IVA Privacy Policy

Effective Date: 09.09.2025
Last Updated: 09.09.2025

1. Introduction

Welcome to IVA! We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard the information you provide when using our mobile application IVA.

2. Information We Collect

2.1 Information You Provide

• Personal data (name, email, date of birth)
• Information about your menstrual cycle and reproductive health
• Questionnaire and survey responses
• Notification settings and preferences
• User profile information

2.2 Information Collected Automatically

• Data about your app usage
• Technical information (OS version, device model)
• IP address and geolocation data
• Analytics and usage data

3. How We Use Your Information

3.1 Primary Purposes

• To provide personalized recommendations
• To analyze and improve app performance
• To send notifications and reminders
• To ensure account security

3.2 Analytics and Service Improvement

We use PostHog to collect analytics data, which helps us:

• Understand how users interact with the app
• Detect and fix technical issues
• Improve user experience
• Develop new features

3.3 Artificial Intelligence

We use AI services to process your requests and provide personalized responses through the chat assistant:

• OpenAI — processing requests via GPT models
• Anthropic — processing requests via Claude models
• Google — processing requests via Gemini models

Your messages are processed to:

• Analyze the context of your questions
• Provide relevant answers
• Improve the quality of support

4. Data Sharing with Third Parties

4.1 Scientific Research and Medical Institutions

We may share only anonymized data with the following organizations:

• Pharmaceutical companies — for the development of new treatments
• Universities and research institutions — for scientific studies
• Medical organizations — to improve the understanding of women’s health

Important:

• All data is fully anonymized and does not contain information that can identify a specific user.
• Menstrual and health data are stored without any link to your contact information (e.g., email or name).

4.2 Service Providers

We work only with trusted partners to ensure the operation of the app:

• PostHog — usage analytics
• OpenAI — AI request processing via GPT models
• Anthropic — AI request processing via Claude models
• Google — AI request processing via Gemini models
• Cloud providers — for data storage
• Notification services — for push notifications

All partners are required to follow strict security measures and do not have access to your contact details in plain form.

4.3 Legal Grounds

We may disclose only a limited amount of information if necessary:

• To comply with the law or a court order
• To protect our rights and security (e.g., in case of hacking attempts or abuse)
• To prevent fraud

What may be disclosed:

• Technical logs
• Anonymized analytics data

What cannot be disclosed:

• Contact details (e.g., email), as they are stored only in encrypted form and cannot be provided in plain format
• Menstrual and health data, as they are always anonymized and not linked to contact information

5. Data Security

We apply appropriate technical and organizational measures to protect your personal data:

• Data encryption during transfer and storage
• Storing contact details (e.g., email) in encrypted form
• Separation of personal and medical data
• Regular security audits
• Limited access to personal data
• Continuous system monitoring

6. Your Rights

6.1 Right of Access

You can request a copy of all your personal data we store. We will provide the data in a structured, readable format within 30 days of your request.

6.2 Right to Delete Account

You can delete your account at any time:

• Through the app settings
• By contacting customer support

When deleting an account, we will:

• Remove all your personal data
• Stop collecting new data
• Delete your data from analytics systems

6.3 Other Rights

• Right to rectification — you can update or correct inaccurate data
• Right to restrict processing — you may request that we limit processing of your data
• Right to data portability — you can obtain your data in a machine-readable format

7. Data Retention

We store your personal data only for as long as necessary to fulfill the purposes described in this policy or as required by law.

8. Cookies and Similar Technologies

Our website iva.my may use cookies and similar technologies for:

• Traffic analysis
• Content personalization
• Improving user experience

9. International Data Transfer

Your data is stored and processed on servers located in the Netherlands. This ensures a high level of personal data protection in compliance with European data protection laws.

In some cases (e.g., when using analytics or AI services), data may be temporarily processed outside your country of residence. In such cases, we ensure adequate protection by applying Standard Contractual Clauses (SCCs) and other legal mechanisms.

10. Changes to this Privacy Policy

We may update this policy from time to time. We will notify you of significant changes through the app or via email.

11. Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: hello@iva.my
Website: https://iva.my

12. Complaints

If you believe we have violated your data protection rights, you may file a complaint with the relevant data protection authority in your country.

For users in Serbia:
Commissioner for Information of Public Importance and Personal Data Protection (Republic of Serbia).

This Privacy Policy is part of our Terms of Use and applies to all users of the IVA app.