⏳ Coming in September

Privacy Policy

Effective Date: July 22, 2025

1. Introduction

Welcome to Nora & You, a mobile app developed by Navidani Limited (Company Number: 14263196), dedicated to supporting women’s emotional  health on challenging fertility journeys (including Trying to Conceive (TTC), IVF, Pregnancy After Loss (PALS), Miscarriage, and Postpartum).

2. Information We Collect

Personal Information

  • Email address
  • Journey Type (TTC, IVF, PALS, Miscarriage, Postpartum)
  • Journey-specific information (as voluntarily provided during setup and app use)

Usage Information

  • Feature usage (meditation sessions completed, breathing exercises used, journal entries created)
  • Session data (login times, duration of app use, features accessed)
  • Device information (operating system, app version, device type)
  • Preferences (favorite meditations, affirmations)

Journal Entries

All journal entries are stored securely and encrypted at rest in our database. They are private to your account and are never viewed or accessed by us.

2A. Legal Basis for Processing

Under UK GDPR, we process your personal data based on:

  • Consent – For journey-specific information, preferences, and marketing communications
  • Legitimate Interest – For app functionality, security, and service improvement
  • Contract – To provide subscription services you’ve purchased

You may withdraw consent at any time through app settings without affecting service provision based on other legal grounds.

3. How We Use Your Information

  • Service Provision – To provide CBT-based tools, journaling features, and meditation content tailored to your fertility journey
  • Personalization – To recommend relevant content, exercises, and support resources based on your selected journey type
  • Communications – To send app notifications, meditation reminders, and support messages you’ve opted into
  • Service Improvement – To analyze anonymous usage patterns to enhance app features and user experience
  • Account Management – To manage your subscription, provide customer support, and maintain account security
  • Legal Compliance – To comply with applicable laws, respond to legal requests, and protect our rights and users’ safety

We do not use your personal data for advertising, marketing to third parties, or any purpose unrelated to supporting your fertility journey.

4. Data Security

  • Data Encryption – Personal data is encrypted during transmission and storage
  • Access Controls – Access to personal data is limited to authorized personnel only
  • Secure Infrastructure – We use industry-standard cloud hosting with security monitoring
  • Journal Privacy – Personal journal entries are stored securely and accessible only to you
  • Regular Updates – We maintain current security patches and monitoring systems

No security system is perfect. We encourage users to keep login credentials secure and report any security concerns to privacy@noraandyou.com.

4A. International Data Transfers

Some of our service providers are located outside the UK:

  • Supabase – Uses AWS infrastructure with data centers in multiple regions including the US
  • Sentry – US-based error monitoring service

These providers process personal data in accordance with their respective data protection agreements and security measures.

4B. Data Breach Notification

  • We will notify the Information Commissioner’s Office within 72 hours where required by law
  • We will notify affected users within 72 hours if the breach poses a high risk to your rights and freedoms
  • Notification will include the nature of the breach, potential consequences, and measures taken to address it
  • We maintain incident response procedures to minimize impact and prevent future breaches

You can report suspected security issues to hello@noraandyou.com.

5. Sharing of Information

We do not sell or share your personal data with third parties except:

  • As required by law.
  • With trusted service providers bound by confidentiality agreements.

6. User Control & Data Rights

You have the right to:

  • Access and update your personal information.
  • Request deletion of your account and associated data.
  • Withdraw consent at any time where processing is based on consent.

6A. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access – Request copies of your personal data
  • Rectification – Request correction of inaccurate personal data
  • Erasure – Request deletion of your personal data
  • Restrict Processing – Request limitation of how we process your data
  • Data Portability – Request transfer of your data in a structured format
  • Object – Object to processing based on legitimate interests
  • Withdraw Consent – Withdraw consent where processing is based on consent

To exercise these rights, contact us at hello@noraandyou.com. We will respond within one month.
If you’re not satisfied with our response, you can complain to the Information Commissioner’s Office (ICO) at ico.org.uk.

7. Retention of Information

  • Account data – Retained while your account is active, deleted within 30 days of account closure
  • Journal entries – Retained until you delete them or close your account
  • Usage analytics – Anonymized after 12 months, aggregated data retained indefinitely
  • Subscription data – Retained for 7 years after subscription ends for tax/accounting purposes
  • Marketing communications – Retained until you unsubscribe or close your account

You can request deletion of specific data categories at any time through app settings or by contacting hello@noraandyou.com.

8. Children’s Privacy

The Nora & You app is intended solely for adults (18+). We do not knowingly collect data from individuals under 18.

9. Emotional Safety & Privacy

We prioritize emotional safety:

  • Notifications and reminders are customizable and respectful.
  • Emotional triggers are minimized through empathetic and trauma-informed design.

10. Third-party Integrations

We use the following third-party services:

  • App Stores – Apple App Store and Google Play Store for app distribution and payments
  • Cloud Infrastructure – Supabase for secure data storage and backend services
  • Error Monitoring – Sentry for app performance and crash reporting
  • Analytics – Anonymous usage analytics to improve app functionality
  • Push Notifications – For meditation reminders and support messages

All third-party providers are bound by data protection agreements and process data only as necessary to provide these services. No personal journal content is shared with third parties.

10A. Cookies and Tracking Technologies

Nora & You may use:

  • Local storage – To save your app preferences and settings locally on your device
  • Analytics identifiers – Anonymous identifiers to understand app usage patterns
  • Push notification tokens – To send you meditation reminders and support messages

We do not use advertising cookies or cross-app tracking. All tracking is limited to improving your Nora & You experience.

11. Changes to this Policy

We may update this Privacy Policy periodically. Any significant changes will be communicated via email or app notification.

12. Contact Us

For privacy-related queries, contact us at:

Navidani Limited
Email: hello@noraandyou.com
Registered Office: 85 Great Portland Street, First Floor, London, England, W1W 7LT
Company Registration Number: 14263196

By using Nora & You, you acknowledge and agree to this Privacy Policy.

Join the Nora & You waitlist
for early access

We’ll send you updates as we get closer to launch

Instagram
© 2025 Nora & you All rights reserved.