Last updated: June 18, 2026
Privacy Policy
This Privacy Policy explains how PainFlow handles personal, health, and wellness information when you use the PainFlow mobile application and related website.
1. Who we are
PainFlow is a personal health and wellness tracking application designed to help users record daily check-ins, plan preferences, practice progress, and notes for their own awareness and care conversations.
For privacy questions or requests, contact us at hello@painflow.app.
2. Information we collect
Depending on the features you use, PainFlow may process the following categories of information:
- Daily check-in entries, such as pain level, energy level, mood, gratitude count, notes, and related timestamps.
- Personal plan preferences entered during onboarding, such as selected pain areas, gender, time when pain is strongest, activity time, and preferred rest time.
- Practice and plan progress, such as completed exercises, selected plan days, and app settings.
- Subscription information related to subscription purchases, such as product type, subscription status, renewal or expiration dates, and transaction identifiers provided by Apple or RevenueCat. Payment details are processed by Apple, not by PainFlow.
- Contact information, such as your email address, if you contact support or send feedback.
- Website language preference cookie, painflow_language, which stores the language selected or detected for the website for up to 1 year so pages can open in the preferred language. This is a functional cookie and is not used for advertising or cross-site tracking.
- Website usage analytics collected through Vercel Web Analytics, such as visited pages, referrers, device and browser information, and approximate region in aggregate. Vercel Web Analytics does not use cookies and is not used for advertising or cross-site tracking.
- App usage, analytics, and diagnostics data collected through Google Analytics for Firebase, such as app interactions and events, screen views, app version, device model, operating system version, language, approximate region, and app instance identifiers needed to understand aggregate usage, reliability, and product performance.
3. How we use information
We use information only to operate and improve PainFlow, including to:
- provide tracking, history, and insight features inside the app;
- unlock and manage subscription access purchased through the App Store;
- remember the website language preference;
- understand aggregate website usage and performance through Vercel Web Analytics;
- respond to support requests and product feedback;
- maintain security, prevent abuse, and fix bugs;
- understand aggregate product performance, usage, and reliability through Google Analytics for Firebase.
4. Legal bases for processing
For users in the European Economic Area and the United Kingdom, our legal bases depend on the information and purpose:
- Health and wellness entries: explicit consent and/or providing the self-tracking features you request. Health data may be special category data and is handled with additional safeguards.
- Subscription status: performance of a contract and purchase support.
- Support messages and feedback: legitimate interests in responding to requests and improving PainFlow.
- Product analytics and diagnostics: consent where required by law and/or legitimate interests in understanding aggregate app usage, reliability, and product performance.
- Website language preference cookie, Vercel Web Analytics, and basic security logs: legitimate interests in providing and improving a functional, secure website.
- Legal, safety, and compliance uses: legal obligations and legitimate interests.
5. Health data protections
Health and wellness information is sensitive. We do not sell your health data. We do not use health data for third-party advertising, behavioral advertising, or cross-app tracking. We do not share health data with advertisers or data brokers.
PainFlow does not integrate with Apple Health, HealthKit, or other external health services. Health and wellness entries are based on information you choose to enter in the app.
We do not intentionally send daily check-in entries, pain levels, mood, energy, gratitude counts, notes, selected pain areas, or personal plan details to Google Analytics for Firebase. Firebase Analytics is used for aggregate app usage and reliability information, not to analyze individual health entries.
6. Subscriptions
PainFlow offers optional subscription access through monthly and yearly subscriptions purchased in the app using Apple In-App Purchase. Apple processes payments and manages billing, renewals, cancellations, refunds, and payment method information.
PainFlow may receive limited subscription status information from Apple so the app can unlock subscription access, verify active access, and provide purchase support.
7. When information may be shared
We may share limited information with service providers that help us operate PainFlow, such as hosting, Vercel Web Analytics, Google Analytics for Firebase, crash reporting, purchase validation, and customer support providers. These providers may process information only for the services they provide to us and must protect it appropriately.
We may also disclose information if required by law, to protect rights and safety, or with your explicit consent.
8. Data retention
We keep personal information only as long as needed to provide PainFlow, comply with legal obligations, resolve disputes, maintain security, and enforce our agreements. You may request deletion of personal data associated with your support requests or other information we control by contacting hello@painflow.app.
9. Your choices and rights
You may be able to access, update, export, or delete information through the app. You may also contact us to request access, correction, deletion, or restriction of personal information, subject to applicable law.
If you are in the European Economic Area or the United Kingdom, you may also have rights to object to certain processing, request data portability, withdraw consent where processing is based on consent, and lodge a complaint with your local data protection authority or the UK Information Commissioner's Office.
You can manage App Store subscriptions, cancellation, renewal, and refund options through your Apple Account. You can control app permissions, such as notifications, in iOS Settings. Disabling some permissions may limit certain features.
10. Children
PainFlow is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.
11. Security
We use reasonable administrative, technical, and organizational measures to protect personal information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
12. International use
PainFlow may be operated and supported from different countries. Where personal information is transferred internationally, we take steps designed to protect it according to applicable law.
13. Changes to this policy
We may update this Privacy Policy as PainFlow changes. When we do, we will update the date above. Material changes may also be communicated in the app or by other appropriate means.