ovva Back to home
Legal

Privacy Policy

Last updated: June 23, 2026

The short version

There is nothing to leak.

Ovva has no account and no server. Everything you track lives on your device and is never sent anywhere. We can't see your data, because we never receive it.

Who this applies to

This policy covers the Ovva mobile app for iOS and Android. By using Ovva, you agree to the practices described here. Because Ovva stores your information only on your own device, much of what a typical privacy policy must disclose simply does not apply to us.

What we collect

We collect nothing. Ovva has no user accounts and makes no network calls to send your data to us or anyone else. There is no Ovva server that stores your health information.

The information you enter, such as your cycle, flow, mood, energy, symptoms, fasting records, and any health conditions you choose to note, is saved locally on your device and stays there.

How your data is stored

Your profile and daily logs are kept in your device's local app storage, under an Ovva namespace, and are accessible only to the app on that device. Nothing is uploaded, synced to a cloud, or backed up to us.

If you delete the app, or use the in-app "Delete all my data" option, your information is removed from the device. Because we never hold a copy, there is nothing for us to delete on our end.

Your controls

Export your data

From You → Privacy & data, you can export a plain-text copy of everything Ovva holds, so your information is always portable and readable by you.

Delete your data

The same screen offers Delete all my data, which wipes every Ovva record on the device after a confirmation step.

App lock

You can optionally lock Ovva behind Face ID, fingerprint, or your device passcode, so your data stays private even if someone else has your phone.

Permissions we may request

Ovva only asks for a permission when a feature you turn on needs it, and the data stays on your device:

  • Location — used only to calculate accurate sehri and iftar (fasting) times on your device. Your location is not sent to us or any third party.
  • Notifications — used to schedule local reminders (daily check-ins, predicted periods, sehri-ends, fasts to make up). These are scheduled on the device; there is no push server.
  • Face ID / biometrics — used only to unlock the app if you enable App Lock.

Sharing (partner check-in)

Ovva can generate a check-in card image you may share with someone you trust. You choose exactly what appears on it. Sharing happens only when you tap share, and the only thing that ever leaves your device is that image, handed to your phone's own share sheet. Nothing syncs, and there is no account behind it.

Third parties

The app itself contains no third-party analytics, advertising, or tracking SDKs. The only third parties involved are Apple and Google, who operate the app stores you download Ovva from and whose own privacy policies govern that download and any optional device backups you have enabled at the OS level.

Children's privacy

Ovva is not directed to children under 13, and because we collect no data, we do not knowingly gather information from anyone.

Not medical advice

Ovva is not a medical device. Its predictions and tips are gentle, non-prescriptive guidance and should not replace professional medical advice.

Changes to this policy

If we update this policy, we'll revise the "last updated" date above. Because our model is local-only by design, we don't expect material changes to how your data is handled.

Contact

Questions about privacy? Reach us at privacy@ovva.app.