Privacy Policy

Last updated: January 26, 2026

Introduction

At Clora, your privacy is our highest priority. We understand that your health information is deeply personal, and we are committed to protecting it with industry-leading security measures and transparent practices. This Privacy Policy explains how we collect, use, store, and protect your personal and health information when you use the Clora app and services.

Information We Collect

Health Data You Provide

  • Menstrual cycle information (start/end dates, flow intensity, symptoms)
  • Fertility and ovulation tracking data (basal body temperature, cervical mucus, ovulation tests)
  • Pregnancy information (due date, trimester, symptoms, appointments)
  • Mood, energy levels, and daily symptom logs
  • Medical history and conditions (optional, for personalized insights)
  • Medications and supplements you're taking

Account Information

  • Name, email address, date of birth
  • Profile photo (optional)
  • Password (encrypted and never stored in plain text)

Doctor Consultation Data

  • Chat messages between you and healthcare providers
  • Digital prescriptions and medical advice
  • Appointment history and consultation notes

Device and Usage Data

  • Device type, operating system, app version
  • IP address, location (only with your permission)
  • App usage patterns (features accessed, time spent)
  • Crash reports and technical diagnostics (anonymized)

How We Use Your Information

To Provide Personalized Health Insights

Your cycle data is processed by our AI algorithms to predict your periods, fertile windows, and ovulation dates with 95% accuracy. We analyze your symptom patterns to provide personalized self-care recommendations and identify potential health concerns that may warrant medical attention.

To Connect You with Doctors

When you initiate a consultation, your relevant health data is securely shared with the board-certified doctor you're consulting with. This allows them to provide informed medical advice tailored to your unique health profile. Doctors can only access information you explicitly choose to share during consultations.

To Improve Our Services

We use aggregated, anonymized data to improve our AI prediction models, develop new features, and enhance the overall user experience. No individual user data is used for marketing or sold to third parties.

To Send You Notifications

With your permission, we send reminders about upcoming periods, fertile windows, medication schedules, and doctor appointments. You can customize or disable these notifications at any time in your app settings.

AI Usage & Transparency

Clora AI is designed to assist you, not replace medical professionals. Our AI analyzes your personal health data to provide:

  • Cycle Predictions: Based on your historical data and machine learning algorithms trained on anonymized datasets from millions of cycles
  • Symptom Insights: Pattern recognition to identify correlations between symptoms and cycle phases
  • Health Q&A: Instant answers to common health questions, sourced from medical literature and reviewed by healthcare professionals
  • Personalized Tips: Daily wellness recommendations based on your current cycle phase, logged symptoms, and preferences

Important: Clora AI provides informational guidance only. It does not diagnose medical conditions or replace professional medical advice. Always consult with a healthcare provider for medical concerns.

Data Security & Encryption

We employ multiple layers of security to protect your data:

  • 256-bit AES Encryption: All data is encrypted both in transit (during upload/download) and at rest (on our servers)
  • HIPAA Compliance: Our systems and processes meet the Health Insurance Portability and Accountability Act standards for protecting health information
  • Biometric Authentication: Fingerprint and Face ID lock options ensure only you can access your data
  • PIN Protection: Optional 4-6 digit PIN code for app access
  • Secure Cloud Storage: Data stored on AWS servers with regular security audits and compliance certifications
  • No Third-Party Access: We never sell, rent, or share your personal health data with advertisers or data brokers

Doctor & Chat Data Handling

When you consult with a doctor through Clora:

  • All chat messages are end-to-end encrypted
  • Doctors are verified, board-certified healthcare professionals bound by medical confidentiality
  • Consultation records are stored securely and can be accessed by you at any time
  • You can request deletion of consultation history (subject to legal record-keeping requirements)
  • Digital prescriptions are transmitted securely and comply with e-prescription regulations

Your Rights & Data Control

You have complete control over your data:

  • Access: Download a complete copy of your data at any time from Settings > Data Export
  • Correction: Update or correct any information in your profile or health logs
  • Deletion: Request permanent deletion of your account and all associated data (processed within 30 days)
  • Portability: Export your data in machine-readable format (CSV, JSON) to transfer to another service
  • Opt-Out: Disable AI analysis, data sharing with doctors, or specific data collection features

To exercise any of these rights, contact us at support@getclora.com or use the in-app Data Rights request form.

Data Retention

We retain your data for as long as your account is active. If you delete your account:

  • Personal and health data is permanently deleted within 30 days
  • Aggregated, anonymized data used for research may be retained (cannot be traced back to you)
  • Medical consultation records may be retained longer to comply with healthcare regulations (7 years in most jurisdictions)
  • Backup copies are purged from systems within 90 days of account deletion

Third-Party Services

Clora uses limited third-party services to operate:

  • Cloud Hosting: Amazon Web Services (AWS) - HIPAA-compliant servers
  • Analytics: Anonymized usage data only (no personal health information)
  • Payment Processing: Stripe (for premium subscriptions) - we never store credit card details
  • Push Notifications: Apple Push Notification Service (APNS) and Firebase Cloud Messaging (FCM)

All third-party services are vetted for security and data protection compliance. We share only the minimum data necessary for service functionality.

Children's Privacy

Clora is intended for users aged 13 and older. For users aged 13-17, parental consent may be required depending on local laws. We do not knowingly collect data from children under 13. If you believe a child under 13 has created an account, please contact us immediately at support@getclora.com.

International Data Transfers

Clora operates globally. If you're located outside the United States, your data may be transferred to and processed in the U.S. We ensure all international transfers comply with applicable data protection laws (GDPR, CCPA, etc.) through Standard Contractual Clauses and other legal mechanisms.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

  • Notify you via email (if you've provided one)
  • Display a prominent notice in the app
  • Update the "Last Updated" date at the top of this policy

Continued use of Clora after changes constitutes acceptance of the updated policy.

Contact Us

For privacy-related questions, concerns, or requests:

  • Email: support@getclora.com
  • In-App: Settings > Help & Support > Privacy Request
  • Mail: Clora Health Inc., Privacy Officer, 123 Health Tech Avenue, San Francisco, CA 94102, USA

We aim to respond to all privacy inquiries within 48 hours.

Your trust is everything to us. If you have any questions about how we protect your data, we're here to help.

Contact Privacy Team