Nurturely

Privacy Policy

Last updated: April 7, 2026

1. Introduction

Nurturely ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the Nurturely pregnancy tracking application (the "Service").

This policy is designed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada and aligns with applicable provisions of the Health Insurance Portability and Accountability Act (HIPAA) of the United States regarding the protection of health-related information.

2. Information We Collect

We collect the following categories of personal information:

  • Account information: Name, email address, and authentication credentials.
  • Health information: Pregnancy details (due date, symptoms, vitals, appointments), baby information, birth plan preferences, and postpartum tracking data (feeding, diaper, sleep logs).
  • Usage data: Log data, device information, and interactions with the Service for operational purposes.
  • Photos: Pregnancy photos you voluntarily upload.

3. How We Use Your Information

We use your personal information to:

  • Provide, operate, and maintain the Service.
  • Personalize your pregnancy tracking experience.
  • Communicate with you about your account or the Service.
  • Ensure the security and integrity of the Service.
  • Comply with legal obligations.

We do not sell, rent, or trade your personal information to third parties. We do not use your health information for advertising or marketing purposes.

4. Legal Basis for Processing (PIPEDA)

Under PIPEDA, we process your personal information based on your meaningful consent, which you provide when you create an account and agree to this Privacy Policy. You may withdraw consent at any time by deleting your account, which will result in the deletion of all your personal data.

5. Health Information Safeguards (HIPAA Alignment)

Although Nurturely may not be a HIPAA-covered entity, we voluntarily implement safeguards aligned with HIPAA standards to protect your health-related information:

  • Encryption: Data is encrypted in transit (TLS/SSL) and at rest.
  • Access controls: Authentication-protected access to your data. Only you can access your health information.
  • Audit logging: We maintain audit logs of key actions such as login, data export, and account deletion.
  • Session management: Automatic session timeout after 30 minutes of inactivity.
  • Minimum necessary: We collect only the information necessary to provide the Service.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. When you delete your account, all associated data is permanently deleted from our systems, including health records, logs, photos, and any other personal data.

7. Your Rights

You have the following rights regarding your personal information:

  • Access: You can export all your data at any time from the Settings page.
  • Correction: You can update your information through the application.
  • Deletion: You can delete your account and all associated data at any time.
  • Withdraw consent: You can withdraw your consent by deleting your account.
  • Complaint: You have the right to file a complaint with the Office of the Privacy Commissioner of Canada.

8. Cookies

We use essential cookies required for authentication and session management. We also use optional analytics cookies with your consent. For more details, please see our Cookie Policy.

9. Third-Party Services

We may use third-party authentication providers (Google, Apple) if you choose to sign in with those services. These providers have their own privacy policies, and we encourage you to review them. We receive only your name, email, and profile picture from these providers.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, secure authentication, rate limiting, and regular security reviews.

11. Children's Privacy

The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Nurturely Privacy Team
Email: privacy@nurturely.health

Terms of Service·Cookie Policy·Sign In