The short version: MidTide collects the minimum data needed to match you with peers, track your symptoms, and let you chat. We never sell your data. You can delete your account and all your data at any time from inside the app.
Who we are
MidTide is operated by Phoenix TMS LLC, a company registered in Wyoming, United States.
Phoenix TMS LLC
1021 E Lincoln Way, Suite 413A #5823
Cheyenne, WY 82001
United States
When we say "MidTide," "we," "us," or "our," we mean Phoenix TMS LLC.
If you have questions about this policy, contact us at bea@mid-tide.app.
What data we collect
When you use MidTide, we collect the following:
- Account information: your email address and password (password is managed by Firebase Authentication and we never see or store it in plain text).
- Profile information: the name, age, country, perimenopause stage, symptoms, goals, and optional profile photo you provide during setup.
- Check-in data: daily mood, energy, sleep, activity level, symptoms, period tracking (if enabled), caffeine and alcohol intake, and any notes you enter.
- Medications and supplements: names, dosages, and frequencies you choose to track.
- Messages: text messages, images, and reactions you send in private conversations and community rooms.
- Feedback and bug reports: anything you submit through the in-app feedback form.
- Device information: your device platform (iOS or Android), OS version, app version, and push notification token (if you enable notifications).
What we do NOT collect
- We do not use analytics trackers, advertising SDKs, or third-party tracking pixels.
- We do not collect your precise location. Country is self-reported during signup.
- We do not collect data from other apps on your device.
Third-party services
MidTide uses the following third-party services to operate:
- Google Firebase (Firestore, Firebase Authentication): stores your account and app data. Firebase infrastructure complies with SOC 1, SOC 2, SOC 3, and ISO 27001 standards. See Google's privacy policy.
- Expo Push Notification Service: relays your device's push token to Apple (APNs) or Google (FCM) to deliver notifications. Expo does not store your message content.
- RevenueCat: processes subscription status for paid features. RevenueCat receives your anonymous app user ID, subscription status, and purchase receipts from Apple or Google. It does not receive your name, email, or health data. See RevenueCat's privacy policy.
- Google Fonts: our website loads fonts from Google's servers. When you visit mid-tide.app, your browser sends your IP address to Google to retrieve font files. We are working to self-host these fonts to eliminate this data transfer.
We do not use cookies on our website beyond what is strictly necessary for it to function.
How we use your data
We use your data to:
- Run the app: match you with peers based on your symptoms, stage, and goals; display your check-in trends and patterns on your dashboard; enable messaging with your connections.
- Send notifications: check-in reminders (which you schedule), and alerts when someone messages you or sends a connection request (if you enable push notifications).
- Improve MidTide: we may query aggregate statistics such as total check-ins per day, most common symptoms, and feature usage counts. We do not read individual check-ins, messages, or profile information for analytics purposes.
- Generate your doctor report: the "Export for Doctor" PDF is generated entirely on your device. It is not sent to our servers.
- Process subscriptions: we use RevenueCat to verify your subscription status so we can unlock paid features. Payment processing is handled entirely by Apple (App Store) or Google (Google Play). We never see or store your credit card or payment details.
Health data and consent
MidTide collects health-related information including symptoms, mood, medications, and period data. Under GDPR, this qualifies as special category data (Article 9).
When you first set up your MidTide account, we ask for your explicit consent to collect and process this health data. You can withdraw consent at any time by deleting your account in Settings. Because health tracking is the core function of MidTide, withdrawing consent means the app cannot provide its services to you.
We treat all health data as sensitive. It is stored securely and only used to provide the app's features to you. We do not share your health data with third parties, insurers, employers, or advertisers.
MidTide is a peer-support and self-tracking tool. It is not a medical device and does not provide medical advice, diagnoses, or treatment.
Where your data is stored
Your data is stored in Google Firebase (Firestore and Firebase Authentication), hosted on Google Cloud servers in the United States. Data may be processed in the United States regardless of where you are located.
Who can see your data
- Other users can see your display name, avatar, age range, country, perimenopause stage, symptoms, and goals. This is what powers peer matching. They can also see messages you send them directly or post in community rooms.
- MidTide team can access data through the Firebase Console for the purpose of providing support, fixing bugs, and moderating community rooms.
- No one else. We do not sell, rent, or share your personal data with third parties for their own purposes.
Data retention
We keep your data for as long as your account is active. If you delete your account (via the "Delete Account" button in Settings), we delete your profile, check-ins, messages, medications, and all associated data from our systems. Some data may persist in encrypted backups for up to 30 days after deletion, after which it is permanently removed.
If your paid subscription lapses, your account and data remain intact. You can continue using free features. Paid features become unavailable until you resubscribe, but no data is deleted.
Your rights
Regardless of where you live, you can:
- Access your data: your check-ins, profile, and medications are all visible in the app. You can export your medication and symptom data as a PDF.
- Correct your data: edit your profile, symptoms, and goals at any time from the Edit Profile screen.
- Delete your data: use the "Delete Account" button in Settings to permanently remove your account and all associated data. This option is always available, whether you are on a free or paid plan.
- Request a copy: email us at bea@mid-tide.app and we will provide a copy of your data in a standard format within 30 days.
For users in the European Economic Area and UK
If you are in the EEA or UK, the legal basis for processing your data is:
- Contract: processing necessary to provide you with the MidTide service (account, matching, messaging, check-ins).
- Explicit consent: for health-related data (special category data under GDPR Article 9). You provide this consent during account setup. You can withdraw consent at any time by deleting your account.
- Consent: for push notifications. You can withdraw consent at any time by disabling notifications in Settings.
- Legitimate interest: for bug fixing and improving the app, where this does not override your rights.
You have the right to lodge a complaint with your local data protection authority if you believe your data has been mishandled. For UK users, this is the Information Commissioner's Office (ICO). For EU users, contact your national supervisory authority.
Your data is transferred to the United States (where Firebase servers are located). This transfer is necessary to provide the service and is covered under standard contractual clauses maintained by Google as part of Firebase's data processing terms.
For users in California
If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) give you additional rights:
- Right to know: you can request that we disclose what personal information we collect, use, and share about you.
- Right to delete: you can request deletion of your personal information. You can do this directly in the app via Settings > Delete Account, or by emailing us.
- Right to opt out of sale: we do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
- Right to correct: you can request correction of inaccurate personal information via Edit Profile or by emailing us.
- Non-discrimination: we will not treat you differently for exercising your privacy rights.
To make a request, email bea@mid-tide.app. We will verify your identity and respond within 45 calendar days.
Data breach notification
If we become aware of a data breach affecting your personal data, we will notify the relevant authorities as required by law (including within 72 hours for GDPR-regulated breaches) and notify you by email without undue delay if the breach poses a high risk to your rights.
Children
MidTide is designed for adults experiencing perimenopause. You must be at least 18 years old to use MidTide. We verify this through self-certification during signup (the age selection begins at 30). We do not knowingly collect data from anyone under 18. If we learn that a user is under 18, we will delete their account and data.
Changes to this policy
If we make material changes, we will notify you through the app or by email before the changes take effect. Minor clarifications or formatting updates may be made without notice.
Contact
Béa Compagnon, Founder
Phoenix TMS LLC
1021 E Lincoln Way, Suite 413A #5823
Cheyenne, WY 82001, United States
bea@mid-tide.app