Privacy Policy
Version 2.2 · Effective April 20, 2026 · Last updated June 12, 2026
Sachi Health ("we," "our," or "us") provides a mobile application designed to help individuals living with Polycystic Ovary Syndrome (PCOS) explore research-informed lifestyle approaches through wellness tracking, research-inspired wellness programs, and daily goal tracking.
This Privacy Policy explains what data we collect, how we use it, who has access, and how you can control your information.
This policy applies to all users of the Sachi Health mobile application, website at sachi-health.com, and related services.
Sachi Health is currently in early beta testing. Features may change, and we cannot guarantee uninterrupted availability. We are a small team committed to protecting your data.
1. Information We Collect
1.1 Information You Provide Directly
- Account information: Email address, username, password (securely hashed via AWS Cognito), date of birth (for age verification).
- Profile information: First name, last name, height, weight, country, zipcode, phone number (mostly optional).
- Health tracking data: Daily symptom check-ins, menstrual cycle data (bleeding, flow intensity, cycle length), acne and hirsutism severity assessments, hair loss tracking, oily skin levels, body composition measurements (weight, BMI, body fat percentage, muscle mass, hip/waist circumference, waist-hip ratio).
- Wellness program data: Program enrollment data (which program, enrollment date, duration), daily goal completions, nutrition check-ins (water intake, dietary patterns), exercise tracking (type, duration, frequency), and program progress.
- Medication data: Current medications, dosages, adherence tracking.
- Survey responses: Onboarding questionnaire answers; product feedback surveys (via Mailchimp) about usability; customer research surveys (via Google Forms) potentially addressing diagnosis and symptoms (anonymous unless email voluntarily provided).
- Other: Feedback and support communications.
1.2 Information from Apple HealthKit
With your explicit permission, we read the following data types from Apple Health:
- Body mass (weight)
- Body mass index (BMI)
- Body fat percentage
- Waist circumference
- Lean body mass
- Menstrual flow
- Intermenstrual bleeding
- Step count
- Active energy burned
- Exercise minutes
- Sleep duration
Weight data may be written back to Apple Health. HealthKit data is never shared with advertising networks, data brokers, or any third party for marketing purposes. HealthKit data is used solely to support your wellness tracking.
1.3 Information Collected Automatically
- Device information: Model, operating system version, app version, screen size, language, locale settings
- Network information: IP address (used for security purposes and approximate city/region location by analytics provider)
- Usage data: App screens visited (category-level labels only), session duration, session frequency
- Device identifiers: Vendor-specific device identifier (IDFV) may be collected by analytics provider. Apple's IDFA is not collected. We do not participate in ad tracking.
During the beta testing period, Apple's TestFlight service may collect additional data including crash logs, usage statistics, and device information under Apple's own privacy policy.
2. How We Use Your Information
- Provide and maintain the app: Symptom tracking, medication management, health visualizations, wellness program features, and daily goal tracking
- Present relevant research: Present peer-reviewed research programs related to lifestyle topics you have expressed interest in. This is educational content — not a personalized medical recommendation.
- Sync your data: Preserve your health history across sessions
- Track your progress: Display your daily and program-level progress
- Send notifications: Check-in and medication reminders (if you opted in)
- Improve the app: Understand usage patterns to improve features and fix issues
- Communicate with you: Account updates, relevant wellness content, and support responses
- Comply with legal obligations
We process your health data based on the explicit consent you provide during account setup and program enrollment. You may withdraw this consent at any time through the app settings.
Marketing website (www.sachi-health.com): When you submit your email address through any subscribe or launch-notification form on the website (forms appear on the homepage, blog posts, and other pages), we use that information to add you to the corresponding mailing list (Mailchimp for the app launch list; Beehiiv for The PCOS Brief newsletter — during provider transitions, newsletter signups may be temporarily stored in Mailchimp), send you the communications you signed up for, and reach out about Sachi Health updates. Form submissions are transmitted through our website infrastructure (Vercel serverless functions) to the mailing-list provider and are not otherwise stored or logged by us. We also collect anonymized page-view and CTA-click metrics to understand which messaging resonates with visitors. You may unsubscribe from emails at any time using the link in any newsletter, or request full deletion of your record by emailing security@sachi-health.com.
Call recordings: One-on-one onboarding or support calls may be recorded with your verbal consent for product improvement. Fireflies.ai transcribes these calls. You may decline recording at any time. Recordings and transcripts are deleted after a short retention period or immediately upon request to security@sachi-health.com.
3. Who Has Access to Your Data
| Provider | Purpose | Data Received | Health Data? |
|---|---|---|---|
| Amazon Web Services (AWS) | Cloud infrastructure: Cognito, API Gateway, Lambda, RDS PostgreSQL | All account and health data (encrypted in transit and at rest) | Yes |
| Mixpanel | Product analytics (mobile app) | Category-level screen names, session timing, device info, IP address, device identifier, user account ID | No* |
| Vercel | Website hosting and privacy-first web analytics (www.sachi-health.com) | Page URLs, referrer, country (derived from IP, IP not stored), anonymized session counts, CTA click events; cookieless. Email addresses submitted through website forms pass through Vercel serverless functions in transit to the mailing-list provider (not stored) | No |
| Microsoft Clarity | Website session recordings and heatmaps (www.sachi-health.com) | Page interactions, mouse movements, scroll depth, click events; form inputs (including email) are masked by default | No |
| Google Fonts | Web fonts loaded on www.sachi-health.com (DM Sans, Instrument Serif, Geist Mono) | IP address and User-Agent are sent to Google when your browser fetches the font files; no other personal data is shared | No |
| Mailchimp | Email communications; app launch-list signups (www.sachi-health.com/beta); newsletter signups during provider transitions; product feedback surveys | Email address, name, product feedback survey responses | No |
| Beehiiv | Newsletter subscriptions (www.sachi-health.com/newsletter) | Email address (and any other fields submitted through the Beehiiv subscription form) | No |
| Apple | App distribution (TestFlight/App Store), HealthKit access | Standard App Store data; HealthKit data stays on device | No |
| Google (Forms) | Survey collection | Anonymous survey responses (potentially including PCOS diagnosis, symptom preferences) | Yes** |
| Calendly | Meeting scheduling | Name, email address, scheduling availability | No |
| Fireflies.ai | Call transcription (optional, verbal consent only) | Voice recordings of onboarding/support calls | Potentially*** |
*Mixpanel: Mixpanel receives category-level screen names (e.g., "checkin" or "insights") that indicate which sections of the app you visit. These labels do not contain the content of your health entries, symptom scores, medication names, or any specific health measurements.
**Google Forms: Anonymous Google Forms surveys for customer research may ask about PCOS diagnosis or symptom tracking habits. Responses are anonymous unless email is voluntarily provided.
***Fireflies.ai: Recordings only with verbal consent. Health context may be discussed. Deleted after short retention or immediately upon request.
Law Enforcement: We will disclose personal information only in response to valid legal process such as a court order or subpoena.
Reproductive and Menstrual Health Data: We understand the sensitivity of menstrual cycle data. Your menstrual data is encrypted in transit and at rest. We do not share menstrual data with any third party in identifiable form. We will disclose menstrual or reproductive health data only in response to valid legal process such as a court order or subpoena.
4. How Your Data Is Stored and Protected
Your health data is stored both on your device and on our encrypted servers. We use encryption to protect your data in transit and at rest. Our servers are hosted on Amazon Web Services (AWS) in the United States.
Check-ins and entries are saved locally first and synced when a network connection is available. If a sync fails, data is retained locally and retried on the next app opening.
If you are located outside the United States, please be aware that your data is processed and stored in the United States.
5. Analytics and Tracking
| Event | When It Fires | What's Sent |
|---|---|---|
| Registration | When account created | Event name only (no personal details) |
| Screen Viewed | Each navigation to new screen | Category-level screen label (e.g., "checkin," "insights"); no health data content |
| Session Start | When app opens | Event name only |
| Session End | When app goes to background | Session duration in seconds |
Your analytics events are linked to your account identifier. We use this to diagnose issues and understand feature adoption, not for advertising or profiling.
Mixpanel automatically collects device model, OS version, app version, screen size, carrier, language, IP address (for city-level geolocation), and vendor device identifier (IDFV). All analytics processing occurs in the United States.
Website Analytics
The Sachi Health marketing website (www.sachi-health.com) uses two analytics tools that are separate from the in-app Mixpanel analytics described above:
- Vercel Web Analytics: Counts page views and CTA clicks (e.g., "Join the beta" or "Sign up for the newsletter"). Cookieless and does not collect personal information. IP addresses are used only for approximate country-level geolocation and are not stored.
- Microsoft Clarity: Records anonymized session playback and heatmaps so we can see how visitors navigate the site. Form fields (including email inputs) are masked by default and never visible in recordings. Clarity may set first-party cookies for session continuity.
Neither tool receives any health, symptom, or PCOS-related information from the marketing site, since the website only collects an email address and (optionally) a first name for the waitlist or newsletter.
Functional browser storage: The website uses your browser’s local storage for small functional flags — for example, remembering that you already subscribed so we stop showing subscribe prompts, or that you dismissed a prompt. These flags stay in your browser, contain no personal information beyond those preferences, and are never transmitted to us or any third party.
6. Apple HealthKit Compliance
HealthKit data is accessed only with your explicit permission, which you can revoke at any time in your device's Settings > Health > Data Access.
HealthKit data is:
- Never shared with third parties
- Never shared with advertising networks or data brokers
- Never used for advertising or marketing
- Never sold
- Not sent to any analytics service (including Mixpanel)
7. Your Rights and Choices
Regardless of where you live, you have the right to:
- Access your data through the app
- Request a copy of your data by emailing security@sachi-health.com
- Correct inaccuracies in your data
- Delete your account and all associated data
- Withdraw consent for health data collection through the app settings
- Revoke HealthKit permissions at any time through your device settings
- Manage notifications through your device settings
- Opt out of non-essential communications
We will not discriminate against you for exercising any of these rights. To exercise your rights, use the in-app options or email security@sachi-health.com. We will respond within 30 days.
California Residents
CCPA/CPRA rights. We do not sell personal information. Health data is sensitive personal information under CPRA.
Washington Residents
My Health My Data Act rights regarding consumer health data, including access, delete, and withdraw consent. Right to know specific third parties (listed in Section 3). We do not sell consumer health data.
Connecticut Residents
CTDPA rights to access, correct, delete, and obtain a copy of personal data including consumer health data.
8. Data Retention and Deletion
- Account and health data (AWS): Retained while account active. Deleted within 30 days of deletion request.
- Analytics data (Mixpanel): Retained per configured retention period. Aggregate statistics may be retained after account deletion.
- Email records (Mailchimp): Retained while account active. Removed upon deletion request.
- Newsletter subscriptions (Beehiiv): Retained while subscribed. Unsubscribe via the link in any newsletter, or email security@sachi-health.com for full deletion.
- Web analytics (Vercel): Cookieless and stored as anonymous aggregate counts only (no per-individual record). Per-user deletion is not applicable because no per-individual data exists.
- Session recordings (Microsoft Clarity): Recordings auto-expire after up to 30 days (Clarity free tier) and are then deleted. To request earlier removal of a specific session, email security@sachi-health.com with the approximate date and time of your visit.
- Web fonts (Google Fonts): Font files are fetched by your browser via standard HTTP requests. Sachi Health does not retain any personal record of these fetches.
- Survey responses (Google Forms): Anonymous. Retained for research. Not deletable per-user unless email voluntarily provided.
- Survey responses (Mailchimp): Linked to subscriber profile. Deleted upon deletion request.
- Local device data: Persists until data deleted or app uninstalled.
- Call recordings/transcripts (Fireflies.ai): Deleted after short retention period or immediately upon request.
- Backup data: May persist in encrypted backups for limited period until automatically rotated.
You may request deletion via "Delete Account" in app or email security@sachi-health.com.
If Sachi Health ceases operations, we will make reasonable efforts to notify you at least 30 days in advance.
9. Age Requirement
Sachi Health is intended for users 18 years of age and older. We do not knowingly collect personal information from individuals under 18. If we become aware, we will delete that information promptly.
10. Data Breach Notification
In the event of a data breach affecting your personal health information, we will:
- Notify affected users by email within 60 days
- Notify the FTC as required by the Health Breach Notification Rule
- Describe the nature of the breach, types of information affected, and steps taken
If 500+ people are affected, we will also notify prominent media outlets as required by law.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email before they take effect and by posting the updated policy on our website and in the app.
12. Contact Us
Sachi Health
Email: security@sachi-health.com
Website: sachi-health.com
Privacy-related requests receive responses within 30 days.