Privacy Policy

Effective date: May 17, 2026

Cysta AI: PCOS Coach ("the App") is developed and published by Valeriy Loveiko. We take your privacy seriously and are committed to protecting your personal information. This Privacy Policy explains how the App collects, uses, stores, and protects your data.

1. Information We Collect

1.1 Lab Photos and PDF Uploads

When you use Cysta to scan a lab report (camera, photo library, or PDF), the App accesses your device's camera or photo library at your explicit request. These images are:

• Used solely to extract numeric lab values (AMH, LH, FSH, testosterone, SHBG, fasting insulin, HbA1c, vitamin D, thyroid panel, lipid panel, etc.) for your personal trend tracking
• Sent securely (via encrypted HTTPS) to our AI analysis provider for image-based OCR + structured extraction
• Stored locally on your device as part of your panel history
• Never shared with other users, advertisers, or any third party beyond the AI analysis provider listed in §3

The App does not access photos beyond what you explicitly capture or select. We do not scan your photo library and we do not collect EXIF metadata (location, date, camera model) from your photos.

1.2 Optional Progress Photos and Face Data

Cysta's optional Photo Journal lets you log acne, hirsutism, or body-composition photos for personal symptom tracking. Some of these photos may incidentally contain the user's face. We refer to these collectively as "face data." This section explains exactly how this data is handled, in compliance with Apple App Store guideline 5.1.1.

• What is collected: Photos of skin, scalp / hair-line, or body areas captured at the user's explicit request inside the optional Photo Journal flow. Some photos may incidentally contain the user's face (e.g. jawline acne tracking). Captured only at the user's explicit tap.
• Purpose — symptom tracking only: Photos are used exclusively to track visible PCOS-associated symptoms over time and to generate one neutral comparison sentence (≤22 words) between two user-selected photos. The App does not perform face recognition, face identification, biometric template extraction, biometric enrollment, emotion detection, age / gender estimation, or any other biometric analysis. Photos are never used to identify, authenticate, or distinguish between individual users.
• On-device anonymization option: For acne photos, the user can enable optional automatic face blur before any photo leaves the device. No facial landmarks, face embeddings, or biometric templates are computed, stored, or transmitted in either case.
• Transmission (Compare action only): Photos are transmitted via encrypted HTTPS to our AI partner only when the user explicitly taps "Generate insight" inside the Photo Compare flow. They are routed through a Cloudflare Worker proxy that forwards the request without logging or storing image content. No personal identifiers are sent alongside the photos. Per-feature consent is required before the first such send.
• Third-party sharing: Photos are shared only with the AI partner (via the Cloudflare proxy) for the sole purpose of generating a single neutral comparison sentence. They are not shared with any other third party, advertiser, analytics service, or data broker. The AI partner processes API inputs under a zero-retention policy and does not use them to train models. See our partner's API Data Usage Policy.
• Retention: Photos are retained on the user's device only as part of the local Photo Journal. They are not retained on the AI partner's or our own servers. The user can delete any photo at any time within the App or by uninstalling the App.
• User control: Photo Journal (and the associated capture of face data) is entirely optional. The user can revoke camera access at any time via iOS Settings → Cysta AI. Deleting the App removes all locally stored photos.

1.3 Cycle, Symptom, and Supplement Logs

When you log cycle days, symptoms, or supplement adherence, this information is:

• Stored exclusively on your device
• Used to generate timeline visualizations, AI Coach context, and your doctor-shareable PDF
• Never transmitted to any external server

Cysta does not recommend, prescribe, or modify supplement dosages. The supplement log is solely a personal journal of what the user is already taking. All supplement names visible in the App are for educational logging only and are not endorsed or supplied by the developer.

1.4 Extracted Lab Values

When you save a lab panel, the App stores:

• Each numeric lab value with its unit and reference range (as printed on your report)
• The panel date, label, and source (PDF / camera / photo / manual entry)
• An extraction confidence score per row (when returned by the AI partner)

This data is stored exclusively on your device and is never transmitted to any external server after initial extraction.

1.5 AI Coach Chat Data

When you use the AI Coach, your messages and the AI's responses are processed and stored as follows:

• Messages are sent via encrypted HTTPS to our text-AI partner (proxied through our Cloudflare Worker) for response generation
• Chat history is stored locally on your device
• Every Coach response is grounded in our on-device PCOS knowledge base (≈7 MB, ACOG / ESHRE / Endocrine Society / AAP / PubMed PCOS guidelines) — citations link to the source guideline
• The on-device knowledge base never leaves your device
• No personal identifiers, lab images, or full chat history is sent alongside chat messages — only the current message + a brief on-device context summary (cohort, week-in-app, recent lab snapshot)

1.6 Subscription Information

Cysta offers optional weekly, annual, and family subscriptions managed entirely through Apple's App Store and StoreKit framework. All payment processing, billing, and subscription management are handled by Apple. We do not collect, process, or store any payment information. We use RevenueCat, a third-party subscription management service, to track subscription status. RevenueCat receives an anonymous app user ID — no personal information is shared. For details, see RevenueCat's Privacy Policy and Apple's Privacy Policy.

1.7 Information We Do NOT Collect

Cysta does not collect:

• Your real name, email address, or phone number
• Your home address or precise location
• Your government ID, SSN, or insurance numbers
• Your clinical record or any data from your healthcare provider's portal beyond what you explicitly export and import
• Your contacts, calendar, or other apps' data
• Any biometric template, face print, or fingerprint
• Any HealthKit data (HealthKit integration is deferred to V1.2+ and will require explicit per-permission opt-in when added)

2. How We Use Your Information

We use the collected information only to:

• Extract lab values from your uploaded lab reports
• Generate AI Coach answers grounded in PCOS guidelines
• Generate one neutral comparison sentence for selected progress photos
• Render your personal trends, panels, and doctor-shareable summary inside the App
• Provide subscription functionality through Apple and RevenueCat

We never use your data to advertise, profile, or target you, and we never sell it.

3. Third-Party Services

Cysta uses the following third-party services. Only the data described below is shared, and only for the purpose stated. No personal identifiers are sent alongside.

3.1 AI Vision Partner (OpenAI, via Cloudflare Worker)

Lab photos / PDFs and (optionally) progress photos are sent for image analysis. The provider processes the request under a zero-retention policy and does not use the data to train models. The Cloudflare Worker proxy forwards the request without logging or storing content. OpenAI API Data Usage Policy.

3.2 AI Text Partner (DeepSeek, via Cloudflare Worker)

AI Coach messages are sent for response generation. Only the current message text + a brief on-device context summary (cohort, week-in-app, recent lab snapshot) is sent. No photos, identifiers, or chat history. The Cloudflare Worker proxy forwards the request without logging or storing content.

3.3 Cloudflare Worker Proxy

Both AI partners are reached through a Cloudflare Worker proxy that holds the API keys server-side. The proxy never logs request bodies; it forwards them as opaque payloads. This protects the API keys from being extracted from the iOS binary and centralizes the zero-retention promise.

3.4 RevenueCat

Used solely to track subscription entitlement. Receives an anonymous app user ID — no personal information is shared. RevenueCat Privacy Policy.

3.5 Apple

StoreKit handles all subscription payments and renewals. App Store Connect receives anonymous crash logs (if you opted in at iOS setup). Apple Privacy Policy.

4. Data Storage & Security

• Local-first. All your data — photos, lab panels, cycle days, symptom logs, supplement adherence, chat history — is stored in the App's sandbox on your device. Nothing leaves the device except the explicit AI calls described in §3.
• Encryption in transit. All network traffic is over TLS 1.2+ HTTPS.
• API key security. Our AI partners' API keys are held only by the Cloudflare Worker server-side, never embedded in the iOS binary.
• iOS-grade encryption at rest. Photo files inherit iOS file protection (NSFileProtectionComplete). UserDefaults JSON is encrypted by iOS along with the device passcode.

5. Data Retention

• Your local data persists until you delete it inside the App or uninstall the App.
• AI partners do not retain your data per their zero-retention policies (linked in §3.1 and §3.2).
• Apple and RevenueCat retain only the subscription metadata required to manage your billing relationship.

6. Your Rights & Choices

• Access. All your data is visible inside the App.
• Deletion. Delete individual photos, panels, or logs inside the App, or uninstall the App to wipe everything.
• Revoke consent. Settings → AI consent → tap "Reset" on any feature to require a fresh consent prompt on next use.
• Camera / photos. iOS Settings → Cysta AI → toggle Camera / Photos.
• GDPR / UK GDPR rights: erasure, rectification, portability, restriction. Email sergejkar@gmail.com to exercise these.

7. Children's Privacy

Cysta is intended for users 18 years of age or older. We do not knowingly collect data from anyone under 18. PCOS is most often diagnosed and managed in adults; pediatric PCOS care should be conducted under a pediatric endocrinologist, not through this App. If you become aware that a minor has used the App, email us at sergejkar@gmail.com and we will delete the associated data.

8. International Users & Compliance

• EU (GDPR): Cysta is a wellness / educational tool, not a medical device per EU MDR 2017/745. Lawful basis for processing is your consent and the performance of the App contract. You may withdraw consent at any time via Settings → AI consent. Right to lodge a complaint with your national supervisory authority is preserved.
• UK (UK GDPR): Same rights as EU GDPR. Cysta is not registered with the MHRA as a medical device.
• Germany: Cysta is not a DiGA (Digital Health Application) and is not reimbursable through statutory health insurance.
• California (CCPA / CPRA): We do not sell or share personal information. You may request access or deletion via the email above.
• Canada (PIPEDA), Brazil (LGPD), Australia: Same posture as EU — local-first, consent-based, no selling.
• United States (FDA): Cysta has not been evaluated by the FDA. The App is not intended to diagnose, treat, cure, or prevent any disease.

9. Medical Disclaimer

For the full medical disclaimer including emergency-signs guidance, see our Medical Disclaimer. In brief: Cysta is educational, not diagnostic. The PCOS Type Quiz is a self-assessment, not a diagnosis. AI Coach answers may contain errors and are not a substitute for professional medical advice. Always consult your endocrinologist or OB-GYN.

10. Changes to This Policy

If we materially change this policy, we will surface the change inside the App on next launch and ask you to re-acknowledge before continuing. The "Effective date" at the top of this document indicates the current revision.

11. Contact

For privacy questions, data-deletion requests, or any other concerns, email sergejkar@gmail.com.

See also: Medical Disclaimer · Terms of Use · Support · Marketing Policy