Privacy Policy for Poolendar
Last updated: February 2026
1. Information We Collect
Poolendar collects the following information, which is self-reported by the user, to provide digestive health tracking and analysis:
Events you log including type (bowel movement or flatulence), date and time, and optional parameters such as consistency (Bristol scale 1-7), urgency, color, presence of bleeding or mucus, post-evacuation sensation, incomplete evacuation, discomfort level, flatulence intensity, odor, and duration. Shared parameters include stress level (1-5), borborygmi, and foods consumed in the last 24 hours.
If you activate social features, you may provide a display name (max 20 characters), an emoji avatar, a profile photo (compressed JPEG, max 1.5 MB), and a friend code (format POOL-XXXXXX). This data is only collected if you choose to use social features.
You may optionally indicate known digestive conditions (such as IBS, IBD, Crohn's, SIBO, microscopic colitis, or bile acid malabsorption). This information is stored only on your device (UserDefaults) and is never transmitted to any server.
Purchase transactions are managed through RevenueCat using an anonymous user ID and processed by the Apple App Store. We receive transaction status and subscription information but do not have access to your payment details.
2. How We Use Information
We use the collected information for the following purposes:
We do not sell or share your personal data with advertisers or third-party marketers. No analytics, advertising, or tracking SDKs are used.
3. Data Storage and Synchronization
Your data is stored and synchronized as follows:
All event data is stored locally on your device using SwiftData. Digestive conditions are stored in UserDefaults and never leave your device.
Data is synchronized via Apple's CloudKit with encryption managed by Apple. Your private database contains all event details and is accessible only by you. The public database stores social profiles visible to users searching by friend code. The shared database contains group events but only shares event type and date/time — detailed medical parameters (consistency, bleeding, stress, foods, etc.) are never shared.
4. Social Features and Shared Data
If you choose to use social features, the following data may be shared with other users in your group:
The following is never shared with other users: detailed medical parameters, stress levels, food correlations, digestive conditions, or any other sensitive health data.
Groups are limited to a maximum of 1 group per user and 20 members per group.
5. Third-Party Services
Poolendar integrates with the following third-party services, each governed by their own privacy policies:
We do not use Firebase, Google Analytics, Crashlytics, Sentry, Mixpanel, Amplitude, Facebook SDK, or any other analytics, advertising, or tracking services.
6. Device Permissions
Poolendar may request the following device permissions:
We do not request access to your camera, location, contacts, calendar, Bluetooth, Siri, or HealthKit.
7. Data Export
You can generate a clinical report in PDF format containing aggregated statistics (Bristol distribution, temporal correlations, stress and food correlations). The report does not include personal identification and includes a medical disclaimer stating it is not a diagnosis. Export functionality requires an active subscription.
8. Health-Related Data
Intestinal event data may be considered health-related data (special category under GDPR Article 9), as it records information about your digestive function. This data is processed based on your explicit consent, which you provide by voluntarily entering information into the app. You may withdraw consent at any time by deleting your data.
On-device AI processing (Apple Intelligence / FoundationModels) is performed locally and no health data is sent to external AI services.
9. Data Retention and Deletion
You can delete all your events from within the app's Settings. This removes both local data and data stored in your iCloud private database.
Uninstalling the app or removing your iCloud account will delete local data. Shared data in group databases may persist until the group is dissolved.
10. Security
CloudKit uses Apple-managed encryption both in transit and at rest. We do not operate our own servers — all infrastructure is provided by Apple and RevenueCat. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.
11. Children's Privacy
Poolendar does not implement age verification. Given the health-related nature of the data collected, parental or guardian consent may be required for users under applicable age thresholds. If you believe a minor has provided personal information without proper consent, please contact us so we can take appropriate action.
12. Your Rights
We comply with the General Data Protection Regulation (GDPR). If you are a resident of the European Union, you have the right to access, rectify, or delete your personal data. You may also object to or restrict processing of your data.
Since your data is primarily stored on your device and in your personal iCloud account, you maintain direct control over it. To exercise any additional rights, please contact us at the email address provided below.
13. International Data Transfers
Apple (iCloud/CloudKit) and RevenueCat are US-based companies. Data may be transferred to and processed in data centers outside the European Union. Both companies maintain appropriate safeguards for international data transfers in compliance with applicable data protection laws.
14. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated "Last updated" date. Your continued use of Poolendar after changes are posted constitutes your acceptance of the revised policy.
15. Contact Information
If you have any questions about this Privacy Policy, please contact us: