← Back to Nar

Privacy Policy

Nar is built so this question has a real, structural answer: we never receive your health data. Everything below describes how that's actually true — not just what we promise.

1. Who we are

Nar is operated by Cognitive Intelligence Development ("CID", "we", "us"). This policy explains what data Nar handles, where it lives, and what control you have over it.

2. The short version

• Your health data is read by the Nar app on your iPhone and stays there. We have no server that processes it.
• If you connect Oura, your iPhone fetches your own Oura data directly from Oura's API. We are not in the loop.
• If you connect Apple Health, that data never leaves your device — Apple's HealthKit doesn't transmit it to us.
• We do not run analytics, telemetry, crash reporters, or third-party SDKs that profile your usage.
• Sign in with Apple is one sign-in option. If you choose it, your onboarding profile (life stage, cycle profile, age) syncs through your own Apple iCloud so a reinstall recognises you. Biomarkers are explicitly excluded from this sync. If you continue without signing in, nothing syncs.
• Subscription transactions are handled by Apple. We see only the anonymous transaction identifier needed to confirm an active subscription.

3. Data Nar reads (on your device)

To produce insights, the Nar app reads the following on your iPhone:

• From Apple Health (HealthKit): Sleep stages, heart rate, heart rate variability, resting heart rate, respiratory rate, blood oxygen (SpO₂), active and basal energy, step count, body weight, skin temperature, menstrual flow.
• From Oura (if connected): Sleep stages, HRV, resting HR, skin temperature delta, recovery score, sedentary minutes, activity, SpO₂, respiratory rate.
• From you, in the app: Life stage (cycling, postpartum, perimenopause, menopause, post-menopause), cycle profile, age, optional symptom logs, optional notes.

All of this is read into the app's memory on your device, written to local storage protected by iOS Data Protection (encrypted at rest), and processed by Nar's scoring engine and on-device CoreML model.

4. Data that leaves your device

Three narrowly-scoped categories of data leave your iPhone:

• Oura API requests (only if you connect Oura). Your device makes authenticated requests to api.ouraring.com using an access token you grant. The response is your own Oura data, returned to your device and stored locally. Nar's servers are not part of this exchange.
• Apple Sign In and App Store transactions. Authentication is handled by Apple. Subscriptions are handled by Apple's StoreKit. Apple may share an anonymous user identifier and subscription status with the app. We never receive your name, email, or payment information directly.
• iCloud profile sync (only if you Sign in with Apple). Your onboarding profile — life stage, age, cycle profile, postpartum details if applicable, your name if you typed one — is synced through Apple's iCloud Key-Value Storage so a reinstall under the same Apple ID restores it. The sync is end-to-end encrypted, scoped to your Apple ID, and never visible to us. Your biomarkers are explicitly excluded from this sync — HRV, sleep, temperature, heart rate, and every other Apple Health value stays on your device. If you choose "Continue without signing in" instead, nothing syncs at all and reinstalling starts fresh.

That is the complete list of outbound network activity from Nar.

5. What we do not collect

• We do not run analytics SDKs (no Firebase Analytics, no Mixpanel, no Amplitude, no Segment).
• We do not run advertising SDKs or ad networks.
• We do not have an account database with your health metrics.
• We do not train any model on your data.
• We do not sell, rent, or share your data with anyone.

6. Crash reporting

Nar ships with no crash reporter. There is no Firebase Crashlytics, no Sentry, no Bugsnag, no equivalent service. If the app crashes, no trace is sent anywhere — we simply have no visibility into production crashes by design. We accept that trade-off because every alternative we evaluated required some inbound stream of identifier-tagged data, and the privacy posture matters more than the diagnostic convenience.

7. The on-device ML model

Nar ships with a small temporal encoder (~69,000 parameters) that runs in CoreML on your iPhone. It was trained on the public LifeSnaps dataset (Pierris et al., Nature Scientific Data, 2022) before shipping, and is frozen — it does not learn from your data, send your data anywhere, or transmit predictions externally.

8. Personal baselines

Over time the app computes your personal baselines (your typical HRV, your typical cycle of skin temperature, your normal sleep patterns) so its readings get sharper. These baselines live in app storage on your device, encrypted by iOS Data Protection, and are removed when you delete the app or reset your data from Settings.

9. Sign in with Apple

Nar uses Sign in with Apple as its only authentication method. Apple gives the app a stable identifier specific to Nar — we cannot use it to identify you across other apps. If you choose Apple's "Hide My Email" feature, the email we receive is a relay address controlled by Apple; we never see your real email.

10. Subscriptions

If you subscribe to Nar Pro, the transaction is handled by Apple's StoreKit. The app receives a verification of your subscription status from Apple. We do not receive payment card information, billing address, or any financial details.

11. Children

Nar is intended for adult women managing their own health. It is not designed for or directed to children under 13.

12. Data deletion

You can remove all Nar data at any time:

• Inside the app: Profile → Delete account. This wipes the local database, personal baselines, any cached Oura tokens, and your iCloud profile-sync entry if you signed in with Apple.
• By deleting the app: Removing Nar from your iPhone removes its local storage. Your Apple Health data is unaffected (it's owned by Apple Health, not Nar).
• For Oura: Revoke Nar's access in the Oura app or at cloud.ouraring.com.

13. Your rights under the UK GDPR

The structural answer is that we do not hold your health data on any server, so there is nothing on our end to access, correct, or erase — those requests would resolve to your own device. That said, the UK GDPR gives you the following rights, and we are happy to answer questions about how each one applies in our architecture:

• Right of access (Article 15). What we hold about you on our side is limited to the App Store transaction identifier Apple shares with us when you subscribe. There are no health records on our servers to disclose.
• Right to rectification (Article 16). Your profile lives on your device — edit it directly in Settings → Profile.
• Right to erasure (Article 17). Profile → Delete account inside the app wipes the local database, the iCloud profile sync entry, and all cached tokens. Deleting the app from your phone removes everything else.
• Right to restriction of processing (Article 18). Disconnect Oura in the app to stop further fetches; revoke HealthKit access in iOS Settings to stop reads.
• Right to data portability (Article 20). Apple Health and Oura are the systems of record for your biomarkers; both offer their own export. Nar produces no derived data we hold for you.
• Right to object (Article 21). You can stop processing at any time by disconnecting data sources or deleting the app.
• Right to lodge a complaint. If you believe we have not handled your data lawfully, you can complain to the UK Information Commissioner's Office at ico.org.uk.

Lawful basis: we rely on (a) your consent for HealthKit and Oura access (you grant it through the platform's own permission sheet, and can withdraw it the same way), and (b) legitimate interests for the minimum subscription metadata Apple shares with us in order to deliver the service you bought. For any of the above, contact benan@cogdev.ai.

14. Changes to this policy

If we change this policy in any material way (for example, adding any backend processing of health data), we will update the "Last updated" date and notify you in the app before the change takes effect. Any change that would weaken the on-device-only architecture would be a fundamental change to the product, not a minor update.

15. Contact

Cognitive Intelligence Development
Email: benan@cogdev.ai
Website: cogdev.ai