Our Privacy Commitment
This policy explains what data Aara collects, what leaves your device, and how you control it. It applies to the Aara app on Android (and iOS when available).
1. What Aara Stores Locally
The following data is stored only on your device using Hive local storage and SharedPreferences. It is never transmitted to us:
| Data type | Stored where | Leaves device? |
|---|---|---|
| Cycle dates and period logs | Device (Hive) | No |
| Symptoms, mood, energy, BBT, water intake | Device (Hive) | No |
| Journal notes and calendar notes | Device (Hive) | No |
| Pill reminder names and times | Device (Hive) | No |
| TTC logs (BBT, cervical mucus, intimacy) | Device (Hive) | No |
| Pregnancy log data | Device (Hive) | No |
| Your name, birthdate, height, weight | Device (Hive) | No |
| Health conditions (e.g., PCOS) | Device (Hive) | Only in anonymised form to AI — see Section 2 |
| App settings and preferences | Device (SharedPrefs) | No |
2. When Data Leaves Your Device
There are exactly four cases where data leaves your device:
Case 1 — AI Companion (always, when you send a message)
When you use the AI companion, the following is sent to Google Gemini via a secure Cloudflare Worker proxy:
- Your question text
- Age range (e.g., "25–30"), not your exact age
- BMI category (e.g., "Normal"), not your exact weight
- Health conditions (e.g., "PCOS, endometriosis")
- Current cycle phase
- Top 3 symptoms from recent logs
- Dominant mood (e.g., "calm")
Never sent: your name, exact age, exact weight, journal notes, medication names, specific dates.
Case 2 — AI Companion with Personalised AI ON (additional data)
If "Personalised AI answers" is enabled in Settings → Health Profile (default: ON), the following is additionally sent to improve answer relevance:
- Cycle day number
- PCOS flag (true/false)
- Mood by phase (e.g., "irritable in luteal")
- Medication count (not names — e.g., "2 active reminders")
You can turn Personalised AI off at any time. The toggle is in Settings → Health Profile.
Case 3 — Google Drive Backup (only when you tap "Back up to Google Drive")
Aara offers an optional, user-initiated backup to Google Drive. This feature is off by default and only activates when you explicitly tap Back up to Google Drive in Settings → Data & Privacy.
When you use this feature:
- You will be asked to sign in with your Google account. Aara requests only the
drive.appdatascope, which grants access exclusively to a private, app-specific folder on your Google Drive that no other app or person can see. - Your Aara data is encrypted with AES-256-GCM before it leaves your device. The encryption key is derived from your device's secure storage. We cannot decrypt your backup — only your device can.
- The backup file is stored in your own Google Drive account under AppData, which is not visible in your normal Drive file list.
- We do not access, read, or retain any data from your Google Drive. The data flows directly between your device and Google's servers.
- You can delete the backup at any time from Settings → Data & Privacy → Delete cloud backup, or by revoking Aara's Google access at myaccount.google.com/permissions.
Google Drive scope used: https://www.googleapis.com/auth/drive.appdata — this is the most restricted Drive scope available. It cannot read or write to any file outside Aara's private app folder.
Google's use of this data is governed by Google's Privacy Policy.
Case 4 — Advertising (free version only)
The free version of Aara displays ads via Google AdMob. AdMob may collect your device's Google Advertising ID for ad personalisation. AdMob does not access your health data. You can reset or opt out of ad personalisation in your device settings (Google Settings → Ads).
Aara Plus subscribers see no ads. Teen Mode (ages 13–17) has advertising fully disabled.
3. Third Parties We Use
| Third party | Purpose | Data sent |
|---|---|---|
| Google Gemini (via Cloudflare Worker) | AI companion responses | Anonymised health summary — see Section 2 |
| Google Drive (appdata scope) | Optional encrypted backup — only when you initiate it | AES-256-GCM encrypted blob; only you can decrypt it |
| Google AdMob | Advertising (free tier only) | Google Advertising ID |
| Google Play Billing | Subscription payments | Handled by Google — Aara never sees payment details |
We do not sell your data to any third party. We do not use analytics SDKs (no Firebase, no Mixpanel, no Amplitude).
4. Your Rights and Controls
Export your data
You can export all your data as a JSON file at any time from Settings → Export my data.
Delete your data
You can permanently delete all your data from Settings → Delete all my data. This action is irreversible. Uninstalling the app also permanently deletes all locally stored data.
Opt out of personalised AI
Turn off "Personalised AI answers" in Settings → Health Profile to reduce what is sent to Gemini.
Opt out of ad personalisation
Go to your Android device settings → Google → Ads → Opt out of Ads Personalisation.
5. Security
All data on your device is protected by your device's security. We strongly recommend enabling device lock (PIN, fingerprint) and device encryption (enabled by default on Android 10+).
Aara's optional App Lock feature adds a biometric gate before the app opens. Note that App Lock prevents casual access but is not a substitute for full device encryption.
All communication with the Gemini API proxy uses HTTPS (TLS 1.2+).
6. Children's Privacy
Aara does not knowingly collect personal information from children under 13. If a user indicates they are under 13 during onboarding, access to the app is blocked entirely. Users aged 13–17 are placed in Teen Mode with advertising disabled and AI features inaccessible.
7. Data Retention
Because all data is stored locally on your device, retention is entirely in your control. We retain no user data on any server. If you uninstall the app, all data is permanently deleted.
8. Compliance
Aara is designed in accordance with the principles of India's Digital Personal Data Protection Act 2023 (DPDPA). We collect only the minimum data necessary for the app to function, give you full control over your data, and do not share personal data for commercial purposes.
9. Changes to This Policy
We may update this Privacy Policy. We will notify active users within the app before any material changes take effect. Continued use of the app after the change date constitutes acceptance of the updated policy.
10. Contact
For any privacy questions or requests: contact@aarahealth.app