Privacy Policy — PMS Reminder

Last updated: 8 June 2026

This Privacy Policy explains how Milan Bojić PR Računarsko programiranje BinduDevelopment Beograd ("BinduDevelopment", "we", "us", or "our") handles information in connection with the PMS Reminder mobile application (the "App") available on the Apple App Store.

We designed PMS Reminder to be private by default. The information that defines how you use the App — including any cycle dates, symptoms, partner's name, and AI-generated tips — stays on your device and is never transmitted to us or any third party.

1. Summary at a glance

• What stays on your device: cycle dates, symptoms, partner's name, onboarding inputs, AI-generated tips.
• What we collect: anonymous diagnostics and product-interaction analytics through Firebase, and subscription receipts through RevenueCat. None of this is linked to your identity.
• What we never collect: your name, email, phone number, contact list, location, data from Apple Health, or any identifier that allows us to identify you personally.
• No account required: you can use the App, including a subscription, without registering with us.
• AI runs on your device: tips are generated locally using Apple's on-device Foundation Models. Your inputs never leave your device for AI generation.

2. About us

BinduDevelopment is a software development sole proprietorship registered in Belgrade, Serbia.

• Registered name: Milan Bojić PR Računarsko programiranje BinduDevelopment Beograd
• Registered address: Ljubomira Stojanovića 30, 11060 Beograd (Palilula), Serbia
• Tax Identification Number (PIB): 111640820
• Company Number (MB): 65560437
• D-U-N-S Number: 680726443
• Contact email: contact@bindudevelopment.com

We are the data controller for any personal information described in this Privacy Policy.

3. Data that stays on your device

The following information is stored locally on your device using Apple's SwiftData framework. We never receive or have access to it:

• Cycle dates you log (period start, end, recorded symptoms)
• Optional partner's name and the cycle settings you configure on their behalf
• Onboarding inputs (e.g., partner's typical cycle length, content tone preference)
• AI-generated tips and any content surfaced in the Dashboard, Insights, or notifications

If you delete the App, this data is removed from your device. There is no cloud copy.

4. AI generation

Daily Tips, Milestones, and other generated content are produced on your device using Apple's on-device Foundation Models framework. The text of your inputs is processed locally; we do not send your inputs to any server for AI generation. There is no cloud AI involved.

5. Data we collect from your device

The following information is sent off your device to service providers we use. It is not linked to your identity, and we cannot use it to contact you.

Firebase Analytics (provided by Google)

• What: anonymous product-interaction events (which screens are viewed, which features are used, anonymous device model and OS version).
• Identifier: Apple's Identifier for Vendors (IDFV). This identifier is reset if you delete and reinstall the App.
• Why: to understand which features are used.
• Legal basis (GDPR): legitimate interest in maintaining and improving the App.

Firebase Crashlytics (provided by Google)

• What: anonymous crash reports including the stack trace and basic device/OS metadata at the time of the crash.
• Why: to diagnose and fix crashes.
• Legal basis (GDPR): legitimate interest in providing a stable App.

Firebase Performance Monitoring (provided by Google)

• What: anonymous performance metrics such as App start-up time and network response time for our own service calls.
• Why: to identify performance regressions.
• Legal basis (GDPR): legitimate interest in providing a performant App.

Firebase Remote Config (provided by Google)

• What: an anonymous bucket assignment that determines which variant of the paywall you see.
• Why: to evaluate which paywall presentation is most useful to users.
• Legal basis (GDPR): legitimate interest in optimizing the App.

RevenueCat

• What: the App Store subscription receipt and an anonymous app-user identifier generated on first launch. RevenueCat relays the receipt to Apple to confirm your subscription status.
• Why: to grant and verify access to premium features.
• Legal basis (GDPR): performance of the subscription contract you entered into when you purchased a subscription.

For each provider, please refer to their own privacy policies:

• Google (Firebase): https://firebase.google.com/support/privacy
• RevenueCat: https://www.revenuecat.com/privacy

6. Payments

All purchases — Monthly, Yearly (including any free trial), and Lifetime — are processed by Apple through the App Store. We never receive your payment card details, billing address, or Apple ID. Apple shares with us only an anonymous subscription status (active / not active / billing problem).

7. What we never collect

We do not collect:

• Your name, email address, phone number, or any other contact information
• Your contacts, calendars, photos, microphone or camera input
• Precise or coarse location
• Data from Apple Health or HealthKit
• Any identifier suitable for cross-app or cross-site tracking, including the Identifier for Advertisers (IDFA)
• Browsing history outside the App
• Sensitive special-category data within the meaning of GDPR Article 9

We do not engage in cross-app or cross-site tracking as defined by Apple's App Tracking Transparency framework. The App does not display the App Tracking Transparency prompt.

8. Children

PMS Reminder is not directed to children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect any information from children. If you believe a child has provided information to us through the App, contact us at contact@bindudevelopment.com and we will take appropriate action.

9. International transfers

Firebase services and RevenueCat may process the limited data described above on servers located outside the European Economic Area, including in the United States. These transfers are protected by the providers' Standard Contractual Clauses with the European Commission and, where applicable, supplementary safeguards.

10. Data retention

• Data on your device: retained until you delete it from within the App or delete the App itself.
• Analytics and diagnostics data: retained by Google in accordance with Firebase's default retention settings (up to 14 months).
• Subscription receipts at RevenueCat: retained as long as your subscription is active, plus a reasonable period after for billing reconciliation, in accordance with RevenueCat's retention policy.

11. Security

Data on your device is protected by iOS's standard application sandboxing and, when your device is locked, by the device's file-system encryption. Data in transit to Firebase and RevenueCat is encrypted using TLS.

No system is perfectly secure, but we have designed the App so that the most sensitive data — your cycle history and partner information — never leaves your device.

12. Your rights

Under the EU General Data Protection Regulation (GDPR) and the Serbian Law on Personal Data Protection (Zakon o zaštiti podataka o ličnosti), you have the right to:

• Request a copy of any personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data ("right to be forgotten")
• Object to processing or withdraw your consent
• Lodge a complaint with a supervisory authority (in Serbia, the Commissioner for Information of Public Importance and Personal Data Protection; in the EU, your national data protection authority)

Because we do not collect data that identifies you personally, we generally cannot link a request to you. The most effective way to exercise your right to deletion is to delete the App from your device, which removes all on-device data. To request deletion of any limited diagnostic data associated with your anonymous identifiers, contact contact@bindudevelopment.com — note that we may be unable to locate it without additional information from you.

13. California residents

We do not sell or share personal information as those terms are defined by the California Consumer Privacy Act (CCPA). California residents have rights to know, delete, and correct, exercisable through the same contact channel below.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects when the most recent change took effect. Material changes will be highlighted within the App where reasonably possible.

15. Contact

If you have questions about this Privacy Policy or wish to exercise any of your rights:

Milan Bojić PR Računarsko programiranje BinduDevelopment Beograd
Ljubomira Stojanovića 30
11060 Beograd (Palilula), Serbia
Email: contact@bindudevelopment.com