on what stays
on your phone.
last revised · 23 May 2026
The plain-English version.
Elara is a pregnancy companion. Almost everything you log — kicks, contractions, journal entries, photos, hospital-bag checklist — lives only on your device. We don't want a copy.
What does leave your phone is narrow and named below: an anonymous account id, a code your partner can use to view your weekly progress, and the data needed to send subscription receipts and push notifications.
What stays on your device.
- Journal entries, prompts, and attached photos
- Kick counter and contraction timer sessions
- Symptoms, mood, hydration, weight, sleep records
- Hospital-bag checklist and doctor visit calendar
- Belly-photo timeline
- Apple Health imports (read-only by default; you choose what to share)
This data is encrypted at rest by iOS and synced through your private iCloud backup if you have iCloud enabled. We never see it.
What we collect.
Anonymous Firebase account id
On first launch we mint a random anonymous id (no email, no phone, no name). This id is used to:
- Sync your subscription status across reinstalls.
- Identify you to your linked partner when you share a 6-digit invite code.
- Receive push notifications for reactions from your partner.
Deleting the app deletes the id locally; you can also request server-side deletion (see below).
Pregnancy snapshot — only if you invite a partner
When you generate an invite code for your partner we publish a minimal snapshot of your profile to Google Firestore: your first name (or whatever you typed in onboarding), your due date, the avatar emoji you picked, and your current week.
This snapshot is what your partner's app reads to show “Mom is at week 24” on his Home screen. No journal entries, no photos, no health data ever leave your device for partner mode.
Unlink your partner from Settings → Partner Mode at any time and the snapshot stops being accessible to him; you can also delete the entire snapshot in the same screen.
Subscription receipts
Subscription purchases run through Apple's in-app purchase system. We use Adapty as a thin layer to validate receipts and keep your premium state consistent across reinstalls. Adapty stores your anonymous Firebase id and Apple receipt data on their servers — see adapty.io/privacy-policy.
APNs device token
For partner reactions to reach you as push notifications we store the Apple Push Notification token your device gives us, tied to your anonymous id. The token is meaningless outside our pipeline. Turn off Notifications in iOS Settings and we wipe the token on next launch.
Crash reports and analytics
We use anonymous crash reports (no personal data attached) and product analytics (PostHog) to understand which features people use. Events look like onboarding_step_completed or paywall_shown — no journal content, no health data, no PII. You can opt out in Settings → Privacy.
Third parties.
- Firebase (Google) — anonymous auth, Firestore for partner snapshots, push relay.
- Adapty — subscription receipt validation.
- Apple — App Store purchases, Health data (only if you grant access).
- PostHog — product analytics (anonymous, opt-out in Settings).
We do not sell your data. We do not run third-party ad networks. We do not share data with brokers.
Your rights.
- Export everything — Settings → Privacy → Export My Data.
- Delete your account and all server-side data — Settings → Privacy → Delete My Account, or email privacy@nomly.space.
- Withdraw consent for analytics at any time.
- Request a copy of what we store about you (GDPR / CCPA) — same email.
Children.
Elara is for adults preparing for pregnancy or expecting a child. We do not knowingly collect data from anyone under 13.
Changes to this policy.
We'll notify you in-app if we materially change how we handle your data. The “last revised” date above always reflects the current version.
Contact.
Questions? privacy@nomly.space.