Cougar Puberty™
Log in

Privacy Policy

Last updated: January 13, 2026

Our Privacy Commitment

Your health information is personal and private. We are committed to protecting your data and using it only to provide the Service you signed up for.

Our Core Principles

  • We store only the minimum data necessary to provide the Service
  • We never sell your data to third parties
  • We never store payment card information
  • You can export or delete your data at any time

1. Information We Collect

Account Information

  • Email address (for account login and communication)
  • Password (hashed with bcrypt, never stored in plain text)

Health Pattern Data

  • Assessment responses (age band, cycle information, symptoms)
  • Stage classifications and confidence scores
  • Assessment history and timestamps
  • User-selected goals and preferences

Subscription Data

  • Subscription plan and status
  • Stripe customer ID (for linking to payment processor)
  • Billing dates and renewal information
  • Founding Member status and member number (if applicable)

Chat Data (when using Chat feature)

  • Chat messages and timestamps
  • Session continuity data

Chat logs are retained only for session continuity and quality improvement. We avoid including full personal identifiers whenever possible.

2. Information We Do NOT Collect or Store

  • Payment card data — All payment information is securely handled by Stripe. We never see or store your card numbers.
  • Medical diagnoses — We do not request or store formal medical diagnoses or treatment plans.
  • Social security numbers or government IDs — Not collected, not needed.

3. How We Use Your Information

We use your data to:

  • Provide the Service: Stage classification, guidance generation, history tracking
  • Manage your account: Authentication, subscription management, account settings
  • Communicate with you: Account notifications, subscription updates, service announcements
  • Improve the Service: Aggregate pattern analysis (anonymized), quality improvements

We never:

  • Sell your data to third parties
  • Share your health information with advertisers
  • Use your data for purposes other than providing the Service

4. Data Security

Password Security

  • All passwords are hashed using bcrypt (12 rounds)
  • Password changes immediately invalidate all active sessions
  • We never store passwords in plain text

Data Transmission

  • All data is transmitted over HTTPS (encrypted connections)
  • Database connections are secured and encrypted

Payment Security (PCI Compliance)

All payment processing is handled by Stripe, a PCI-compliant payment processor. We never store or have access to your payment card data. Stripe manages all card information, billing, and invoices securely.

5. Your Data Rights

Data Export

You can export your complete data at any time from your Account Settings page.

Two formats available:

  • CSV: Spreadsheet-friendly format for viewing in Excel/Google Sheets
  • JSON: Complete technical data structure for developers

Exports include:

  • Account information (email, member since, role)
  • Subscription details (plan, status, dates, Founding Member info)
  • Complete assessment history with all signals

Exports explicitly exclude:

  • Password hashes (security)
  • Payment card data (managed by Stripe, never stored by us)
  • Stripe-internal IDs (except customer ID for reference)

Account Deletion

You can delete your account at any time from your Account Settings page. This will:

  • Permanently remove all your health data from our systems
  • Cancel your subscription (if active)
  • Delete your account and authentication credentials

Note: Subscription and payment history will remain with Stripe for compliance and tax purposes, but we will no longer have access to your health pattern data.

6. Third-Party Services

Stripe (Payment Processing)

We use Stripe for secure payment processing and subscription management. Stripe is PCI-compliant and handles all payment card data. Their Privacy Policy governs how they handle your payment information.

Vercel (Hosting)

Our Service is hosted on Vercel. Server logs may contain IP addresses and basic request information for security and performance monitoring.

7. Data Retention

We retain your data:

  • While your account is active: All data is retained to provide the Service
  • After account deletion: All health pattern data is permanently deleted within 30 days
  • Payment records: Subscription and payment history remain with Stripe for compliance (we do not retain copies after account deletion)

8. Children's Privacy

The Service is intended for adults aged 18 and over experiencing perimenopause, menopause, or post-menopause. We do not knowingly collect information from individuals under 18.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service.

10. Contact

Questions about this Privacy Policy or how we handle your data? Please contact us through your Account Settings page.

AboutTerms of Service