Your data stays where it belongs. With you.

All your cycle data — periods, symptoms, mucus, pain, mood, contraception, pregnancy — is stored on your phone only. It's encrypted at rest by the OS (Keychain on iOS, EncryptedSharedPreferences on Android).

NEW GAME, the publisher of Plumm, has no access to that data. No server sees it pass by. That's our difference from Flo, Clue, or Natural Cycles, who sync everything to the cloud by default.

You can write to us in-app to report a bug, share an idea, ask a question. Those messages (and only those) are sent to a server — so we can reply.

What actually transits: • The content of your messages • An anonymous UUID generated by the app (no link to your identity) • A notification token to send you the reply

No account, no email, no first name asked. You stay anonymous. And as long as you don't use the messaging, nothing is sent.

We hide nothing:

• Sentry (EU) — technical error detection. Receives pseudonymized error traces, never cycle data.
• Supabase (US) — hosts the messaging database. Receives only your message content and anonymous UUID.
• Expo (US) — push notification delivery service. Receives an anonymous token.

Transfers to the US are covered by the European Commission's standard contractual clauses.

We don't live by selling your attention or data. No Google Analytics in Plumm, no Facebook Pixel, no advertising identifier collected. No data is sold, to anyone.

Our business model: a future, optional paid premium plan. Full details on our Transparency page.

You hold the classic rights (access, rectification, erasure, portability, objection).

• Local erasure: Profile > Reset the app. Everything's gone, irreversibly, in one tap.
• Server erasure of messaging data: email hello@plumm-app.com, we delete within 30 days.
• Export: your history exports as JSON from the profile.

If you're not satisfied, you can file a complaint with the French CNIL (cnil.fr) or your national data authority.

Today, your data stays on the old device — that's the cost of local-first. We're working on an end-to-end encrypted, opt-in cloud backup: we'll never be able to read what you back up, not even us. You'll know when it's ready.