← Back to Defog

Privacy Policy

Last updated: March 25, 2026

1. Introduction

Defog ("we," "us," "our," or "the app") is a brain fog tracking and wellness app operated by M.J. Nauta. This Privacy Policy explains what data we collect, why we collect it, how we store it, and how you can control it.

By creating an account or using Defog, you consent to the practices described in this policy. If you do not agree, please do not use the app.

2. Data We Collect

2.1 Account Information

When you create an account, we collect:

• Email address
• Name (if provided, for example through Sign in with Apple)

2.2 Onboarding Questionnaire

During setup, you answer questions about your brain fog history, symptoms, lifestyle, wellness goals, and other onboarding questions such as sex. This data is used to personalize your experience and generate relevant insights.

2.3 Daily Check-In Data

Each day, you may log health and lifestyle data including but not limited to:

• Brain fog severity score
• Sleep quality and duration
• Exercise type and duration
• Water intake
• Stress levels
• Mood
• Diet and meal information
• Supplements and medications
• Health conditions and symptoms
• Other lifestyle factors you choose to track

This is the core of Defog. We use it to identify patterns, generate insights, and suggest experiments to help you understand and reduce brain fog.

2.4 AI-Generated Insights

Defog may use artificial intelligence and machine learning technologies to analyze your self-reported data and generate personalized insights, recommendations, and coaching suggestions. When AI features are active, your check-in data is processed by our AI systems to provide these services. AI-generated content is for informational and educational purposes only and does not constitute medical advice.

2.5 Subscription & Purchase Data

If you subscribe to Defog Premium, payment processing is handled entirely by Apple through the App Store. We do not collect or store your credit card number, bank account details, or other financial information. We receive confirmation of your subscription status through RevenueCat, our subscription management provider.

2.6 App Usage & Analytics Data

We collect anonymized usage data such as which features you use, session duration, crash reports, and app performance metrics. This helps us improve the app. We may collect general location data (country or region level) derived from your IP address for analytics purposes. We do not track your precise GPS location.

2.7 Apple HealthKit (Future)

In a future update, Defog may integrate with Apple HealthKit to import health and fitness data (such as sleep, activity, or heart rate) with your explicit permission. If enabled:

• HealthKit data will only be used to enhance your brain fog insights within the app
• HealthKit data will not be sold to third parties
• HealthKit data will not be used for advertising or marketing
• HealthKit data will not be shared with third parties except as required to provide the service
• You can revoke HealthKit access at any time through your device settings

3. How We Use Your Data

We use your data to:

• Provide personalized brain fog insights, recommendations, and experiments
• Power AI-driven coaching and analysis features
• Track your patterns and progress over time
• Improve the app experience and develop new features
• Send you relevant notifications (if you opt in)
• Respond to support requests
• Ensure the security and integrity of our service

We do not:

• Sell your personal data to third parties
• Use your health data for advertising or marketing purposes
• Share your individual data with other users
• Allow third parties to use your data for their own purposes unrelated to Defog

4. Data Storage & Security

Your data is stored on secure cloud servers provided by reputable third-party infrastructure providers. We implement industry-standard security measures including encryption of data in transit (TLS/SSL), encryption of sensitive data at rest, access controls, and regular security reviews.

While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

5. Third-Party Services

Service	Purpose	Data Shared
RevenueCat	Subscription management	Anonymized user ID, subscription status
Apple App Store	Payment processing	Payment details (handled by Apple)
Cloud Infrastructure	Data storage & processing	Encrypted user data

We may add analytics, crash reporting, or AI processing services in the future. This policy will be updated accordingly.

RevenueCat Privacy Policy · Apple Privacy Policy

6. Your Rights

6.1 Access Your Data

You can request a copy of all personal data we hold about you by emailing support@defogapp.com. We will respond within 30 days.

6.2 Correct Your Data

You can update your account information directly within the app.

6.3 Delete Your Data

You can delete your account and all associated data from within the app (Settings → Delete Account). This action is permanent and cannot be undone. You can also request deletion by emailing support@defogapp.com. Upon account deletion, all personal data will be permanently removed from our systems within 30 days.

6.4 Export Your Data

You can request a portable copy of your data by emailing support@defogapp.com.

6.5 Withdraw Consent

You can stop using Defog at any time. Deleting your account removes all your personal data from our systems.

7. For Users in the European Economic Area (GDPR)

If you are located in the EEA, you have additional rights under the GDPR:

• Legal basis for processing: We process your data based on (a) your explicit consent, (b) performance of our contract with you, and (c) our legitimate interest in improving the app.
• Data portability: You can request your data in a structured, machine-readable format.
• Right to restriction: You can request that we restrict processing in certain circumstances.
• Right to object: You can object to processing based on legitimate interests.
• Automated decision-making: You have the right to request human review of automated decisions that significantly affect you.
• Supervisory authority: You may lodge a complaint with your local data protection authority. In the Netherlands: Autoriteit Persoonsgegevens.
• Data transfers: If your data is transferred outside the EEA, we ensure appropriate safeguards are in place.

8. For Users in California (CCPA)

• Right to know: You can request disclosure of the categories and specific pieces of personal information we have collected.
• Right to delete: You can request deletion of your personal information.
• Right to opt-out of sale: We do not sell your personal information.
• Non-discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise your rights, email support@defogapp.com.

9. For Users in the United States

Defog complies with applicable U.S. privacy laws. We do not sell your personal data. Your health and wellness data is treated as sensitive personal information and given enhanced protection. We do not share your personal information with third parties for their direct marketing purposes.

10. Children's Privacy

Defog is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us at support@defogapp.com and we will promptly delete it.

11. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, all personal data is permanently removed within 30 days. Anonymized, aggregated data that cannot identify you may be retained indefinitely for product improvement.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the app, by email, or by posting a prominent notice. The "Last updated" date at the top reflects the most recent revision.

13. Contact

For privacy-related questions, data requests, or concerns:

Email: support@defogapp.com
Website: defogapp.com