Violet was built so your most sensitive data never has to leave your phone. This policy explains exactly what that means, what little we do receive, and the control you keep. There's a plain-language summary first, with the full detail below.
Your symptoms, cycle and notes are stored in an encrypted database on your phone. They're never uploaded to our servers.
There's no Violet account and no cloud copy of your entries. We never sell your data, and we never use it for ads.
Export a copy of everything, or permanently erase it all, right from the app — at any time, no request needed.
Your data is encrypted at rest with a key held in your device's secure storage, and you can lock the app with Face ID.
This summary is here to help — it isn't a substitute for the full policy below, which is the binding version.
Violet ("Violet," "we," "us," or "our") provides an app and website that help people track and understand symptoms related to endometriosis. This Privacy Policy explains how we handle personal information when you use the Violet app, join our early-access beta, or visit our website.
For the purposes of applicable data-protection law, Violet is the data controller for the limited information we receive through our website and support channels (described in section 4). Our contact details are in section 12. If any placeholder details appear below, they will be finalized before general availability.
Violet is an on-device app. Everything you track — symptoms, pain levels, flares, cycle information, moods, triggers, medications and notes — is stored only in an encrypted database on your own phone. It is not sent to Violet, is not synced to a cloud account, and cannot be seen by us or anyone else.
Because of this design, there is no Violet login and no server-side copy of your health record. This isn't a promise about how we'll behave with your data — for your health entries, we simply never have it in the first place.
The following is created and kept entirely on your device and never transmitted to us:
This data lives inside an encrypted database on your phone. It stays there until you delete it in the app or uninstall Violet. If you delete the app, this data is removed with it.
We only receive personal information when you deliberately send it to us — never automatically from the app. This is limited to:
The Violet app itself contains no analytics, no advertising SDKs, and no third-party trackers. We do not collect usage statistics, device identifiers, or precise location, and the app does not require access to your contacts, photos or microphone to work.
Apple Health (HealthKit). If you choose to connect Apple Health, Violet reads and writes relevant entries between the two apps on your device only, so your records stay consistent. This is optional, is governed by Apple's Health privacy protections, and is never transmitted to us. You can turn it off at any time in Settings.
Reminders. Any reminders you enable are scheduled as local notifications on your device. They are not sent from, or routed through, our servers.
We use the limited information you send us (section 4) only to:
We do not sell your personal information, we do not use it for advertising, and we do not share it with advertisers. Where the GDPR or similar laws apply, we rely on your consent (for beta and marketing emails), legitimate interests (to answer and secure your requests), and legal obligation where applicable. You can withdraw consent at any time.
Your on-device health data is never shared with anyone, because we never receive it. For the limited contact information you send us, we share it only in narrow circumstances:
We never sell your data and never share your information for third-party advertising.
Your on-device data is encrypted at rest using an encryption key held in your device's secure storage (the iOS Keychain). You can additionally require Face ID or your passcode to open the app. Because your health entries never leave your device, they are never exposed in transit or stored on our servers.
For the limited information you email us, we use industry-standard safeguards including encryption in transit (TLS) and access limited to team members who need it. No system can be guaranteed perfectly secure, but protecting your information is a first-order priority.
Because your health data lives on your device, you have direct, immediate control over it:
For the contact details you've sent us, and depending on where you live, you may also have the right to access, correct or delete that information, to withdraw consent, or to lodge a complaint with your local data-protection authority. Email us at support@violetendo.com and we'll help. We won't discriminate against you for exercising any of these rights.
Data you track stays on your device for as long as you keep it — we set no schedule and hold no copy. When you delete it in the app or uninstall Violet, it's gone. The contact information you send us is kept only as long as needed to respond to you and manage beta access, then deleted, except where we must retain limited records to meet legal obligations.
Violet is not directed at children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us information, please contact us and we will delete it.
We may update this policy as Violet evolves or as laws change. When we make material changes, we'll update the date at the top and, where appropriate, notify you in the app or by email. Continued use of Violet after an update means you accept the revised policy.
Questions about this policy, or want to make a privacy request? We're glad to help.