Your data
Your cycle data is private.
We mean that.
Muna was built for women navigating reproductive health in a political climate where that data can feel dangerous. Here is exactly what we do and what we will never do with your information.
Our commitments to you
We will never sell your data
Your health information is not a product. We do not sell, trade, or broker your personal data to any third party. Ever.
Your cycle data never touches an ad platform
Period dates, symptoms, and cycle phase have never reached any advertising network, data broker, or targeting platform. And they never will.
Analytics see patterns, not your identity
Mixpanel receives anonymised health patterns (e.g. 'cramps logged, severity moderate, menstrual phase'), linked only to a random ID and never to your name or email. This helps us understand what to build. Google Analytics receives only page paths. Neither service can identify you as an individual. Your name, email address, and any directly identifying information never reaches any analytics tool.
Delete everything, instantly
Open Profile > Privacy & Data > Delete All My Data. Your account, health logs, cycle history, and symptoms are permanently removed with no waiting period and no support ticket required.
Export everything you've entered
Your data is yours. Download a complete copy of your cycle logs, symptoms, tasks, and settings at any time from Profile > Privacy & Data > Download My Data.
We will tell you before complying with legal requests
If we receive a subpoena or legal request for your data, we will notify you before complying unless we are legally prohibited from doing so. We will never voluntarily hand over user data.
How we protect your data
Technical protections, in plain language.
Global Privacy Control (GPC) honoured
If your browser sends a GPC opt-out signal, Muna suppresses all analytics scripts automatically. No configuration needed on your end.
Consent logged and timestamped
When you agree to our privacy policy and terms during sign-up, the timestamp is recorded on your account as a permanent record of when consent was given.
No targeted ads, ever
Muna has no advertising model. We do not run ads inside the app. We do not use your data to serve you ads elsewhere. Revenue comes from subscriptions only.
What we store, and why
We collect the minimum needed to make Muna work.
Cycle dates and period logs
To calculate your phase, predict upcoming phases, and personalise your forecast
Symptoms and energy levels
To surface patterns in your data and improve recommendations over time
Tasks and calendar events
To show your schedule alongside your cycle and suggest better timing
Name and email address
To create your account and send your weekly email
Anonymised health patterns
To understand which symptoms are most common by phase and improve the app. Linked to a random ID, never to your name or email.
Your rights
You have these rights regardless of where you live. California and Texas residents have additional protections under CCPA and TDPSA.
To exercise any of these rights, email privacy@usemuna.com. We respond within 45 days.
What we can't promise
We believe in honesty over reassuring language. There are things outside our control that you should know.
US jurisdiction
Muna's infrastructure is currently hosted in the United States. This means data stored on our servers is subject to US law, including valid court orders. We will notify you before complying where legally permitted, but we cannot refuse a valid legal order.
Third-party infrastructure
Your data is stored with Base44, our application platform. While we have agreements in place requiring them to protect your data, we cannot independently control their practices. We are actively evaluating EU-hosted alternatives.
No guarantees against breaches
We use industry-standard security practices and encryption. But no system is perfectly immune. If a breach ever affected your data, we would notify you promptly.
Questions about your data?
Email us directly. Diamond reads every email and responds personally.