "Privacy Request" and tell us which right you'd like to exercise.

We may need to verify your identity before responding.

We will respond within the timeframe required by applicable law (generally 30-45 days).

12. Data Retention

We retain personal information for these periods:

You can request immediate deletion at any time. Some data may be retained in limited form for legal compliance, fraud prevention, or safety.

13. Security

We use industry-standard administrative, technical, and physical safeguards to protect your information. These include:

  • Encryption in transit (TLS) and at rest
  • Row-level security on databases
  • Strict access controls — only authorized Menovia personnel can access user data
  • Regular security audits
  • Incident response procedures

No system is 100% secure. You are responsible for keeping your password confidential and using strong, unique passwords. We encourage you to enable biometric login (Face ID, Touch ID, fingerprint) for additional security.

If we become aware of a security incident affecting your information, we will notify you as required by law.

14. International Users and Data Transfers

Menovia is based in the United States. If you access the Platform from outside the U.S., your information will be processed in the United States and other countries where our service providers operate. These countries may have different data protection laws than your home country.

For EU/UK/Swiss residents: where required, we rely on appropriate transfer mechanisms (Standard Contractual Clauses) for international data transfers.

15. Children's Privacy

The Platform is intended for adults ages 18 and older. We do not knowingly collect personal information from children under 18.

If you are between 13 and 17 and accessed our Platform, please ask a parent or guardian to contact support@menovia.ai so we can delete your information.

If we discover that we have collected information from someone under 18, we will delete it promptly. If you believe a minor has provided personal information to us, please email support@menovia.ai.

16. Cookies and Tracking Controls

Website — We use cookies and similar technologies for essential functionality, security, and analytics. You can control cookies through your browser settings. Disabling certain cookies may affect functionality.

Mobile Apps

  • iOS: Apple's App Tracking Transparency (ATT) controls apply. We do not request tracking permission because we do not track you across other apps and websites.
  • Android: You can reset your Advertising ID and limit ad tracking in your device settings.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will:

  • Update the "Last Updated" date at the top
  • For material changes: provide additional notice (in-app banner, email, or both)
  • Where required by law: obtain your consent before applying changes

Continued use of the Platform after a change takes effect means you accept the updated Policy. If you do not agree, you may delete your account at any time.

18. Contact Us

For privacy questions, concerns, or to exercise your rights:

Email: support@menovia.ai
Subject Line: "Privacy Request" (or "Consumer Health Data Request" if applicable)
Mailing Address: Menovia AI, 2503 S Linden Rd, 257, Flint, MI 48532-5462

For urgent security concerns, email support@menovia.ai with "Security Issue" in the subject line.

The Pause, in your inbox

Honest letters on midlife, delivered with care.

Clinically reviewed essays, quiet reflections, and the occasional myth-bust. No spam. Unsubscribe anytime.