Vela – Period & Cycle Tracker

1. Who we are

Vela is developed by Cartolinks, contact: cartolinks.com/support.

2. Data we collect

We collect no personal data.

Vela does not collect, transmit, or store on any server:

• Your name, email address, or any contact information
• Your location or IP address
• Device identifiers (IDFA, IDFV, Android Advertising ID)
• Health data, cycle data, or symptom logs
• Usage analytics, events, or screen recordings
• Crash reports or error logs

3. Data stored on your device

Vela stores the following data in a local SQLite database on your phone, accessible only to the Vela app:

This data is never transmitted. It never leaves your device.

4. iCloud and Google backup

By default, Vela explicitly excludes its database from iCloud Backup (iOS) and Android Auto Backup. Your cycle data is not included in your device backup unless you manually change this in your phone's settings.

If you manually include Vela in your backup, your encrypted backup may contain Vela data. This backup is between you and Apple or Google — Vela has no access to it.

5. Notifications

Vela uses local notifications to remind you of predicted periods and fertile windows. These notifications are:

• Generated entirely on your device
• Not routed through any push notification server (APNS or FCM are not used for content)
• Not sent to, logged by, or visible to us

6. Third-party services

Vela contains zero third-party SDKs. There are no integrations with:

• Analytics platforms (no Firebase Analytics, Amplitude, Mixpanel, etc.)
• Crash reporting services (no Sentry, Crashlytics, Bugsnag, etc.)
• Advertising networks
• Social login or identity providers
• Any external API

The only network calls the app may make are to fetch the App Store receipt for purchase validation — a standard Apple/Google process that does not involve your health data.

7. App lock and biometric data

Vela's app lock feature uses Face ID, Touch ID, or a PIN. Biometric authentication is handled entirely by the operating system (Apple's LocalAuthentication framework / Android BiometricPrompt). Vela does not access, store, or transmit biometric data.

8. App disguise mode

Vela's optional disguise mode changes the app's display name and icon on your home screen. This feature is entirely local — no data is transmitted as part of this feature.

9. Children's privacy

Vela is not designed for or marketed to children under 13 (under 16 in the EU/UK). We do not knowingly collect information from children. Since we collect no data from any users, this is moot — but we state it for completeness.

10. GDPR and UK GDPR

Vela does not process any personal data within the meaning of GDPR or UK GDPR, because no personal data is collected or stored on our systems.

If you are a UK or EU resident and believe we have processed your personal data, please contact us. We are required to respond within 30 days.

11. California (CCPA)

We do not sell personal information. We do not share personal information with third parties for cross-contextual behavioural advertising. We collect no personal information. CCPA rights therefore do not apply in a meaningful way — we have no data to provide, correct, or delete on your behalf.

12. Exercising your data rights

Since your data is stored only on your device, you exercise your rights directly:

• Access: Open Vela and view your data in the app.
• Export: Use the CSV export feature in Settings.
• Deletion: Delete the app from your device.

We have no server-side copy of your data to act upon.

13. Changes to this policy

We may update this policy when the app is updated. The “last updated” date at the top of this page will change. Significant changes will be noted in the app's release notes. Continued use of the app constitutes acceptance.

14. Contact

Cartolinks
cartolinks.com/support

This policy is hosted at https://vela.cartolinks.com/privacy and is submitted as the privacy policy URL for the Vela app in App Store Connect.