Light in your fertility journey

PRIVACY POLICY
Nour Health Limited

Last updated: 06 January 2026

1. Introduction

This Privacy Policy describes how Nour Health Limited, a company incorporated in England and Wales ("Nour Health", "we", "us", "our"), collects, uses, stores, shares, and protects personal data in connection with the Nour Fertility mobile application and any related services, features, or content we provide (collectively, the "Service").

Nour Health is the data controller responsible for your personal data for the purposes of applicable data protection legislation, including the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (together, "Data Protection Law").

We are committed to protecting your privacy and handling your personal data transparently and lawfully. Given the sensitive nature of fertility and health information, we take particular care to ensure that such data is processed securely and only for the purposes set out in this Policy.

By creating an account and using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service.

2. Definitions

In this Privacy Policy:

"Personal data" means any information relating to an identified or identifiable natural person.

"Special category data" means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, or data concerning a person's sex life or sexual orientation.

"Processing" means any operation performed on personal data, including collection, storage, use, disclosure, and deletion.

3. Personal Data We Collect

We collect and process the following categories of personal data:

3.1. Account and Identity Data
Information necessary to create and maintain your account:

• Email address
• Display name (if provided)
• Google account identifier and associated profile information (when authenticating via Google Sign-In)
• Account preferences and settings

3.2. Health and Fertility Data
Information you voluntarily provide through your use of the Service's tracking features:

• Menstrual cycle dates, duration, and regularity
• Ovulation indicators and fertile window data
• Basal body temperature readings
• Physical symptoms, moods, and other indicators you choose to log
• Fertility treatment information (if provided)
• Notes and annotations you add to your records
• Any other health-related information you input into the Service

This data constitutes special category personal data under UK GDPR because it relates to your physical health and reproductive health. We process this data only with your explicit consent.

3.3. Technical and Device Data
Information collected automatically when you access the Service:

• Device type, model, and manufacturer
• Operating system and version
• Unique device identifiers
• IP address and approximate location (country/region level only)
• App version and build number
• Language and timezone settings

3.4. Usage and Analytics Data
Information about how you interact with the Service:

• Features accessed and frequency of use
• Session duration and timestamps
• Navigation paths within the Service
• Performance metrics and load times

3.5. Diagnostic Data
Information collected to maintain and improve Service stability:

• Crash reports and error logs
• Performance diagnostics
• Technical debugging information

4. How We Collect Personal Data

We collect personal data through the following means:

4.1. Information You Provide Directly
When you create an account, input fertility tracking data, adjust settings, or communicate with us.

4.2. Information Collected Automatically
When you use the Service, we automatically collect technical, usage, and diagnostic data through Firebase Analytics and Firebase Crashlytics.

4.3. Information from Third Parties
When you authenticate using Google Sign-In, we receive your basic profile information (name, email address, profile identifier) from Google in accordance with the permissions you grant.

5. Lawful Basis for Processing

Under Data Protection Law, we must have a valid legal basis to process your personal data. The bases we rely upon are:

Account and identity data: Performance of contract. Necessary to create your account and provide the Service.

Health and fertility data: Explicit consent. You provide affirmative consent when you input this data; special category data requires explicit consent under Article 9 UK GDPR.

Technical and device data: Legitimate interests. Necessary to ensure compatibility, security, and proper functioning of the Service.

Usage and analytics data: Legitimate interests. Necessary to understand how the Service is used and to make improvements.

Diagnostic data: Legitimate interests. Necessary to identify and resolve technical issues.

Legitimate Interests Assessment
Where we rely on legitimate interests, we have conducted a balancing assessment to ensure that our interests do not override your fundamental rights and freedoms. Our legitimate interests include operating, maintaining, and improving the Service; ensuring security and preventing fraud; and understanding user behaviour to enhance user experience.

Your Right to Withdraw Consent
Where processing is based on consent, you may withdraw that consent at any time by deleting your account or contacting us. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.

6. Purposes of Processing

We process your personal data for the following purposes:

6.1. Service Provision

• To create and manage your account
• To authenticate your identity
• To provide fertility tracking functionality and display your logged data
• To save your preferences and settings
• To enable you to access the Service across sessions

6.2. Service Improvement

• To analyse usage patterns and understand how users interact with the Service
• To identify and fix bugs, errors, and performance issues
• To develop new features and enhance existing functionality
• To conduct internal research and analytics

6.3. Security and Integrity

• To protect against unauthorised access, fraud, and abuse
• To maintain the security and integrity of our systems
• To detect, investigate, and prevent activities that violate our Terms of Service

6.4. Legal Compliance

• To comply with applicable laws, regulations, and legal processes
• To respond to lawful requests from public authorities
• To establish, exercise, or defend legal claims

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

7. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data.

We share personal data only in the following circumstances:

7.1. Service Providers and Processors
We engage third-party service providers who process personal data on our behalf to support our operations. These providers are contractually bound to process data only as instructed by us and to maintain appropriate security measures.

Provider: Google LLC (Firebase Authentication). Service: User authentication. Data processed: Account identifiers, email. Location: United States.

Provider: Google LLC (Firebase Firestore). Service: Database hosting. Data processed: All user data. Location: United States.

Provider: Google LLC (Firebase Analytics). Service: Usage analytics. Data processed: Technical and usage data. Location: United States.

Provider: Google LLC (Firebase Crashlytics). Service: Crash reporting. Data processed: Diagnostic data, device information. Location: United States.

Google processes data under a Data Processing Agreement that incorporates Standard Contractual Clauses and other appropriate safeguards.

7.2. Legal Obligations and Protection of Rights
We may disclose personal data where required by law, regulation, legal process, or governmental request, or where we believe disclosure is necessary to:

• Comply with applicable law or respond to valid legal process
• Protect the rights, property, or safety of Nour Health, our users, or others
• Detect, prevent, or address fraud, security, or technical issues
• Enforce our Terms of Service

7.3. Business Transfers
In the event of a merger, acquisition, reorganisation, sale of assets, or bankruptcy, personal data may be transferred to the successor entity. We will notify you of any such transfer and any choices you may have regarding your data.

8. International Data Transfers

Your personal data is transferred to, and processed in, the United States by Google LLC, which provides our cloud infrastructure and backend services.

The United States is not subject to an adequacy decision by the UK Government. Accordingly, we ensure that such transfers are protected by appropriate safeguards, including:

• EU-US Data Privacy Framework: Google LLC is certified under the EU-US Data Privacy Framework, which has been recognised as providing adequate protection for personal data transferred from the UK.
• Standard Contractual Clauses: Our agreement with Google incorporates the UK International Data Transfer Addendum to the European Commission's Standard Contractual Clauses, as approved by the UK Information Commissioner's Office.

You may request a copy of the relevant safeguards by contacting us at the details provided below.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted by law.

Account and identity data: Duration of account plus 30 days following deletion.

Health and fertility data: Duration of account plus 30 days following deletion.

Technical and device data: 12 months from collection.

Usage and analytics data: 14 months from collection (Firebase Analytics default).

Diagnostic data: 90 days from collection.

Account Deletion
When you delete your account:

• We initiate deletion of your account data and health/fertility data within 30 days
• Certain data may be retained in backup systems for a limited period before being permanently purged
• Anonymised or aggregated data that cannot reasonably be used to identify you may be retained indefinitely for analytical and research purposes
• Data we are required to retain for legal, regulatory, or compliance purposes will be retained for the applicable statutory period

10. Data Security

We implement robust technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction.

Technical Measures

• Encryption of data in transit using TLS 1.2 or higher
• Encryption of data at rest using AES-256 or equivalent
• Secure authentication via Google Sign-In with OAuth 2.0
• Regular security assessments and vulnerability testing
• Secure development practices and code review

Organisational Measures

• Access to personal data restricted to authorised personnel on a need-to-know basis
• Confidentiality obligations for all personnel with access to personal data
• Incident response procedures to address potential data breaches
• Regular review and updating of security policies

Limitations
Despite our efforts, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, and you acknowledge that you provide personal data at your own risk.

In the event of a personal data breach that poses a high risk to your rights and freedoms, we will notify you without undue delay in accordance with Data Protection Law.

11. Your Data Protection Rights

Under Data Protection Law, you have the following rights in relation to your personal data:

Right of Access
You have the right to request confirmation of whether we process your personal data and, if so, to request a copy of that data along with supplementary information about how it is processed.

Right to Rectification
You have the right to request that we correct any inaccurate personal data and complete any incomplete personal data.

Right to Erasure
You have the right to request deletion of your personal data in certain circumstances, including where the data is no longer necessary for the purposes for which it was collected or where you withdraw consent.

Right to Restriction
You have the right to request that we restrict processing of your personal data in certain circumstances, such as where you contest the accuracy of the data or object to processing based on legitimate interests.

Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where processing is based on consent or contract and carried out by automated means.

Right to Object
You have the right to object to processing of your personal data based on legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

Right to Withdraw Consent
Where we process your personal data based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.

How to Exercise Your Rights
To exercise any of these rights, please contact us at support@nourfertility.com. We will respond to your request within one month. If your request is complex or we receive a high volume of requests, we may extend this period by a further two months, in which case we will notify you.

We may request verification of your identity before processing your request to ensure that personal data is not disclosed to unauthorised persons.

Right to Complain
If you are dissatisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with the UK Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
United Kingdom
Website: ico.org.uk
Telephone: 0303 123 1113

12. Children's Privacy

The Service is intended solely for individuals aged 18 years and over. We do not knowingly collect, solicit, or process personal data from anyone under the age of 18.

If we become aware that we have collected personal data from a child under 18, we will take prompt steps to delete such data from our systems. If you believe we may have collected data from a child, please contact us immediately at support@nourfertility.com.

13. Third-Party Links and Services

The Service may contain links to third-party websites, applications, or services that are not operated or controlled by us. This Privacy Policy does not apply to such third-party services.

We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you access.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

If we make material changes, we will provide notice through the Service or by other means prior to the changes taking effect, giving you the opportunity to review the revised policy.

The "Last updated" date at the top of this Privacy Policy indicates when it was most recently revised. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Nour Health Limited
Email: support@nourfertility.com

We aim to respond to all enquiries within a reasonable timeframe.

16. Additional Information for Specific Jurisdictions

This Privacy Policy is intended to comply with UK Data Protection Law. If you are accessing the Service from outside the United Kingdom, please be aware that your personal data will be transferred to and processed in the United Kingdom and the United States. By using the Service, you consent to such transfer and processing.

TERMS OF SERVICE
Nour Health Limited

Last updated: 06 January 2026

1. Introduction

These Terms of Service ("Terms") govern your access to and use of the Nour Fertility mobile application and associated services (the "Service") operated by Nour Health Limited, a company incorporated in England and Wales ("we", "us", "our").

By creating an account or using the Service, you confirm that you accept these Terms and agree to comply with them. If you do not agree, you must not use the Service.

2. Eligibility

The Service is intended for users aged 18 and over. By using the Service, you represent and warrant that you are at least 18 years old. We reserve the right to terminate accounts where we reasonably believe this requirement has not been met.

3. Account Registration

3.1. You must create an account to use the Service. You agree to provide accurate, current, and complete information during registration and to keep this information up to date.

3.2. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You must notify us immediately at support@nourfertility.com if you become aware of any unauthorised access to your account.

3.3. We reserve the right to suspend or terminate your account at our discretion if we reasonably believe you have breached these Terms.

4. The Service

4.1. Nour Fertility provides fertility tracking, educational content, and informational resources including a directory of fertility clinics.

4.2. The Service is provided free of charge. We reserve the right to introduce paid features in the future, which will be subject to separate terms and pricing disclosed at that time.

5. Important Medical Disclaimer

5.1. The Service is provided for informational and educational purposes only. It does not constitute medical advice, diagnosis, or treatment.

5.2. The Service is not a substitute for professional medical advice, examination, diagnosis, or treatment. Always seek the advice of a qualified healthcare provider with any questions you may have regarding a medical condition or treatment.

5.3. Never disregard professional medical advice or delay seeking it because of information you have accessed through the Service.

5.4. The inclusion of any clinic in our directory does not constitute an endorsement or recommendation of that clinic. We do not verify the credentials, qualifications, or quality of care provided by any listed clinic. You are solely responsible for conducting your own due diligence before engaging any healthcare provider.

5.5. Fertility tracking features are intended to help you monitor patterns and do not predict, guarantee, or prevent pregnancy. They should not be relied upon for contraceptive purposes or as a substitute for medical fertility assessment.

6. Intellectual Property

6.1. All content, features, and functionality of the Service - including but not limited to text, graphics, logos, icons, images, software, and the compilation thereof - are the exclusive property of Nour Health Limited or its licensors and are protected by United Kingdom and international copyright, trademark, and other intellectual property laws.

6.2. We grant you a limited, non-exclusive, non-transferable, revocable licence to access and use the Service for your personal, non-commercial use, subject to these Terms.

6.3. You must not reproduce, distribute, modify, create derivative works of, publicly display, republish, download, store, or transmit any content from the Service without our prior written consent, except as incidental to normal use of the Service.

7. Prohibited Conduct

You agree not to:

• (a) use the Service for any unlawful purpose or in violation of any applicable law or regulation;
• (b) attempt to gain unauthorised access to any part of the Service, other accounts, or any systems or networks connected to the Service;
• (c) use any automated means to access the Service or collect data from it;
• (d) interfere with or disrupt the integrity or performance of the Service;
• (e) impersonate any person or entity or misrepresent your affiliation with any person or entity;
• (f) reverse engineer, decompile, or disassemble any part of the Service; or
• (g) use the Service in any manner that could damage, disable, overburden, or impair it.

8. Privacy

Your use of the Service is also governed by our Privacy Policy, available on this website. By using the Service, you consent to the collection and use of your information as described in the Privacy Policy.

9. Third-Party Content and Links

The Service may contain links to third-party websites, resources, or services. We provide these links for convenience only and do not endorse or assume responsibility for the content, accuracy, or practices of any third-party sites. Your use of third-party services is at your own risk and subject to their terms and policies.

10. Disclaimer of Warranties

10.1. The Service is provided on an "as is" and "as available" basis without warranties of any kind, whether express or implied.

10.2. To the fullest extent permitted by law, we disclaim all warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

10.3. We do not warrant that the Service will be uninterrupted, error-free, secure, or free of viruses or other harmful components.

10.4. Nothing in these Terms excludes or limits any warranty implied by law that it would be unlawful to exclude or limit.

11. Limitation of Liability

11.1. To the fullest extent permitted by applicable law, Nour Health Limited and its directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits, revenue, data, or goodwill, arising out of or in connection with your use of or inability to use the Service.

11.2. Our total aggregate liability to you for any claims arising out of or relating to these Terms or the Service shall not exceed GBP 100.

11.3. Nothing in these Terms excludes or limits our liability for death or personal injury caused by our negligence, fraud or fraudulent misrepresentation, or any other liability that cannot be excluded or limited under applicable law.

12. Indemnification

You agree to indemnify, defend, and hold harmless Nour Health Limited, its directors, employees, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in any way connected with your access to or use of the Service or your breach of these Terms.

13. Modifications to the Service and Terms

13.1. We reserve the right to modify, suspend, or discontinue the Service (or any part thereof) at any time, with or without notice.

13.2. We may revise these Terms from time to time. The most current version will always be available within the Service. If we make material changes, we will notify you by email or through the Service prior to the changes taking effect. Your continued use of the Service after such changes constitutes your acceptance of the revised Terms.

14. Termination

14.1. You may terminate your account at any time by contacting us at support@nourfertility.com or through the account settings within the Service.

14.2. We may terminate or suspend your access to the Service immediately, without prior notice or liability, for any reason, including if you breach these Terms.

14.3. Upon termination, your right to use the Service will cease immediately. Provisions of these Terms that by their nature should survive termination shall survive, including but not limited to intellectual property, disclaimers, limitations of liability, and indemnification.

15. Governing Law and Jurisdiction

15.1. These Terms shall be governed by and construed in accordance with the laws of England and Wales.

15.2. Any disputes arising out of or in connection with these Terms or the Service shall be subject to the exclusive jurisdiction of the courts of England and Wales.

16. General Provisions

16.1. Entire Agreement. These Terms, together with the Privacy Policy, constitute the entire agreement between you and Nour Health Limited regarding the Service and supersede all prior agreements and understandings.

16.2. Severability. If any provision of these Terms is found to be invalid or unenforceable, that provision shall be limited or eliminated to the minimum extent necessary, and the remaining provisions shall remain in full force and effect.

16.3. Waiver. Our failure to enforce any right or provision of these Terms shall not constitute a waiver of such right or provision.

16.4. Assignment. You may not assign or transfer these Terms or any rights or obligations hereunder without our prior written consent. We may assign these Terms without restriction.

17. Contact

If you have questions about these Terms, please contact us at support@nourfertility.com.