We built Red Tent PMDD so we architecturally cannot read your data.
Not a policy. Not a promise we could quietly change. A structural fact about how the app is built — verifiable, and true for every symptom you log.
Your private iCloud, not our database.
Most apps store your data on their own servers, where it can be breached, subpoenaed, sold, or simply seen by employees. Red Tent PMDD stores your cycle and symptom entries using Apple’s CloudKit private database — a data store cryptographically tied to your Apple ID that only your devices can decrypt.
We never see the contents. There’s no admin panel, no backend table, no export path that reaches us — because one was never built.
No ads. No data selling. No exceptions.
No advertising
Red Tent PMDD has never shown an ad and never will. We're not an ad-supported product.
No data brokers
Your data is never packaged, aggregated, or sold to third parties — health data or otherwise.
No silent tracking
No third-party health analytics SDKs are embedded in tracking or symptom screens.
What we do collect — in plain language.
We maintain a small, pseudonymous account record (a random ID, sign-in method, subscription status) so the app works across your devices, plus a pseudonymous consent ledger recording which disclosures you’ve agreed to. Neither contains your health data. We also collect anonymous crash and performance diagnostics to keep the app reliable. Full detail lives in our Privacy Policy.