Privacy Policy
Effective date: July 14, 2026 · Replaces the version dated July 11, 2026
On this page
This Privacy Policy explains how Sbantu LLC ("we," "our," or "us") collects, uses, discloses, stores, and protects information when you use the Dela Cycle mobile application (referred to as "Dela"), the delacycle.com website, support channels, and related services (collectively, the "Services"). References to "we" and "us" include our contractors and service providers acting on our instructions.
Important: Dela is a wellness and education product, not a medical device, emergency service, or substitute for professional medical advice. Its cycle, fertility, and pregnancy estimates can be wrong. Do not use the Services as the sole basis for diagnosis, treatment, contraception, fertility treatment, conception timing, pregnancy care, or urgent-care decisions.
Dela is not a healthcare provider, insurer, or health plan, and the Services are not intended to be used as a HIPAA-covered service unless we enter into a separate written agreement that says otherwise.
By using the Services, you acknowledge that some information you choose to provide may be sensitive health or reproductive data. If you do not agree with this Privacy Policy, please do not use the Services.
If you are a resident of Washington, Nevada, or Connecticut, our Consumer Health Data Privacy Policy provides additional disclosures about consumer health data and applies alongside this Policy.
Our Privacy Commitments
- We do not sell your personal information. Not now, not ever — including reproductive, cycle, and health data. We do not give data to data brokers, and we never will.
- We do not show ads, do not share your data for advertising, and do not embed third-party ad-tracking SDKs in the app.
- Your data never trains anyone else's AI. We use the data you enter to provide Dela's prediction features for you. Only if you separately enable optional prediction improvement may eligible records be used to compare and develop Dela's own models (Section 3.1). Product analytics is a different choice and never authorizes health-data evaluation. We never use your data to train third-party or general-purpose AI models.
- We minimize what we collect. If a feature can work without a given data point, we try not to ask for it. We do not collect precise location or advertising identifiers.
- We respond narrowly to law-enforcement requests. See Section 6.3 — we comply only with the minimum legally required, push back on overbroad requests, and notify you when we are legally permitted to do so.
- Encryption in transit and at rest, with additional application-layer encryption for your most sensitive free-text entries (Section 9).
- You can delete your account and your data from inside the app at any time. Your account content and health records are hard-deleted from our production database; Section 8 identifies the narrowly limited pseudonymous deletion record, backup window, and legal exceptions that may remain.
1. Scope of this Policy
This Policy applies to information collected through the Services and through direct communications with us about the Services. It does not apply to third-party websites, app stores, device manufacturers, healthcare providers, payment processors, or services we do not control, even if they are linked from Dela.
This Policy is intended to describe our data practices and does not create contractual rights beyond those provided under applicable law.
2. Information We Collect
2.1 Information you provide directly
We collect information you submit when you use Dela, including:
- Account details: email address, sign-in identifiers, and profile name
- Profile information: age or date of birth, tracking mode (cycle, trying-to-conceive, or pregnancy), goals, preferences, reminder choices, and onboarding responses
- Cycle and reproductive health entries: period dates, flow, cycle length, symptoms, mood, energy, sleep, pain, weight, medications, birth control information, health conditions you choose to record (for example PCOS or endometriosis), and the prediction corrections and feedback reports you submit (Section 3.1)
- Fertility entries (if you use them): basal body temperature, ovulation test results, cervical mucus observations, and trying-to-conceive details
- Pregnancy entries (if you use them): due date or last menstrual period, pregnancy symptoms, body changes, kick counts, weight, blood-pressure and blood-sugar readings you log, and health-visit records and appointment reminders you choose to add
- Intimacy entries (optional, off by default): if you turn on intimacy tracking, the intimacy signals you choose to log
- Notes and journals: free-form notes and journal entries you write
- Community and partner content: content you post in community features and reactions or notes you send through the partner companion feature
- Communications: support messages, survey responses, and feedback
2.2 Sensitive data — including reproductive and sexual-health data
Much of the information described above is sensitive personal data, sensitive health data, or "consumer health data" under applicable law (including reproductive health, sexual wellness, pregnancy, fertility, symptoms, medications, and health-condition information). You choose whether to provide this information, but some features cannot function without it. We treat this information with the heightened safeguards described throughout this Policy, including the law-enforcement posture in Section 6.3 and the security measures in Section 9.
2.3 Health data from your device (optional)
Where the Connected Health option is available on a supported device, you may choose whether to enable it. If enabled, Dela reads only the categories you approve through Apple Health (iOS) or Health Connect (Android) — currently steps and activity, sleep, heart rate, and body temperature — after your device presents a separate health-permission request. Dela does not connect directly to Oura, Garmin, or other wearable accounts; measurements from those services are available to Dela only if they have already been written to Apple Health or Health Connect and you approve Dela's access. Dela does not write to your device's health store. You can disconnect at any time in Dela or your device settings and delete imported health data from your Dela account.
2.4 Information collected automatically
When you use the Services, we may automatically collect:
- Device information such as device model, operating system, app version, language, time zone, and identifiers needed for security or notifications
- Coarse product milestones such as onboarding started or completed — only if you opt in to optional product analytics (off by default). These events carry no app mode, onboarding-step name, health-connection action, health entry, note, name, email address, or Dela account identifier.
- Crash reports and technical error data to help us troubleshoot — only when crash reporting is on; you can disable this in Settings > Privacy. Reports are stripped of free text, account identifiers, health-specific routes and modes, health entries, notes, email, and name before sending (Section 5).
- Push-notification tokens and delivery metadata when notifications are enabled
- Standard server logs (such as IP-derived rate-limiting signals and request identifiers) used for security, abuse prevention, and reliability
- If you choose Google Sign-In, Google's integrated sign-in SDK may process an IP address to estimate general location, account and device identifiers, authentication usage/diagnostic data, and a phone number if Google makes it part of that account or authentication flow. Dela does not request precise location or use Core Location for this.
We do not collect precise location, advertising identifiers, or third-party tracking pixels, and we do not use cookies for advertising or cross-site tracking on our website.
2.5 Information from third parties
If you sign in using Apple or Google, we receive limited account information such as your name, email address, unique account identifier, and authentication metadata made available by that provider. The providers and their embedded SDKs may process additional authentication, security, diagnostic, and general-location information under their own policies as described above; Dela does not use general location to infer or personalize reproductive-health information. If you contact us through third-party channels, we may also receive the information you choose to share there.
3. How We Use Information
We use personal information and health-related information to:
- Provide, maintain, personalize, and secure the Services
- Create cycle, fertility, and pregnancy predictions, reminders, wellness summaries, and in-app insights based on the information you enter
- Compare experimental prediction methods and develop Dela's own models only when optional prediction-improvement consent is on (Section 3.1)
- Operate optional features you enable, such as partner sharing, device health sync, and community features
- Authenticate users, secure accounts, prevent abuse, enforce rate limits, and detect bugs or fraud
- Respond to support requests and communicate about updates, safety issues, and policy changes
- Measure usage and improve product quality — only when analytics consent is on
- Comply with legal obligations, enforce our terms, and protect the rights, safety, and security of Dela, our users, and others
We do not use your personal information for advertising or for profiling that produces legal or similarly significant effects, and we do not make it available to train third-party or general-purpose AI models.
3.1 How we improve our prediction models
Dela separates the prediction records needed to serve your account from optional use for aggregate evaluation and model development:
- When Dela generates a prediction, we may store the prediction and later outcome with your random internal account identifier. This operational record lets Dela show, correct, and evaluate predictions for your account and is not sent to a third-party AI provider.
- Optional product analytics is separate. It sends only the coarse, account-unlinked milestones described in Section 2.4 and does not authorize Dela to send health entries to an experimental predictor.
- If optional prediction improvement is off (the default), your records are excluded from experimental or shadow prediction calls and from cross-user model evaluation and development.
- If you turn optional prediction improvement on, Dela may securely compare candidate methods using the structured information relevant to your mode — such as age, cycle and period history, last-period or due-date information, contraception status, and selected fertility signals such as basal temperature, ovulation-test results, or cervical-fluid observations. The candidate service receives no Dela account identifier or free-text note, and its result does not change the prediction shown to you.
- Eligible performance records may also contribute to minimum-size aggregate metrics (for example, average prediction error across a group). Raw health entries are not exposed through the aggregate analytics role.
- This data is never sold, never shared with a third party for its own purposes, never used for advertising, and never used to train models unrelated to the Services. It is processed by the service providers in Section 5 only to operate Dela.
- It is deleted along with everything else when you delete your account.
You can change optional prediction improvement at any time in Settings > Privacy & account. Turning it off stops future experimental prediction calls and future inclusion in consent-gated model evaluation. Product analytics and personalized Learn ordering have their own independent switches. You can also contact privacy@delacycle.com or delete your account.
4. Legal Bases and Consent
Where required by law (for example under the GDPR and UK GDPR), we rely on the following legal bases:
- Explicit consent (GDPR Article 9(2)(a)) for collecting and processing your health and reproductive data to provide the tracking and prediction features you request. You give this consent during onboarding and can withdraw it at any time. Optional product analytics, prediction improvement, crash reporting, and personalized recommendations are independent choices and are off by default.
- Performance of our contract with you, for account creation, sync, and core app functionality.
- Legitimate interests, for security, fraud and abuse prevention, and (where you have enabled crash reporting) diagnosing failures — always with the scrubbing safeguards described in this Policy.
- Legal obligation, where we must retain or disclose limited information to comply with law.
Where we rely on consent, you may withdraw it at any time in Settings > Privacy or by contacting us, but doing so may limit or disable features that depend on the relevant data. Withdrawing consent does not affect the lawfulness of processing before withdrawal.
5. Service Providers We Use
We deliberately keep our vendor list short. As of the effective date, these are the third-party providers and processors that may handle your data, and what each one receives:
- Supabase — cloud database and sign-in infrastructure. Stores your account and synced app data, encrypted at rest.
- Railway — hosts our backend API and our own internal prediction service, which the app talks to over encrypted connections. The service processes the data needed to produce the prediction you request; its experimental shadow path receives eligible structured data without your account identifier only when prediction improvement is enabled, as described in Section 3.1.
- Google Firebase — delivers push notifications using a device push token plus an opaque notification-record identifier and minimal delivery/routing metadata. A token is created and registered only after notification permission is granted and is removed when permission is withdrawn or the user signs out. If you separately opt in, Firebase also processes account-unlinked, coarse product milestones and scrubbed crash reports; both choices are off by default.
- Sentry — crash and error monitoring, only when crash reporting is enabled. Events contain a sanitized error type, coarse screen/API category, and opaque diagnostic correlation identifiers; no request bodies, free text, Dela account identifier, IP-based identification, emails, names, app modes, health-specific routes, or health fields.
- Resend — delivers sign-in (magic link) and transactional emails to your email address.
- Zoho — hosts our support and privacy mailboxes, so it processes emails you send us.
- Cloudflare — hosts this website and provides network security for it.
- Apple and Google — if you choose Sign in with Apple or Google, they process the sign-in; they also distribute the app through their stores under their own policies. Where Connected Health is available on your supported device, Dela reads only the device-health categories you separately approve through Apple Health or Health Connect after you enable it, as described in Section 2.3.
Providers acting as our processors are permitted to process data only as needed to provide their service to us, on our instructions, and subject to confidentiality and data-protection obligations. Apple and Google may separately process app-store and authentication data under their own platform terms and privacy policies. We limit what Dela sends each provider to what that service requires and will keep this list updated as our infrastructure evolves.
6. When We Disclose Information
6.1 What we do not do
We do not sell your personal information, do not share it for cross-context behavioral advertising, and do not give health data — individually or in bulk — to data brokers, marketing companies, advertising networks, or AI companies.
6.2 When we do share
- Service providers and processors: the vendors listed in Section 5, only on our instructions.
- At your direction: when you ask us to — for example when you invite a partner (Section 7), post in community features, export your data, or connect device health platforms.
- Business transfers: information may be disclosed as part of a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, subject to appropriate confidentiality and legal safeguards. Any successor will be bound to honor commitments at least as protective as this Policy with respect to data collected before the transfer — including the commitments never to sell your data and never to use it to train unrelated AI models.
- Aggregated or de-identified information: we may use and disclose information that has been aggregated or de-identified so that it no longer reasonably identifies you (for example, overall prediction-accuracy statistics), where permitted by law. We commit to maintaining such data in de-identified form and not attempting to re-identify it.
6.3 Law enforcement, legal process, and government requests
Reproductive and sexual-health data is among the most sensitive information we hold. We take a deliberately narrow approach to government and law-enforcement requests:
- We require valid legal process (such as a properly issued and lawfully served subpoena, court order, or warrant) before disclosing user information. Voluntary requests, informal inquiries, and bulk demands for user information are declined.
- We disclose only the specific information that is legally required and that is narrowly responsive to the request, and we push back on requests we believe are overbroad, vague, or improper under applicable law.
- We notify you when a legal request seeks your information, unless we are legally prohibited from doing so (for example, by a non-disclosure order). When prohibited, we will provide notice as soon as the prohibition expires where reasonably practicable.
- We may use, preserve, or disclose information without notice if we believe in good faith that doing so is necessary to prevent imminent harm to a person, to address a credible threat to safety, or to comply with a clearly applicable emergency disclosure exception.
- We do not voluntarily share user information with law enforcement to assist in the investigation or prosecution of reproductive-health decisions or outcomes that are legal where the user resides.
7. Partner Sharing and Community Features
7.1 Partner companion
Dela lets you invite one partner to follow along with a read-only view of selected information. This sharing happens only if you create an invite, and:
- You choose what categories your partner can see; sharing permissions default to off.
- Your partner can view the summaries you allow but can never edit your data, and never sees your free-text notes or journal.
- Invite links and codes are single-use, expire automatically, and are stored only in hashed form on our servers.
- You can pause or revoke your partner's access at any time in Settings. Dela stops new in-app access after the server confirms the change; a person may still retain information they previously viewed, copied, or captured.
- If your partner uses Dela, their account is governed by this same Policy.
7.2 Community features
If you use community features, approved posts and replies are searchable and visible to other signed-in Dela community members. The App shows a generic community label instead of your profile name, but Dela and the service providers that operate Community retain the account link needed for pre-publication review, abuse prevention, reporting, blocking, owner deletion, and legal or safety obligations. This is pseudonymous participation, not anonymity from Dela. Please avoid sharing information you do not want other members to see, copy, or discuss. You can delete your own Dela-hosted content in the App; for other privacy help, contact privacy@delacycle.com. We cannot remove screenshots or copies independently saved or re-shared by another person.
8. Storage, Retention, and Deletion
We store data on your device and in cloud systems used to operate the Services. We retain information for as long as reasonably necessary to provide the Services, fulfill the purposes described in this Policy, resolve disputes, enforce our agreements, comply with legal obligations, and protect against fraud or misuse.
- Account and health data are kept while your account remains active.
- Account deletion: You can delete your account in Settings > Privacy & account at any time. Deletion removes your profile, logs, cycle history, health data, Dela-hosted community posts and replies attributable to your account, partner connections, notification tokens, and prediction records from our production database — promptly, and in any event within 30 days of a confirmed request, unless retention is required by law. Copies independently saved or re-shared by another person are outside Dela's control.
- What survives deletion: a server-keyed, one-way cryptographic digest of your normalized email address (designed to resist reversal and used only for returning-sign-up deduplication and abuse controls), and a minimal audit record that an account was deleted (with no health data). We treat these records as pseudonymous personal data, retain them for no more than 730 days, and then automatically purge them unless a longer period is legally required. Where applicable, we rely on legal-obligation, security, and fraud-prevention grounds for this limited retention.
- Local copies: after the server confirms account deletion, the app also attempts to remove its encrypted local records and account-specific encryption keys from that device. If device cleanup cannot finish, the app reports that clearly and offers a retry rather than claiming the device is clean. Removing the app alone does not reliably delete synced cloud data — use the in-app account-deletion flow to delete cloud data.
- Backups and security logs may persist in our infrastructure for up to 90 days after deletion before they are overwritten or securely removed.
- Aggregated or de-identified data derived from your information may be retained where permitted by law; it no longer identifies you.
- Minimal records of legal or safety actions (for example, that a community report was processed) may be retained to comply with law, defend legal claims, or prevent repeat abuse.
9. Data Security
We use administrative, technical, and physical safeguards designed to protect information against unauthorized access, loss, misuse, or alteration. Specifically:
- Data is encrypted in transit (TLS) between the app and our cloud infrastructure.
- Data is encrypted at rest in our cloud database provider's storage, using their managed key infrastructure.
- Your most sensitive free-text fields — notes, journal entries, symptoms, and medications — receive an additional layer of application-level encryption before they are stored.
- Database row-level rules isolate ordinary user access and are designed to prevent one user account from reading another user's private records.
- Partner invite tokens are stored only as one-way hashes, expire automatically, and are single-use.
- Access to production data is restricted to authorized personnel under role-based access controls and is logged.
- We rate-limit sensitive operations, patch dependencies, monitor for vulnerabilities, and follow industry-standard secure-development practices.
- Optionally, you can protect the app locally with a passcode and Face ID / fingerprint; this protection never leaves your device.
No method of transmission, storage, or security control is completely secure. We cannot guarantee absolute security, but if a breach affecting your personal information occurs, we will notify you and the relevant authorities as required by applicable law — including the U.S. FTC Health Breach Notification Rule, state breach-notification laws, the GDPR (within 72 hours to supervisory authorities where required), and Canadian breach-of-safeguards rules. To report a security vulnerability, contact security@delacycle.com.
10. International Data Transfers
Our Services are operated from, and data is primarily stored in, infrastructure in the United States. If you use the Services from outside the United States, your information will be transferred to, stored, and processed there. Where the law of your home jurisdiction requires safeguards for such transfers (for example the EEA, UK, Switzerland, or Quebec), we rely on appropriate transfer mechanisms such as Standard Contractual Clauses, the EU-U.S. Data Privacy Framework where our providers are certified, recognized adequacy decisions, or equivalent safeguards, and we assess transfers as required (including Quebec Law 25's assessment requirements for communicating personal information outside Quebec).
11. Your Choices and Rights
Depending on where you live and subject to applicable law, you may have the right to:
- Access the personal information we hold about you and confirm whether we process it
- Correct inaccurate information
- Delete your account and personal information
- Export a portable copy of your data (available in-app)
- Object to or restrict certain processing
- Withdraw consent for processing that relies on consent, at any time
- Know the categories of third parties to whom data is disclosed (Section 5 — we name them)
- Appeal a decision we make on your privacy request
- Lodge a complaint with your data-protection authority or attorney general
- Not be discriminated against or retaliated against for exercising any of these rights
You can manage most of this directly inside the app — profile entries, notifications, privacy toggles (product analytics, prediction improvement, crash reports, personalized recommendations), health-data consent withdrawal through the account-deletion path, data export, partner-sharing controls, and account deletion all live in Settings. Dela's core tracking cannot operate without processing the health entries you request it to track, so withdrawing that core consent stops tracking and removes the account data.
To submit a privacy request that cannot be completed in-app, contact privacy@delacycle.com. We respond within the time required by your local law (generally within 30–45 days, extendable where the law allows). We may ask you to verify your identity before acting on a request, and we may limit or decline requests where permitted by law — for example where a request is manifestly unfounded, excessive, technically infeasible, or would adversely affect the rights of others. If we decline your request, you may appeal by replying to our decision with the subject line "Privacy Appeal"; a different reviewer will decide the appeal and respond within the legally required period, and we will tell you how to contact your regulator if you disagree with the outcome.
12. Region-Specific Disclosures
12.1 European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR / FADP)
Sbantu LLC is the controller of your personal data. You have the rights of access, rectification, erasure, portability, restriction, and objection described in Section 11, and the right to withdraw consent at any time. We process your health data on the basis of your explicit consent (Article 9(2)(a) GDPR); other processing rests on the bases listed in Section 4. Automated cycle predictions are provided for your information only and produce no legal or similarly significant effects. You may lodge a complaint with your national supervisory authority (or the UK Information Commissioner's Office / Swiss FDPIC). If we are required to appoint an EU or UK representative, their details will be listed here.
12.2 Canada (PIPEDA and provincial laws, including Quebec Law 25)
We handle personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial private-sector laws, including Quebec's Act respecting the protection of personal information in the private sector as modernized by Law 25, and the Alberta and British Columbia Personal Information Protection Acts. This means, among other things:
- We collect health data only with your express consent, for the purposes identified in this Policy, and you may withdraw consent at any time (subject to legal or contractual restrictions), which may limit the Services we can provide.
- You may request access to and correction of your personal information, and — for Quebec residents — cessation of dissemination, de-indexing, and a copy of computerized personal information in a structured, commonly used technological format (data portability).
- Your information may be stored and processed outside Canada (primarily in the United States) as described in Section 10; we assess these transfers to ensure adequate protection.
- We report breaches of security safeguards involving a real risk of significant harm to the Office of the Privacy Commissioner of Canada (and the Quebec Commission d'accès à l'information, as applicable) and to affected users.
- The person in charge of the protection of personal information (privacy officer) can be reached at privacy@delacycle.com. If you are unsatisfied with our response, you may complain to the OPC or your provincial privacy regulator.
12.3 California (CCPA / CPRA)
If you are a California resident, you have rights to know, access, correct, delete, and obtain a portable copy of personal information we hold about you, the right to limit use and disclosure of sensitive personal information, and the right to non-discrimination. The categories of personal information we collect are described in Section 2; sources in Sections 2.1–2.5; purposes in Section 3; and the recipients (service providers only) in Section 5. Dela does not sell personal information and does not share personal information for cross-context behavioral advertising, and has not done so in the preceding 12 months; we therefore do not offer a "Do Not Sell or Share" link. We use sensitive personal information only to provide the Services you request and for purposes permitted by the CCPA regulations, so no "Limit the Use of My Sensitive Personal Information" link is required. We honor opt-out preference signals such as Global Privacy Control where applicable; because we do not sell or share data or use advertising cookies, there is nothing further to opt out of. Authorized agents may submit requests on your behalf to privacy@delacycle.com with proof of authorization.
12.4 Washington, Nevada, and Connecticut consumer health data
Washington's My Health My Data Act, Nevada's SB 370, and Connecticut's health-data provisions give you additional rights over "consumer health data," including the rights to access, withdraw consent, delete, and appeal. Our separate Consumer Health Data Privacy Policy contains the disclosures those laws require. We collect and share consumer health data only with your consent or as necessary to provide services you request, we never sell consumer health data, and we do not use geofencing around health-care facilities — or anywhere else.
12.5 Other U.S. state privacy laws
Residents of Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, and other states with comprehensive privacy laws have rights that generally include access, correction, deletion, portability, opt-out of targeted advertising and sales (we do neither), and appeal of refused requests. We treat your health, reproductive, and sexual-health information as sensitive data and process it only with your consent. We respond to verifiable consumer requests, and handle appeals, as required by the law of your state. Many of these laws apply only to businesses above certain volume thresholds — but we honor these rights for all users regardless of whether a given statute technically applies to us yet.
12.6 United States — federal
Dela is not a HIPAA-covered entity, but our health records fall within the scope of the FTC's Health Breach Notification Rule, and we will provide breach notifications as it requires. The Services are not directed to children under 13; Section 13 describes the minimum-age posture and the process for reporting an underage account.
12.7 Australia and New Zealand
If you use Dela from Australia or New Zealand, we handle your information consistently with the Australian Privacy Principles and the New Zealand Privacy Act, including collecting sensitive health information only with consent and notifying eligible data breaches. You may complain to the OAIC or the NZ Privacy Commissioner.
12.8 Everywhere else
Wherever you live, we apply the commitments in this Policy as our baseline: consent-based collection of health data, no sale, no advertising use, no third-party AI training, deletion on request, and honest breach notification. If your local law grants you additional rights, contact us at privacy@delacycle.com and we will honor them as required.
13. Children's Privacy
Dela is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information in violation of applicable law, please contact us and we will delete it. If local law requires a higher minimum age for consent to data processing (such as up to 16 in some EEA member states, or Quebec Law 25's rules for minors under 14) or parental authorization, you may use the Services only in compliance with those rules.
14. Algorithmic Processing and AI
Dela uses statistical and machine-learning techniques to estimate next-period dates, fertile windows, ovulation, and phase guidance. You should know:
- Predictions are estimates based on the data you provide and on statistical patterns. They can be wrong, and they are not medical advice. Never use them as contraception or as the sole basis for fertility treatment, conception timing, or pregnancy-care decisions (see our Terms of Service).
- Experimental prediction comparison, cross-user aggregate accuracy evaluation, and Dela model development occur only with optional prediction-improvement consent, as described in Section 3.1. Product analytics is separate. Data is never sold, used for advertising, or used to train unrelated or third-party AI models.
- We do not use your data for automated decisions that produce legal or similarly significant effects about you.
- You can disable personalized recommendations in Settings > Privacy.
15. Governing Law
This Privacy Policy and any dispute arising out of or relating to it are governed by the laws of the State of Wyoming, United States, without regard to its conflict-of-laws principles, consistent with the Governing Law and Dispute Resolution sections of our Terms of Service. This choice of law does not deprive you of the protections of the mandatory privacy and consumer-protection laws of your place of residence, including the regional rights described in Section 12.
16. Changes to this Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the Services, by email, or by other reasonable means, and where required by law we will obtain your consent before the changes apply to previously collected data. We will never retroactively weaken the commitments in the box at the top of this Policy for data you have already entrusted to us. The revised version becomes effective when posted unless otherwise stated.
17. Contact Us
Sbantu LLC operates the Services. For privacy questions or to exercise your rights, contact:
- Privacy requests and privacy officer: privacy@delacycle.com
- Security reports: security@delacycle.com
- Legal notices: legal@delacycle.com
- General support: hello@delacycle.com