Privacy Policy
CoreFlora Effective Date: June 13, 2026 Last Updated: June 13, 2026
CoreFlora is operated by CoreFlora LLC ("CoreFlora," "we," "us," or "our"), a pelvic and bladder health tracking application. We built CoreFlora because we understand how personal and sensitive health data is, especially when it involves conditions that are already difficult to talk about. This privacy policy explains what information we collect, how we use it, and how we protect it. We wrote it in plain language on purpose.
1. Important Notice: CoreFlora Is Not a Medical Device
CoreFlora is a wellness and educational tracking tool. It is not a medical device. It does not diagnose, treat, cure, or prevent any disease or condition, and it does not provide medical advice. Any patterns, correlations, or insights the app shows you are for your personal informational use only and are not a substitute for professional medical care. Always consult a qualified healthcare provider about your health.
2. Information We Collect
Information You Provide Directly
Account information: When you join our waitlist or create an account, we collect your name and email address.
Health and symptom data: When you use CoreFlora to log symptoms, this may include pain levels, urinary symptoms, dietary intake, medications, menstrual cycle data, mood, sleep, flare events, lab or test results, and other health-related entries you choose to record. You control what you log. We never require you to enter specific information.
Doctor's reports: If you generate reports to share with your healthcare provider, those reports are created from data you have already entered into the app.
Communications: If you contact us through email or our contact form, we collect the information you include in those messages.
Information Collected Automatically
Basic usage data: We collect general usage information such as how often you open the app, which features you use most, and your device type. This helps us improve the app. This data is processed within our own systems. We do not use third-party advertising or analytics tools, and we do not track your activity outside of CoreFlora.
Images you choose to upload: Some features let you attach images (such as lab results or community posts). We only access your camera or photo library when you actively choose to upload an image. We never access your photos automatically or in the background.
We do not collect: your precise location, your contacts, your microphone data, or any information from other apps on your device. We do not access your camera or photo library except when you choose to upload an image as described above.
3. How We Use Your Information
We use the information we collect to:
Provide and maintain the CoreFlora app and its features
Generate symptom reports, patterns, and correlation insights for your personal use
Send you updates about CoreFlora's launch and development (if you joined the waitlist)
Improve the app's functionality and user experience
Respond to your questions or support requests
Comply with our legal obligations
The patterns and correlations CoreFlora shows you are calculated to serve you within the app. We do not use your health data for advertising. We do not build advertising profiles. We do not sell your data. Period.
4. We Do Not Use Third-Party Analytics or Advertising Tools
CoreFlora does not embed third-party advertising pixels, analytics SDKs, or tracking tools (such as those from advertising networks or social media platforms) in the app. Your health data is not shared with advertising or analytics companies. We process the limited usage data described above ourselves.
5. Anonymous Research Data (Opt-In Only)
CoreFlora may offer an optional feature that allows you to contribute your data anonymously to pelvic health research. This feature is:
Completely opt-in. It is turned off by default. You must actively choose to participate.
Anonymous. If you opt in, your data is stripped of all personally identifiable information before it is shared. Researchers will never know who you are.
Revocable. You can opt out at any time, and your data will no longer be included in future research datasets.
We will always be transparent about which research partners receive anonymized data and for what purpose. We will never share identifiable health data with researchers, insurers, employers, or any third party.
6. How We Share Your Information
We do not sell, rent, or trade your personal information or health data to anyone. We share limited information only in the following circumstances:
Service providers: We use trusted third-party services to help operate the app, such as cloud hosting and email delivery. These providers only access the minimum data necessary to perform their function and are contractually required to protect your information and to use it only on our instructions.
Legal requirements: We may disclose information if required by law, such as in response to a valid court order or legal process.
With your consent: We may share information in ways you have specifically agreed to, such as the anonymous research feature described above.
Business transfers: If CoreFlora is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.
7. Data Storage, Location, and Security
CoreFlora requires an internet connection and stores your data on secure cloud servers located in the United States. There is currently no offline-only version of the app. By using CoreFlora, you understand that your data is transmitted to and stored on our servers.
Your health data is encrypted both in transit and at rest using industry-standard methods. We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction, and we limit access to your data to personnel who need it to operate the service.
While no system is perfectly secure, we take the protection of your health data seriously and continuously work to strengthen our security practices.
8. Data Breach Notification
If we discover a breach of security involving your unsecured health data, we will notify you without unreasonable delay and no later than 60 calendar days after discovery, consistent with the FTC Health Breach Notification Rule and applicable state law. Where required, we will also notify the Federal Trade Commission and, in certain cases, the media. Our notice to you will describe what happened, the types of information involved, steps you can take, and how to reach us.
9. Data Retention
We keep your health data for as long as your account is active so you can access your history. If you delete your account, we delete your associated data within 30 days, except where we are required to retain limited records to comply with legal obligations.
10. Your Rights and Choices
Access your data: You can view all the health data you have entered into CoreFlora at any time within the app.
Export your data: You can export your data in a portable format so you always have a copy.
Delete your account and data: You can delete your account and all associated data directly within the app's settings. You may also request deletion by contacting us at alessandra@coreflora.app. We will complete deletion within 30 days.
Opt out of communications: You can unsubscribe from our emails at any time using the unsubscribe link in any email we send.
Manage research participation: If you have opted into anonymous research data sharing, you can opt out at any time in your app settings.
11. State Privacy Rights
Depending on where you live, you may have additional rights under state law, including the right to access, correct, delete, or obtain a copy of your personal information, and the right not to be discriminated against for exercising these rights.
California (CCPA/CPRA): California residents have rights regarding their personal information, including sensitive personal information such as health data. We do not sell or share your personal information as those terms are defined under California law.
Washington and Nevada (My Health My Data and similar): If you are in a state with a consumer health data law, we obtain your consent before collecting or sharing consumer health data as required, and you may withdraw consent at any time.
Other states: Residents of states such as Virginia, Colorado, Connecticut, and others may have similar rights.
To exercise any of these rights, contact us at alessandra@coreflora.app. We may need to verify your identity before fulfilling your request.
12. Children's Privacy
CoreFlora is intended only for adults aged 18 and older. We do not knowingly collect personal information from anyone under 18. If we become aware that someone under 18 has provided us with personal information, we will take steps to delete that information promptly.
13. Third-Party Links
CoreFlora may contain links to external resources, educational articles, or healthcare information. We are not responsible for the privacy practices of third-party websites or services. We encourage you to read the privacy policies of any external sites you visit.
14. Changes to This Policy
We may update this privacy policy from time to time. If we make significant changes, we will notify you through the app or by email before the changes take effect. The "Last Updated" date at the top of this page reflects when the policy was most recently revised.
15. Contact Us
If you have questions about this privacy policy or how we handle your data, contact us at:
CoreFlora LLC alessandra@coreflora.app 1275 Lake Heathrow Lane, Unit 101, Heathrow, FL 32746, United States