Apps by Shin Jungsoon

Privacy Policy — Cyra

Effective: April 22, 2026 · Last updated: April 24, 2026

This Privacy Policy explains how Cyra collects, uses, and protects information when you use the app. Cyra handles sensitive health data — we take that responsibility seriously.

1. Information We Collect

1.1 You provide

1.2 Automatically collected

1.3 Not collected

2. How We Use Information

PurposeData used
AuthenticationEmail, Apple identifier, or Google identifier
Health log storage and syncAll health log data via Supabase
AI pattern analysis and chatAnonymized symptom and log summaries (see Section 3)
Proactive alertsLog data processed server-side to detect symptom patterns
In-app purchasesRevenueCat transaction IDs
Bug diagnosisCrash and error logs

3. AI Analysis and Anthropic

Cyra uses Claude (Anthropic PBC, USA) to generate pattern insights and power the AI chat feature. When you use these features, a summarized, anonymized version of your health logs is sent to Anthropic. Specifically:

3.1 Your explicit consent

Cyra will not send any data to Anthropic until you grant consent in the app. You are asked for consent during onboarding via the “AI Data Sharing” screen, which lists the exact categories of data above, names Anthropic as the recipient, and links to Anthropic's privacy policy.

3.2 Revoking consent

You can revoke your consent at any time in the app: Settings → AI Data Sharing. When revoked, Cyra stops sending data to Anthropic; AI pattern insights and AI Chat become unavailable, while the rest of the app continues to work normally. You may re-enable consent from the same screen.

4. Menstrual and Reproductive Health Data

Cyra collects menstrual cycle and reproductive health data. We treat this category with heightened protection:

5. Third-Party Services

RecipientData sharedRetention
Supabase Inc. (USA)Email, identifier, health logsDeleted on account deletion
RevenueCat Inc. (USA)App user ID, transaction IDs5 years from transaction
Anthropic PBC (USA)Anonymized symptom and log summariesDeleted after each request
Apple Inc.Apple identifier (Sign in with Apple)Per Apple's policy
Google LLCGoogle identifier (Sign in with Google)Per Google's policy

6. Data Retention

DataPeriod
Account and health logsDeleted immediately on account deletion
Subscription records5 years (anonymized) for legal compliance
Error logs90 days

7. Your Rights — Account & Data Deletion

7.1 Delete your account in-app

Settings → Account → Delete Account. Your account credentials, all health logs, AI chat history, and cloud-synced data are permanently removed immediately.

7.2 Email request

If you cannot access the in-app option, email [email protected] with your registered email. Processed within 3 business days.

7.3 Revoke Sign in with Apple

iPhone Settings → [Your Name] → Password & Security → Sign in with Apple → Cyra → Stop Using Apple ID.

7.4 Revoke Sign in with Google

Visit myaccount.google.com/permissions and revoke Cyra's access.

8. Security

9. Cookies and Tracking

No cookies. No IDFA. No advertising SDK. RevenueCat may use an anonymous device identifier for subscription status only.

10. Children's Privacy

Not directed to children under 13 (or 16 in the EU). We do not knowingly collect personal information from children.

11. International Transfers

All third-party processors are based in the United States. Transfers are governed by each provider's data processing agreements.

12. Changes

Material changes announced via in-app notice or email at least 7 days before taking effect (30 days for significant changes affecting health data handling).

13. Contact

Email: [email protected]. We respond within 3 business days.