Privacy Policy

Last updated: June 13, 2026

In short Safr is a period and cycle tracker. Most of your cycle and health data — your logs, answers, and settings — stays on your device. We don't sell your data, ever. Optional analytics are anonymous and never include your health information. A few features (AI chat, optional photo analysis, and connecting Oura) send specific data to trusted services, only when you use them. You can export or delete your data at any time. The details are below.

This Privacy Policy explains how Grow Labs LLC (“Grow Labs,” “we,” “us,” or “our”) handles your information when you use the Safr mobile application and related services (the “Service”). By using Safr, you agree to the practices described here. For UK and EU data-protection law, Grow Labs LLC is the data controller.

1. Where your data lives

Safr is built to keep your sensitive information with you. The cycle and health data you log, your onboarding answers, and your settings are stored locally on your device. That data is not sent to our servers as part of normal use. Specific, clearly labeled features are the exceptions — AI chat, optional photo analysis, connecting Oura, and (if you opt in) anonymous analytics — and each is described below.

2. Information we collect

a. Information you provide (stored on your device)

Profile — your name (if you enter one), birth year, and cycle details such as cycle length, period length, cycle history, and last period start.
Cycle & health logs — period, intercourse, discharge, cervical-mucus, symptom, Plan B / emergency-contraception, and LH-test logs.
Onboarding answers — such as why you use Safr and your cycle-related preferences.
Support messages — what you send us when you contact support.

Special-category (health) data. Information about your cycle, intercourse, and reproductive health is sensitive personal data. Where UK/EU law applies, we process it on the basis of your explicit consent, which you can withdraw at any time by deleting the data or your account in the app.

b. Data from Oura (only if you connect it)

If you choose to connect Oura, you authorize Safr — through Oura's secure OAuth sign-in — to import overnight body-temperature data from the Oura cloud API. This is used to detect the temperature shift around ovulation and inform your cycle insights. Your Oura access tokens are stored in your device's secure keystore, and the token exchange is handled through our backend. Imported temperature is held with your other on-device data. You can disconnect Oura at any time from within Safr or from your Oura account; Safr then stops importing new Oura data. Ōura Health Oy is based in the EU.

c. Apple Health (if you enable it)

If you grant access, Safr can read temperature data you have in Apple Health to support the same cycle insights. This stays on your device alongside your other data.

d. Anonymous usage analytics (only if you turn it on)

If you enable “Share anonymous usage data,” Safr sends limited, anonymous product analytics to PostHog — for example, which screens you open, which features you use (not their contents), notification type, onboarding step progress, your birth year (used only to estimate an approximate age for aggregate statistics), and app version and platform. A random device identifier groups events from the same install; we do not attach your name, email, or health data. See Section 6.

We do not send any of the following to analytics: your name or email; your onboarding survey answers; your period, intercourse, mucus, symptom, Plan B, or LH-test details; your chat or AI conversation content; or your uploaded photos.

e. Subscriptions and diagnostics

Subscriptions — purchases are processed by the Apple App Store or Google Play; we receive subscription status, not your full payment-card details.
Diagnostics — basic crash and performance information to keep the app working.

3. How we use your information

To provide Safr's core features — interpreting temperature trends and your logged cycle history to estimate fertile and non-fertile windows and produce personalized daily insights.
To power AI chat and optional photo analysis when you use them.
To operate, secure, maintain, debug, and improve the Service.
To process subscriptions and prevent fraud and abuse.
To provide support and respond to you.
To comply with legal obligations.

We do not sell your personal information or your health data, and we do not use your health data for advertising.

4. AI chat and photo analysis

If you use Safr's AI chat or optional photo analysis (for example, cervical-mucus or LH-test photos), the relevant message or image is sent — through our backend — to OpenAI to generate a response or analysis. We do not use these features to advertise to you or to sell your data. If you don't use these features, this data isn't sent.

5. How we share information (our processors)

We share information only as needed to run Safr, with service providers acting on our behalf:

Ōura Health Oy (EU) — source of the wearable temperature data you authorize.
OpenAI — powers AI chat and optional photo analysis (via our backend).
PostHog — anonymous product analytics, only if you opt in (Section 6).
Singular — advertising attribution, only if you opt in and are an adult (Section 6).
Apple App Store / Google Play — subscription payments.
Superwall — subscription and paywall presentation.
Our cloud hosting / backend — to run the AI proxy, the Oura token exchange, and data-deletion requests.

We may also disclose information if required by law, to protect rights and safety, or in connection with a business transfer. Each provider is bound by contractual confidentiality and security obligations.

6. Your consent choices

Anonymous analytics is off until you opt in (“Share anonymous usage data,” in onboarding or Settings) and can be turned off any time. When off, new events are not sent.
Advertising attribution (Singular) is a separate opt-in and is off by default. It is fully disabled for users under 18, and nothing is shared with ad networks before you consent.
Oura is connected only when you explicitly authorize it, and you can disconnect at any time.

7. Legal bases (UK/EU users)

Consent — for health-data processing, connecting Oura, optional analytics, and advertising attribution. You may withdraw it at any time.
Contract — to provide the Service you sign up for, including subscriptions.
Legitimate interests — to secure, maintain, and improve the Service, balanced against your rights.
Legal obligation — where the law requires processing.

8. Data security

We protect your information with technical and organizational safeguards. Most of your sensitive data stays on your device. Data sent to our backend or providers is encrypted in transit (HTTPS), and sensitive credentials such as your Oura tokens are kept in your device's secure keystore. No system is perfectly secure, but we work to protect your data and respond promptly to incidents.

9. Data retention

On-device data remains until you delete it or remove the app. When you delete your data in the app, it is erased from your device and we reset and opt out your anonymous analytics identifier and detach advertising attribution. Analytics data held by PostHog is retained per our project settings unless you request deletion. We keep limited records where legally required.

10. Your rights and how to use them

Depending on where you live, you may have the right to access, export, correct, delete, restrict, or object to processing of your data, and to withdraw consent. Safr gives you direct controls:

Export (Art. 15 / 20) — Settings → “Your data” → Export my data gives you a structured JSON copy of what Safr stores on your device.
Delete (Art. 17) — Settings → Delete all my data wipes your on-device data, opts out and resets analytics, detaches advertising attribution, and requests erasure of server-side analytics records tied to your device identifier.
Withdraw consent — disconnect Oura or turn off analytics / advertising attribution in Settings.

You can also email chenglin@growlabsllc.com to exercise any right. UK and EU users may also complain to their local data-protection authority (in the UK, the ICO).

11. Children's privacy

Safr applies a region-aware minimum age (13 in the UK, and the applicable digital-consent age elsewhere in the EU/EEA), checked during onboarding. The fertility-awareness features are intended for adults. Advertising attribution is disabled entirely for users under 18. We do not knowingly collect data from children below the applicable age; if you believe a child has provided us data, contact us and we will delete it.

12. International data transfers

Grow Labs LLC operates from the United States, and some providers (for example, analytics and AI processing) may process data in the United States, while Oura is based in the EU. Where we transfer personal data out of the UK or EEA, we rely on appropriate safeguards such as the UK IDTA or EU Standard Contractual Clauses.

13. Changes to this policy

We may update this Privacy Policy from time to time. When changes are material, we will update the “Last updated” date and, where appropriate, notify you in the app.

14. Contact us

Grow Labs LLC
Email: chenglin@growlabsllc.com

Health disclaimer: Safr is an education and cycle-tracking app. It is not a contraceptive and does not prevent pregnancy — never rely on it to avoid pregnancy. For contraception or medical advice, talk to a healthcare professional.