This is a standalone Consumer Health Data Privacy Policy for Ferrabelle, operated by Cobblewright LLC ("Ferrabelle," "we," "us"). It describes how we collect, use, and share consumer health data as defined by the Washington My Health My Data Act ("MHMDA"). It is separate from, and takes precedence over, our general Privacy Policy for consumer health data. It applies to all users, and we extend these protections to every user regardless of where they live.
Contact for privacy requests: privacy@ferrabelle.com. Ferrabelle is intended only for users who are 18 or older.
1. What consumer health data we collect, and why
We collect the following categories of consumer health data only to provide the cycle-tracking, body, training, and wellness features you ask us to provide. Most fields are optional; you choose what to log.
| Category | Examples | Purpose |
|---|---|---|
| Menstrual / reproductive data | Period start and end dates, flow, cycle length, predicted period and ovulation, pregnancy status if you log it | To track your cycle and produce your period and ovulation predictions |
| Bodily measurements & vital signs | Basal / body temperature, resting heart rate, heart-rate variability | To detect ovulation and sharpen predictions |
| Symptoms & day logs | Cramps, mood, stress, sleep, energy, bloating, water retention, joint pain, headache, cervical mucus, LH test results, libido, sexual activity, and other symptoms you choose to log | To show patterns across your cycle and inform predictions |
| Body data | Weight, body measurements, body-fat | To track your body journey and the weight-vs-cycle overlay |
| Training data | Workouts, lifts, personal records | To relate training load to your cycle and adjust predictions |
| Birth data (optional) | Birth date, time, and place | Only if you enable the astrology feature |
| Location (optional) | Approximate location | Only if you enable the local weather / pressure feature; we coarsen location and never use precise geolocation |
We do not collect data we do not need for a feature you use, and we do not use consumer health data to infer characteristics for advertising.
2. Categories of sources
- You — data you enter directly in the app.
- Connected devices, with your consent — wearables you choose to connect through Apple Health or Android Health Connect (read-only). We request read access only and never write to or share data through those services for advertising.
3. How we share consumer health data, and how we do not
We do not sell your consumer health data. We do not share it with advertisers, data brokers, analytics companies, or social networks. We use no advertising or third-party analytics / tracking SDKs.
We share consumer health data only with service providers (processors) that help us run the app, under written contracts that bind them to use your data only on our instructions and never for their own purposes:
| Category of third party | Provider | What they receive |
|---|---|---|
| Application hosting | Vercel, Inc. | Encrypted application data needed to run the service |
| Database hosting | Neon, Inc. | Your stored data (encrypted in transit; access-controlled) |
| Encrypted backups | Neon, Inc. | Encrypted database backups |
Payment and subscription providers (Apple, Google, and RevenueCat) process your purchase and account identifiers if you subscribe to Fe+. They do not receive your consumer health data. We do not share consumer health data with any large language model or AI provider.
Categories we share: the only categories of consumer health data we share are those listed in Section 1, shared only with the processors above and only to operate the service. Affiliates: Ferrabelle has no corporate affiliates, and we do not share consumer health data with any affiliate. Geofencing: we do not use a geofence around any healthcare facility to locate or track any consumer, to collect their consumer health data, or to send them messages related to their consumer health data.
4. Your rights
You may, at any time and free of charge:
- Access the consumer health data we hold about you, including a list of any third parties or affiliates we have shared it with;
- Withdraw consent to further collection or sharing;
- Delete your consumer health data, including from our active systems and our backups; and
- Appeal a denied request.
To exercise any right, use the in-app controls (Account → Export my data / Delete account), our account deletion page, or contact privacy@ferrabelle.com. We will respond within 45 days (extendable once by 45 days where reasonably necessary, with notice to you). Deletion removes your data from our active databases immediately and from encrypted backups by the time those backups are next cycled (no later than six months).
Appeals: if we deny a request, we will tell you why and how to appeal. To appeal, reply to our decision or email privacy@ferrabelle.com; we will respond within 45 days with a written explanation. If we deny your appeal, you may contact the Washington State Attorney General at atg.wa.gov/file-complaint.
5. Consent
Outside of what is strictly necessary to provide a feature you have requested, we collect or share consumer health data only with your affirmative, opt-in consent, obtained separately from our general terms and never through bundled or deceptive design. Consent to collect and any consent to share are requested separately. We do not use dark patterns to obtain consent, and declining consent to non-essential collection or sharing does not stop you from using Ferrabelle's core features. You can withdraw consent at any time in Account settings.
6. No sale of consumer health data
We do not and will not sell consumer health data. Here, "sell" has its statutory meaning: exchanging consumer health data for money or other valuable consideration; we do neither. If this ever changes, we will first obtain a separate, written valid authorization from you as required by RCW 19.373.070, and you are never required to sign such an authorization to use Ferrabelle.
7. Security
We protect consumer health data with encryption in transit and at rest, access controls, per-user data isolation, and encrypted backups. No system is perfectly secure, but we design Ferrabelle to be local-first and to minimize what we hold.
8. Retention
We retain each category of consumer health data only as long as needed to provide the service to you, or until you delete it or your account. See the general Privacy Policy for category-level retention periods.
9. Changes
We will post any changes here with a new effective date and, for material changes affecting consumer health data, obtain fresh consent where required.
Questions about this policy: privacy@ferrabelle.com.