Privacy Policy
Last updated: 29 April 2026
1. Who this policy applies to
This Privacy Policy is published by Lunaire Labs Limited ("Lunaire Labs", "we", "us") and covers:
- The Lunaire health trackers (Android, Google Play) — Lunaire: Cycle Tracker, Lunaire: Menopause Tracker, Lunaire: PMDD Tracker, Lunaire: Endo Tracker, Lunaire: Thyroid Tracker, Lunaire: IBS Tracker, Lunaire: Fibro Tracker, Lunaire: POTS Tracker and Lunaire: Lupus Tracker (collectively, the "Lunaire Health Apps").
- The Lunaire accessibility tools (Android, Google Play) — AspectWise (per-app rotation accessibility tool) and LuxKeeper (per-app brightness accessibility tool) (collectively, the "Lunaire Accessibility Tools").
- Visits to lunairelabs.uk and any Lunaire app landing pages hosted on that domain.
Where this policy refers to "the Lunaire Apps" without qualification, it means all of the apps listed above. Where a section applies to only one group, it is clearly marked.
Although Lunaire Labs is established in the United Kingdom and the UK GDPR is the primary regulatory framework for our processing, we make the Lunaire Apps available, and operate the lunairelabs.uk website, to users across the European Economic Area. Where you are located in the EEA, the EU General Data Protection Regulation (Regulation (EU) 2016/679, "EU GDPR") also applies in parallel to the limited processing described in this policy.
2. Data Controller
For the purposes of the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR, where applicable to EEA users) and the Data Protection Act 2018, the data controller is Lunaire Labs Limited, a company registered in England and Wales (company no. 17137604). Lunaire Labs Limited is not VAT-registered. Registered office and other statutory details are publicly available on the Companies House register at Companies House. Contact: .
In practice, because none of our apps collect, receive, or process any personal data on any Lunaire Labs server — and because the lunairelabs.uk website itself retains no access logs or other record of your visit (see Section 12(a)) — the obligations of a data controller in respect of personal data are minimal. All app processing occurs exclusively on your device under your sole control. This policy is provided in the interests of full transparency.
3. Special Category Data — Lunaire Health Apps
The Lunaire Health Apps allow you to enter and track health-related information. Depending on the app, this may include menstrual cycle data, menopause symptoms, HRT and medication logs, food intake, supplement usage, period tracking, pain / flare logs, temperature readings, and weight entries. Under the UK GDPR, health data is classified as "special category data" and is subject to additional protections.
We want to be completely clear: All health data you enter into a Lunaire Health App is stored exclusively in a local SQLite database on your device. This data is never transmitted to any server, cloud service, or third party. We have no technical means to access, read, collect, or retrieve your health data. We have designed the Lunaire Health Apps this way deliberately to provide the highest possible level of privacy protection for your most sensitive personal information.
The Lunaire Accessibility Tools (AspectWise, LuxKeeper) do not handle health data, symptoms, or any other special category data. They store only per-app preference rules (see Section 5).
4. Data We Collect
The Lunaire Apps collect no personal data on any Lunaire Labs server. Specifically:
| Data Type | Collected by us? | Details |
|---|---|---|
| Name, email, address | No | Never requested, never stored |
| Health, menstrual, symptom data | No | Stored locally on your device only (Health Apps); not handled at all (Accessibility Tools) |
| Location / GPS | No | Not requested by any of the Lunaire Apps |
| Device identifiers | No | No hardware IDs, UUIDs, or fingerprints |
| IP address | No | The Lunaire Apps do not contact any Lunaire Labs server |
| Usage / behavioural data | No | No analytics, telemetry, or event tracking |
| Crash reports | No | No crash reporting SDK or service |
| Advertising identifiers | No | No advertising SDK |
| Payment information | No | Handled entirely by Google Play |
| Biometric data | No | Biometric auth (where used) is handled by your device OS, not by us |
5. Data Stored Locally on Your Device
Lunaire Health Apps. The Lunaire Health Apps store the following in a local SQLite database on your device. This data never leaves your phone:
- Symptom logs: Symptom types, severity levels, and any notes you add.
- Food logs: Meal descriptions, meal types, and tags you create.
- Exercise logs: Activity types, intensity levels, and dates.
- Supplement tracking: Supplement names, dosages, frequencies, categories, and adherence records.
- Weight logs: Weight entries, unit preference (kg / lbs), dates, and notes.
- Temperature logs: Body temperature readings and dates.
- Pain / flare logs: Pain intensity levels and dates.
- App settings: Your preferences, including App Lock settings, reminder times, and premium status.
- Favourite meals: Saved meal entries for quick logging.
- Cycle data (where applicable): Period start and end dates, cycle lengths, flow intensity, and BBT readings.
Lunaire Accessibility Tools. AspectWise and LuxKeeper store only the per-app preference rules you configure, in Android's local SharedPreferences storage on your device. This data never leaves your phone:
- AspectWise: The list of apps you have set rotation rules for, and the rotation orientation chosen for each (e.g. "Google Maps → Landscape").
- LuxKeeper: The list of apps you have set brightness rules for, and the brightness percentage chosen for each (e.g. "Kindle → 30%").
- Premium status: A local flag indicating whether Premium has been unlocked via Google Play Billing.
6. Network Communication
The Lunaire Apps make no network requests for user data. The apps do not connect to any Lunaire Labs server, API, cloud service, or remote database. The only network activity that may occur is:
- External article links (Health Apps only): If you tap a link to a health information article, your device's default browser will open that URL.
- Google Play Billing: If you purchase Premium Features, Google Play handles the transaction. The app communicates with Google Play's billing API solely to verify subscription status.
7. Analytics, Tracking, and Advertising
No Lunaire App includes, integrates, or utilises any of the following:
- Analytics services (e.g., Firebase Analytics, Google Analytics, Mixpanel, Amplitude)
- Crash reporting services (e.g., Firebase Crashlytics, Sentry, Bugsnag)
- Telemetry or usage tracking of any kind
- Advertising networks or ad SDKs
- Social media tracking pixels or widgets
- A / B testing frameworks
- Heat mapping or session recording tools
- Any third-party code that collects or transmits user data
8. Permissions
The Lunaire Apps request only the minimum permissions they need, each used for local functionality only.
(a) Lunaire Health Apps
| Permission | Purpose | Data Transmitted? |
|---|---|---|
| Biometric / Screen Lock | App Lock feature — verifying your identity locally before opening the app | No — handled entirely by Android OS |
| Notifications | Sending locally scheduled daily reminders and (Cycle Tracker) period prediction alerts | No — notifications scheduled and triggered locally |
| Boot Completed | Re-scheduling notification alarms after your device restarts | No |
| Exact Alarm | Ensuring notification reminders fire at the precise time you set | No |
(b) Lunaire Accessibility Tools (AspectWise, LuxKeeper)
| Permission | Purpose | Data Transmitted? |
|---|---|---|
Accessibility Service (BIND_ACCESSIBILITY_SERVICE) | Detecting the single Android event TYPE_WINDOW_STATE_CHANGED — which tells the app you have switched to a new foreground app, so the app's per-app rule (rotation or brightness) can be applied. Configured with canRetrieveWindowContent="false" — the service cannot read screen content, intercept input, or observe taps, scrolls or keyboard entries. | No |
Foreground Service (FOREGROUND_SERVICE / FOREGROUND_SERVICE_SPECIAL_USE) | Keeping the app's accessibility-detection service alive so per-app rules apply reliably even when Android's battery optimiser would otherwise stop it. | No |
Notifications (POST_NOTIFICATIONS) | Showing the persistent silent "[App] is active" notification while the foreground service is running (Android requires this to be visible). | No |
Boot Completed (RECEIVE_BOOT_COMPLETED) | Restarting the app's foreground service after your phone reboots so per-app rules continue to apply. | No |
Query All Packages (QUERY_ALL_PACKAGES) (AspectWise only) | Displaying the list of installed apps in the picker so you can choose which app to set a rule for. The list is rendered only on your device. | No |
No permission is used to collect, transmit, or share any personal data with Lunaire Labs. The Accessibility Service permission in particular is configured to be incapable of reading screen content or input.
9. No Account Required
The Lunaire Apps do not require you to create an account, provide an email address, enter a phone number, or sign in with any service (including Google, Facebook, Apple, or any other provider). Every app works entirely without any personal identifier linking usage to you.
10. Data Export (Health Apps only)
Premium users of the Lunaire Health Apps can export their data as a JSON file or PDF report. These files are generated locally on your device and shared using your device's native sharing mechanism (e.g., email, messaging, file manager). Lunaire Labs has no access to exported files at any point. Once a file leaves the app via the sharing mechanism, it is outside the app's control and subject to the privacy practices of whatever service you choose to share it with.
The Lunaire Accessibility Tools do not include an export feature because they store no user-generated content other than per-app preference rules.
11. Third-Party Services
The Lunaire Apps are distributed through the Google Play Store. If you purchase Premium Features, that transaction is processed and managed entirely by Google. Google may collect data in accordance with their own privacy policy. We do not have access to your payment details, Google account information, or any personal data held by Google. Please refer to Google's Privacy Policy for details.
12. Website Visitors
The lunairelabs.uk website is purely informational. It contains no forms, no account creation, no payment processing, and no e-commerce functionality of any kind — its sole purpose is to describe the Lunaire Apps and direct visitors to the Google Play Store, where downloads and any optional Premium purchases are handled entirely by Google. The only personal data processed in connection with your visit is described below.
When you visit the Lunaire Labs Limited website (lunairelabs.uk) or any Lunaire app landing page hosted on that domain, the following applies:
(a) Web Server Logs
We do not retain access logs of your visit. Our web server (nginx) is configured with access_log off for the lunairelabs.uk domain and all aliases, which means no per-request log line — including your IP address, the page you requested, the time of your visit, the referring URL, or your user-agent string — is written to disk for any visit. Routine error events that would normally include client IPs are also discarded (error_log /dev/null crit); only critical-level events such as nginx startup or fatal server errors reach the global error log, and those entries are not associated with any individual visitor.
Because no personal data is collected in connection with your visit, no Article 6 legal basis is required for this processing — there is no processing of personal data to base. Your IP address may transit the server in memory while a TCP connection is open, in the same way it must transit any router between you and the server, but it is not recorded, retained, analysed, profiled, shared, or used for any purpose.
Hosting provider. The lunairelabs.uk website is hosted by Hostinger International Ltd on a virtual private server currently located in Manchester, United Kingdom. Hostinger does not receive any personal data from us in connection with your visit, because we collect none. Hostinger's own infrastructure logging (e.g. firewall, DDoS protection) is governed by their privacy policy and is outside our control.
(b) Fonts
Fonts used on our websites (Inter and Marcellus) are self-hosted by Lunaire Labs and served from the same domain as the rest of the site. No third-party font CDN is contacted. Our apps themselves do not load fonts from Google or make any third-party font requests.
(c) External Images
Our marketing pages may display the official "Get it on Google Play" badge image loaded from Google (play.google.com). When your browser requests that image, your IP address may be logged by Google in accordance with Google's Privacy Policy.
(d) Cookies and Tracking
Our websites do not use cookies, local storage, session storage, or any other browser-based tracking mechanism. No consent banner is displayed because none is required.
(e) No Analytics or Advertising
Our websites do not use any analytics services (e.g., Google Analytics), advertising networks, social media tracking pixels, heat mapping tools, A / B testing frameworks, or any other form of visitor tracking or behavioural profiling.
13. Screen Security (Lunaire Health Apps)
The Lunaire Health Apps implement FLAG_SECURE on Android, which prevents the app's content from appearing in screenshots, screen recordings, and the recent apps switcher. This provides an additional layer of privacy protection for your health data. The Lunaire Accessibility Tools do not use FLAG_SECURE because they do not display sensitive personal data.
14. Children's Privacy
The Lunaire Apps are not directed at children. The minimum age of use matches Google Play's minimum-age policy for the territory (13 in the United Kingdom, per s.9 Data Protection Act 2018). Users in EU jurisdictions where the age of consent for information-society services under Article 8 UK/EU GDPR is set higher (up to 16) must meet that local minimum. We do not knowingly collect any personal data from any person, including children. Since the apps collect no data at all on our side, no age-verification mechanism is necessary. If you believe that a child has somehow provided personal data to us, please contact us at .
15. Your Rights Under UK GDPR and EU GDPR
Under the UK GDPR, the EU GDPR (where you are located in the EEA) and the Data Protection Act 2018, you have the following rights:
- Right of access — to request a copy of personal data we hold about you.
- Right to rectification — to have inaccurate personal data corrected.
- Right to erasure — to request deletion of your personal data.
- Right to restrict processing — to request that we limit how we use your data.
- Right to data portability — to receive your data in a structured, machine-readable format.
- Right to object — to object to certain types of processing.
- Rights related to automated decision-making — the right not to be subject to decisions based solely on automated processing.
In practice, these rights have little to act on because Lunaire Labs does not collect, receive, or hold any personal data from you. The Lunaire Apps do not transmit any personal data to Lunaire Labs — all your app data is under your sole control on your device and can be removed using the app's delete features (Health Apps) or by uninstalling the app. The lunairelabs.uk website does not retain access logs or any other record of your visit, as described in Section 12(a). If you nonetheless wish to make a formal data-protection request, email with "Data request" in the subject and we will respond within one month as required by Article 12(3) UK GDPR / EU GDPR.
16. Data Deletion
Since all data is stored locally on your device, you have complete and sole control over it at all times. You can delete everything a Lunaire app has stored by:
- Using your device's Settings → Apps → [app name] → Clear Data (or Clear Storage).
- Uninstalling the app (which removes all associated data).
We cannot delete your data for you because we do not have it and have never had it.
17. Data Security
Because our apps store their data locally and do not transmit personal data, the security of that data is determined by the security measures on your own device (e.g., screen lock, device encryption, biometric authentication). The Lunaire Health Apps additionally use FLAG_SECURE and an optional biometric App Lock for extra protection. The Lunaire Accessibility Tools do not store sensitive personal data, so the same in-app protections are not needed. We recommend keeping your device's operating system and security patches up to date.
18. Data Breach Notification
Because we do not collect, process, or store personal data on any server or cloud service — not even web-visit logs — a data breach originating from our systems is not possible in the usual sense. We have no databases, cloud storage, or back-office systems holding personal data that could be compromised. In the extremely unlikely event that we become aware of any security incident affecting any aspect of our operations, we will promptly assess the situation and, if required by applicable law, notify affected individuals and the Information Commissioner's Office (ICO) within the timeframes prescribed by the UK GDPR.
19. International Data Transfers
Lunaire Labs does not transfer personal data internationally or otherwise, because we do not collect personal data. The Lunaire Apps store all data exclusively on your device in the country where you use it. The lunairelabs.uk website retains no access logs or other record of your visit. As a matter of factual disclosure, the web server itself is currently operated by Hostinger International Ltd from a data centre in Manchester, United Kingdom (see Section 12(a)).
20. Legal Basis for Processing
Under Article 6 of the UK GDPR / EU GDPR, any processing of personal data requires a legal basis. Under Article 9, processing of special category data (including health data) requires an additional condition to be met. Because Lunaire Labs does not collect or process any personal data — including health data, including IP addresses or other web-visit data — on any server or remote system, no Article 6 legal basis and no Article 9 special category condition is required on our part. All app processing occurs locally on your device under your sole control. This section is included for completeness and transparency.
21. Complaints
If you have any concerns about how your data is handled, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Phone: 0303 123 1113
- Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
If you are located in the European Economic Area, you may also lodge a complaint with the data protection supervisory authority of your country of habitual residence, your place of work, or the place of an alleged infringement, in accordance with Article 77 EU GDPR. A list of EEA supervisory authorities is maintained by the European Data Protection Board at edpb.europa.eu.
We would appreciate the opportunity to address your concerns before you contact a supervisory authority. Please reach out to us first at .
22. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The most current version will always be available at lunairelabs.uk/privacy. Material changes will be indicated by updating the "Last updated" date. Since we do not collect any contact information, we cannot notify you directly; we encourage you to review this page periodically. Significant changes may also be communicated through app update release notes on Google Play.
23. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at: