Effective date: April 1, 2026 · Last updated: April 10, 2026
The short version: Sage stores your health data exclusively on your device. We do not collect, sell, share, or transmit your symptoms, mood logs, notes, or any health information. The only data that ever leaves your device is anonymous technical data used to fix crashes and understand app usage — and it contains no health information whatsoever.
Sage: Menopause Tracker ("Sage", "we", "us", "our") is a mobile application developed and operated by an independent developer. This Privacy Policy explains how we handle information in connection with your use of the Sage app.
Contact us at any time: sage.tracker.app@gmail.com
Sage does not ask for, collect, or store any personal information. Specifically, we never collect:
Sage has no sign-up screen, no login, no user profile, and no onboarding step that asks for personal information. You open the app and start logging — anonymously, with nothing shared with us.
All data you enter in Sage — symptoms, moods, notes, triggers, Quick Log entries, reminders, and preferences — is stored exclusively in an on-device SQLite database using the Drift library. This data never leaves your device as part of Sage's normal operation. It is not backed up to any cloud service we control.
iOS may include this data in your standard iCloud or iTunes device backup if you have those features enabled in your iOS settings. This is controlled entirely by you and Apple — not by Sage.
We use Firebase Crashlytics (Google LLC) to automatically receive technical reports when the app crashes. When a crash occurs, a report is sent to Crashlytics to help us identify and fix the bug.
Crash reports contain: device model, OS version, app version, the code stack trace at the moment of the crash, and a randomly generated installation ID. Crash reports do not contain any of your health data, symptom logs, mood entries, notes, or any content you have entered in the app — only the technical state of the app code at the moment of the crash.
Firebase Crashlytics is governed by Google's Privacy Policy: policies.google.com/privacy
We use Firebase Analytics (Google LLC) to understand which features of Sage are used and how often — for example, how many users complete a daily check-in, use Quick Log, or open the Trends screen. This helps us prioritize improvements and identify features that aren't working well.
We log feature usage events only — actions like "opened trends screen" or "completed quick log". We do not log the content of any action. For example, we record that a check-in was completed, but not what symptoms were logged, what mood was selected, or what notes were written. No health data, symptom content, notes, or any personal information is ever included in analytics events.
Firebase Analytics also automatically collects: device type, OS version, app version, language setting, and a randomly generated installation ID. It does not collect your name, email, precise location, or any identifying personal information.
Because all analytics events are anonymous and not linked to any personal identity, it is not possible to identify or delete data belonging to a specific individual. You may limit analytics data collection at any time through your device's privacy settings (iOS: Settings → Privacy & Security → Tracking). If you have questions about analytics, contact us at sage.tracker.app@gmail.com.
Firebase Analytics is governed by Google's Privacy Policy: policies.google.com/privacy
We use RevenueCat to manage Premium subscription entitlements. If you purchase a subscription, RevenueCat receives: your Apple-generated subscriber ID (anonymous), your subscription status (active/expired/trial), and the product purchased. RevenueCat does not receive your name, email, payment details, or any health data.
Payment processing is handled entirely by Apple through the App Store. We never see, receive, or store your credit card number or any payment credentials. Apple's privacy policy governs all payment data: apple.com/legal/privacy
RevenueCat's privacy policy: revenuecat.com/privacy
The Doctor Report feature generates a PDF from your locally stored data entirely on your device. When you tap "Share PDF", Sage uses your device's native share sheet (via the share_plus library) to let you send the file to an app of your choice — email, Messages, AirDrop, etc. Sage does not receive, transmit, or store a copy of the PDF. The file goes directly from your device to wherever you send it.
Sage uses local push notifications (scheduled on-device) to remind you to log your daily check-in. These notifications are generated and delivered entirely on your device — no notification server, no external service, no data transmitted. Your operating system will ask your permission before enabling notifications.
For full transparency, here is every third-party library in Sage that has any potential to touch external services:
The following libraries operate entirely on-device and make no network requests: Drift/SQLite (database), flutter_local_notifications (reminders), fl_chart (charts), pdf (PDF generation), google_fonts (fonts loaded at build time), shared_preferences (local settings), package_info_plus (app version), flutter_timezone/timezone (time handling), intl (date formatting).
If you are a California resident, the California Consumer Privacy Act (CCPA) may provide you with additional rights. Because Sage does not collect, sell, or share personal information as defined by the CCPA (we do not operate a server-side database of user data), most CCPA provisions are not directly applicable. However, we are committed to the spirit of the law:
Sage is designed for adults aged 38 and above and is not directed at children. We do not knowingly collect any personal information from children under the age of 13. If you are under 13, do not use Sage.
Because Sage stores all data locally on the user's device and does not transmit personal or health information to any server we control, we have no ability to identify whether a particular user is under 13, nor do we hold any data about them that could be deleted on our end. If a child under 13 uses the app, all data remains solely on their device and is fully deletable by the device owner via Settings → Delete All Data or by uninstalling the app.
If you have concerns, contact us at sage.tracker.app@gmail.com.
Sage is a personal symptom diary — a self-reporting tool for your own use. It is not a covered entity or business associate under HIPAA. Sage does not transmit health information to any server, does not process health data on behalf of healthcare providers, and is not used for treatment, payment, or healthcare operations as defined by HIPAA. All health-related data remains on your device under your sole control.
Your data is stored in an on-device SQLite database protected by your device's built-in data protection mechanisms. When your device is locked, the database is encrypted by the operating system. We recommend keeping your device protected with a passcode or biometric authentication.
Because we do not store your data on our servers, there is no Sage server that can be breached to expose your health information.
Your app data is retained on your device until you delete it or uninstall the app. Anonymous crash and analytics data retained by Firebase is subject to Google's standard retention policies (typically 90 days for Crashlytics, 14 months for Analytics). Because this data is anonymous and not linked to any individual, it cannot be selectively deleted by request.
If you are located in the European Union, European Economic Area, or United Kingdom, the General Data Protection Regulation (GDPR) or UK GDPR applies to the processing of your data.
What data is processed and why: The only data that leaves your device is anonymous crash reports and anonymous feature usage analytics (described in Sections 4 and 5). No health data, no personal identifiers, and no content you enter in the app is ever transmitted.
Legal basis: We process anonymous crash and analytics data on the basis of our legitimate interest (Article 6(1)(f) GDPR) in maintaining a functional, stable, and improving application. We have assessed that this interest is not overridden by your interests or fundamental rights, given the strictly anonymous nature of the data and the absence of any health or personal content.
Data transfers: Anonymous technical data is processed by Google LLC (Firebase) in the United States under Google's standard contractual clauses and data processing agreements, which provide adequate safeguards under GDPR.
Your rights under GDPR: You have the following rights regarding your personal data:
To exercise any of these rights, contact us at sage.tracker.app@gmail.com. We will respond within 30 days.
Sage is available in the United States, Canada, United Kingdom, Australia, and the European Union. By using the app, you acknowledge that anonymous technical data (crash reports, analytics) may be processed in the United States by Google (Firebase) under Google's standard contractual clauses and data processing agreements.
We may update this Privacy Policy from time to time. Material changes will be communicated through an in-app notice or by updating the "Last updated" date at the top. Your continued use of Sage after any changes constitutes acceptance of the revised policy. We encourage you to review this page periodically.
For any questions, concerns, or requests regarding this Privacy Policy or your data:
Email: sage.tracker.app@gmail.com
We will respond to all privacy inquiries within 30 days.