1. Policy Overview

The OvaView app aims to keep as little identifying data as possible on the central server. We value user freedom and self-governance on their data, and hold a strong dogma regarding choice; users are defaulted to the barebones of data submission and encourage customization to fit each individual's unique preferences and needs.

OvaView is designed to be used without requiring any personal data. However, if users choose to provide their email address, they are confirming that they are at least 16 years old or have obtained consent from their legal guardian in accordance with Article 8 of GDPR.

2. Anonymous Accounts

A modern day problem is the need for every service, regardless of its function, to require consumers to hand over their PII (Personal Identifiable Information). If you think about it, why does your budgeting app that only keeps track of what you spent your money on require you to enter so many various pieces of information to use it? Name, email, date of birth, gender, location, etc. are obviously not needed to make sure your app can remind you that you have been spending far too much money on snacks this past month, so what is the deal?

Companies profit massively from gathering data and selling it off en masse to various advertising, research, and analytical companies. Many services put up a façade to users that they require users to give them their information to "help enhance their experience", forgetting to disclose to users that the funds they use to "better" their service came from selling said data.

Because of this, there is a barrier to entry for potential consumers. They find a simple service that they wish to use for convenience or entertainment, but need to trade their PII to use said service.

Our Fully Anonymous Position

We recognize that the function of our service is fairly simple. The user inputs what they want to keep track of, and optionally asks for a prediction based on this data. In no step of our product process is there a need for the data given to us to be linked to a name, face, or alias.

Because of this, we developed an account system that requires no user information to create and use. Each profile is identified by a unique 16-digit token that is generated by our system on registration, with no requirements. Users do not need to give us any information to create a token and get started using our product.

We limit user intervention on account identification for various security reasons. Although having your account number generated for you instead of allowing you to choose it yourself may feel limiting and unfamiliar, this method offers several benefits:

• It keeps the accounts more anonymous. If a user selects their own username, it could potentially help identify them. For example, a user might choose the same username that is used on other services or the language and style of the username may reveal their country of origin or cultural background.
• It prevents a user from selecting a weak password. Many people use weak passwords and/or use the same password across multiple services. With a lengthy and random account number, we can ensure that it is long enough to be secure and greatly reduce the risk of it being used for another service, since the user would have to copy the hard-to-remember number they received from us and use it elsewhere.

Your account number serves as both the username and password, meaning it is both the account's unique token (username) and the secret that authenticates the account towards our service (password). Therefore, you should keep it as safe and secret as a password.

What if Someone Brute-forces My Account?

When an account is created, it is assigned a 16-digit decimal number within the range of "1000 0000 0000 0000" to "9999 9999 9999 9999". This range provides a total of 9 × 10 ¹⁵ possible account numbers, making it highly unlikely for someone to guess a valid account number. Assuming that there are 100,000 active accounts, an average of 45 × 10⁹ attempts would be required to find a working account, which is practically impossible.

3. Purpose of Data Processing

OvaView processes data with the sole intent of providing users the ability to keep a record book of their menstrual cycle and personal activities, feelings, and/or symptoms related to their menstrual cycles.

Optionally, upon explicit user consent, we process user inputted data to provide additional features such as cross-platform syncing and/or personal menstrual cycle prediction.

Our menstrual cycle prediction algorithm is lightweight and optimized; on mobile apps we process our consumers' information locally, however web users have their data submitted to our servers to be analyzed. No step in our algorithm requires us to disclose user data to third parties, and said data is only processed by our servers once to produce our prediction: after calculations, we do not process any more data until the next cycle is needed to be predicted.

4. Boundaries and Duration of Data Processing

A. Server Inventory

The following inventory data is stored in our central server by default:

• Unique user ID

No other data is stored if a user creates an account and does not touch any settings. We never store data that is not unnecessary to the app function without explicit, clear, and consistent user consent. This choice is tied to our belief that everyone has a right to privacy and all consumers deserver full autonomy over their data.

For easy account recovery purposes, users can link the following to be stored in our database:

• Email address

For cross-device purposes, users can opt-in to storing information to be synced up in other devices: {+Is this too much work?+}

• Information linked to day dates on the calendar
  • Perceived period start
  • Perceived period end
  • Mood
  • Period symptoms felt
  • Excerpt from user about their feelings on the day

None of the information will be passed on to third parties. All data remains in the server until deleted by the user. Once user requests and confirms erasure, there is no way to retrieve or recover deleted information.

B. Information Lifetime and Trace

All data stored in our central server remains until the user, upon verifying ownership of data, requests erasure. It is important to understand this erasure process is irreversible and we cannot restore any erased data.

This also ensures that once users request to have their data deleted, there is no trace of that information remaining in any of our systems.

C. Data Processed by Third Parties

Web Service

No data is ever sent to third parties for processing.

Mobile Application

In order to maintain quality and improve stability of our service, we produce anonymous crash reports to be evaluated by IOS.

5. Right to View, Rectify, and Erase Information

Our company culture prioritizes user autonomy over anything else. This is why we aim to maximize transparency to all users.

All data, except the default necessary points, are subject for viewing, rectification, and erasure while maintaining functionality of user account. By this, we state that the following necessary data point(s) stored by default:

• Unique user ID

are exempt from rectification and erasure without compromising the user's account. Erasure of unique user ID implies the deletion of all linked data to that ID.

The user may request to move their account to a new unique user ID, erase all data linked to the old ID and transfer them over to the new ID.

The following data are all subject to viewing, rectification, and erasure:

• Email Address
• User inputted data
  • Perceived period start
  • Perceived period end
  • Mood
  • Period symptoms felt
  • Excerpt from user about their feelings on the day

It is imperative to inform users that our system does not track the history of data. This means any rectification or erasure requested by the user is irreversible.

The stored data can be viewed at any time within OvaView in the user profile screen and can be corrected or deleted by the user with immediate effect.

6. User Consent Withdrawal and Re-Approval

Users are granted full flexibility on the consent they give to us. Any consent given in the past is fully retractable via the user settings page. Withdrawal of additional consent only ceases data collection, which in turn may cease additional functionalities that the opt-in allowed for (for example, cross-device syncing).

Withdrawal of consent does not imply that users are disallowed from future functionalities or opportunities. Any consent retracted can be re-approved by the user.

Withdrawal of consent is not retroactive and users are prompted to decide whether or not they wish previous collected data should be deleted or not.

7. Cookies

OvaView’s web service makes use of the conveniences cookies offer. We aim to provide users quality of life when using our website, while ensuring no tracking nor interaction of any form from third-parties.

1. Policy Overview

Our culture is deeply rooted in the belief that everyone has the right to privacy. Therefore, we only store data that is absolutely necessary, and only when requested by the customer. Our web service uses minimal cookies, which are essential for providing certain services, and are used only when the user specifies so. This means that by default, our website make use of no cookies! We ask users if they wish to use cookies, but usage of them is purely opt-in.

2. First-Party vs. Third-Party Cookies

As a company, we strive to be fair and respectful of our consumers' trust. To ensure this, we ensure the practice of no third-party cookies usage on our website domain.

Third-party cookies are cookies that are shared with other domains. All the contents in the cookies, may it be user preferences, behavior to ads, languages, and various other information about a user, are distributed and shared to various different companies and websites. We deem these kinds of cookies to be overly intrusive, and avoid using these on our webservice.

First-party cookies limited to the specific service's domain; in our case, these cookies are created and then expired without ever leaving our domain's boundaries. First-party cookies give data subjects reassurance that any information collected while they visit a website never reaches the hands of anyone other than the website.

3. The Cookies We Use

Here is a list of all the cookies available to be enabled by our consumers

• [Autologin Cookie] is a first-party cookie that is created when you log into an account and remembers to keep you logged in for the next 30 days. This cookie remembers your unique ID and keeps your sessions continuous even after closing browsers.

Given our anonymous profile system, which you can read more about above, it would be an annoyance to keep your token at hand and copy it into our login system every time you wish to update your entries. So, we offer a solution where your browser remembers your login and keeps you logged in even after you close your browser!

For security reasons, we strictly limit this feature to remembering users for only 30 days to avoid the risks of people you do not want to see your profile to have full access!