PRIVACY POLICY
Last Updated: 29 August 2025
We value your privacy and are committed to protecting it. This Privacy Policy explains in detail the personal data we collect, how and why we use it, with whom it may be shared, the steps we take to protect it, and the rights you have under applicable data protection laws. By accessing or using the Cyclekits App, our website, or other related services (together, the "Services"), you acknowledge and accept the terms of this Policy. Given that our Services may involve the processing of sensitive health data, we adopt enhanced safeguards to ensure lawful processing, security, and user empowerment at every stage.
DATA WE COLLECT
We collect data in the following ways:
a. Information You Provide Directly
- Name
- Physical addresses
- Phone number
- Date of birth
- Password or passcode
- Menstrual Cycle dates and patterns
- Panty size
- Menstrual Experience
- Details of unprotected sexual activity (e.g., names or initials of individuals for personal tracking purposes)
- Reasons for changes in cycle dates
- Other menstrual experiences you choose to share
b. Any messages or inquiries with our customer support team
PRINCIPLES WE FOLLOW
- Data Minimization – We only collect the data necessary for providing our services.
- Purpose Limitation – Your Data will not be used for purposes beyond what you have agreed to.
- No Sale of Personal Data – We do not sell or rent your personal information to anyone.
HOW WE USE YOUR DATA
We may use your data to:
- Provide, personalize, and improve our services (e.g., tracking your cycle)
- Deliver products you order and manage subscriptions
- Send personalized health-related reminders and alerts (e.g., period start, estimated ovulation period)
- Communicate with you (e.g., reminders, customer support)
- Conduct analytics and improve the app experience
- Help you privately track and recall details related to unprotected sexual encounters, solely for your personal use, to assist in health related awareness or determining paternity likelihood.
- Comply with legal obligations
- Share insights with health professionals (only with your consent)
LEGAL BASIS FOR PROCESSING
In line with the Nigeria Data Protection Act (NDPA, 2023) and other applicable laws, we process your Personal Data on the basis of:
- Your consent (for sensitive health data, marketing communications)
- Contractual necessity (for delivering services you request)
- Legal obligation (for tax, regulatory compliance or fraud prevention compliance)
- Legitimate interests (for app improvement and ensure service integrity)
YOUR RIGHTS
Regardless of where you live, you have the right to:
- Access your Personal Data
- Correct inaccurate or incomplete data
- Delete your Personal Data ("Right to Erasure")
- Restrict how we process your data
- Withdraw consent at any time
- Receive your data in a portable format
To exercise these rights, contact [email protected]. We may verify your identity before acting on your request.
SHARING WITH THIRD PARTIES
We may share your data only with:
- Logistics providers for product delivery (name, address, phone number)
- Medical professionals (only with your explicit consent)
- Payment processors for transactions
- IT service providers for hosting and technical support
We do not allow these parties to use your data for their own purposes.
SPECIAL CIRCUMSTANCES FOR DISCLOSURE
We may disclose your data:
- To comply with legal requirements (subpoenas, court orders)
- To protect the safety and integrity of our Services
- With your explicit direction or consent
- In case of a merger, acquisition, or business transfer
SECURITY BREACH NOTIFICATIONS
We take data security and use appropriate technical and organizational measures to protect your information.
If a breach occurs, we will:
- Notify affected users promptly via email or in-app notice.
- Take immediate measures to contain and fix the breach.
- Notify regulators when required by law.
DATA RETENTION
We keep your Personal Data only as long as necessary for the purposes described in this Policy, unless a longer retention period is required by law. If you delete your account, we will delete or anonymize your data within 30 days, unless legal obligations require otherwise.
SECURITY OF YOUR INFORMATION
We apply a range of security measures to protect your data, including encryption of sensitive information, secure servers, firewalls, access controls, and/or multi-factor authentication for key systems. Our staff and contractors receive privacy training and access only what is necessary to perform their duties. We also conduct regular audits and security testing and require our third-party providers to implement equivalent safeguards. While no system can guarantee absolute security, we are committed to continually improving our defences to reduce risks.
CHILDREN'S PRIVACY
Our platform is created primarily for adults (18+). Because we deal with sensitive health and reproductive information, it is not intended for unsupervised use by minors. If you are under 18, you may only use our Service with the active consent and involvement of a parent or guardian. In these circumstances, we treat your information with extra care. This means we: Collect only what is strictly necessary for the Service, apply enhanced protection to safeguard your privacy, and never use your data for advertising, profiling, or selling to third parties. Should we learn that a child's data has been collected without proper parental oversight, we will delete it immediately. Parents and guardians are encouraged to contact us at [email protected] if they have any concerns or wish to exercise their child's data rights.
POLICY UPDATES
We may update this Privacy Policy from time to time. When we make changes, we will notify you via in-app message or email and update the "Last Updated" date. Continued use of our Services after changes means you accept the updated Policy.
CONTACT US
If you have questions, complaints, or requests about your privacy, contact: [email protected]
