How Intero handles your data

The app stores the symptom entries you log each day: a numeric score, the activities you mark, and any free-text notes you add. It also stores the activity definitions you configure and your in-app settings. All of this lives on your device. If iCloud backup is enabled for your device, the app data may also be backed up to your iCloud account.

If you grant Apple Health access, the app reads whatever health data you allow. Apple Health data is not transmitted to Intero's servers or to any analytics service.

When you visit the Intero website, our hosting provider receives the standard data that any web server receives: your IP address, browser type and version, operating system, the page you requested, the referring URL if you followed a link to get here, and the time of the request. This is logged automatically as part of delivering the site and maintaining security.

The app and website send usage events to PostHog, a third-party analytics platform, to help us understand how the product is used and how we can improve it. Intero does not require an account, and we do not send symptom entries, notes, or Apple Health readings to PostHog. On the website, analytics require consent for visitors in the EU and UK. We also honor the Global Privacy Control signal for California visitors.

These events are not tied to an Intero account because Intero does not use accounts. No daily log data or Apple Health readings are sent to analytics.

Daily logs, Apple Health context, notes, and activity history are stored locally on your iPhone. There is no Intero backend that holds your symptom records. If iCloud backup is enabled for your device, Apple may store a copy in your iCloud account. That copy is governed by Apple's privacy policy and terms of service, not ours.

Analytics events are stored and processed by PostHog on their servers. PostHog is operated by PostHog, Inc. Their privacy policy is at posthog.com/privacy. Data is sent to PostHog's US-based infrastructure by default. We do not use analytics data to build advertising profiles, and we do not sell or share analytics data with advertisers. We may also disclose limited information if legally required, such as in response to a valid court order. Because we do not store your symptom record on our servers, what we can produce in response to legal process is limited to what we actually hold: analytics data and, if you contacted us directly, any correspondence. If you generate a PDF export from the app and share it, that copy goes to whoever you send it to. Intero does not receive the exported document, and we do not control how that recipient handles health information.

You can deny or revoke Apple Health permissions at any time in iOS Settings under Privacy and Security. If you do not want Intero data backed up to iCloud, you can manage that through your device's iCloud settings. Deleting the app removes the Intero data stored on your device. Removing any iCloud backup copy requires a separate step through Apple's iCloud settings.

The app includes an analytics preference in Settings. Turning it off stops all analytics within the app immediately. On the website, visitors in the EU and UK see a consent prompt and must agree. Visitors who have enabled the Global Privacy Control signal in their browser will have analytics suppressed automatically. Website visitors can reopen their choice at any time from the Privacy choices link in the footer.

For website server logs, security-related processing, and correspondence you send us, we generally rely on legitimate interests in operating, securing, and improving the service. For website analytics shown to visitors in the EU and UK, we rely on consent where required.

If you are in the EEA or UK, you may have rights to request access, correction, deletion, restriction, objection, or portability for personal data we control, and to withdraw consent where processing is based on consent. Because Intero does not store your symptom record on its servers, those rights generally apply to the limited data we actually hold, such as website logs, analytics data, and correspondence. To exercise these rights, contact privacy@getintero.app. You may also have the right to complain to your local data protection authority.

Intero is not directed to children under 13. The app is designed for adults managing chronic or unexplained pelvic and urinary symptoms. If we become aware that personal information from a child under 13 was submitted through the website, we will remove it where reasonably possible.

We use appropriate technical and organizational measures for a product with no central health-data server. No transmission method or storage system can be guaranteed secure. If this policy changes in a meaningful way, we will update the date at the top and revise the text here rather than hiding changes in fine print.

For questions about this policy, contact us at privacy@getintero.app.