How We Handle Your Data

Transparency about what we collect, how we use it, and how you stay in control.

Built Different

Romy is purpose-built for women's health — not a generic AI with a health skin. This means every design decision prioritizes your safety and privacy.

  • No data selling. Your health data is never sold, licensed, or shared with advertisers.
  • No model training on your data. Your personal conversations are not used to train AI models.
  • Research data is always anonymized. We may use anonymized, aggregate data for research — your identity is never connected to it.

What We Collect → Process → Share

Collect

  • Chat messages
  • Health logs you enter
  • Profile info (age, conditions)
  • Community posts
  • Basic usage analytics

Process

  • AI generates responses
  • Patterns detected from logs
  • Long-term memory summaries
  • Artifact generation
  • Community insights (aggregated)

Share

  • Google Gemini (for AI responses)
  • Anonymized research (always anonymized)
  • Nothing else.

How Long We Keep Things

  • Uploaded images: 48 hours. When you share a photo (lab result, prescription, etc.) in chat, the raw image is auto-deleted after 48 hours. Anything Romy extracted — lab values, medications, treatments — is saved separately to your health record and stays as long as you want it to. We delete the raw images on purpose: less stored data about your body, your labs, and your prescriptions means less to lose.
  • Chat messages, health logs, treatments, labs: kept as long as your account is active. Deleting your account removes them.
  • Anonymized research data: persists across account deletion (your identity isn't in it), but only research consent participants are ever included.

Your Controls

You have full control over your data at all times.

View, Download, or Delete Your Data

See everything we store and take action

Delete Your Account

Permanently remove your account and all data

Technical Safeguards

  • Firebase Auth — secure Google OAuth and email/password authentication
  • Firestore Security Rules — server-enforced access control ensures you can only read your own data
  • App Check — protects API endpoints from unauthorized access and bots
  • Anonymization — research data is hashed and stripped of personally identifiable information
  • HTTPS Everywhere — all data in transit is encrypted via TLS

Questions?

Read our full Privacy Policy for legal details, or reach out at hello@romyhealth.co.

We use cookies for authentication and to improve your experience. Learn more