Is my IVF data private?

Yes. TrackMyIVF uses a "Local-First" architecture. Your data is stored on your device, not in the cloud. We cannot see, sell, or leak your data.

Does it track medications?

Yes. The app includes a comprehensive medication tracker with reminders and injection site rotation logging.

Can my partner see my progress?

Partner Sync is coming soon. This feature will allow you to share your timeline and updates with your partner automatically.

What is the Two Week Wait (TWW)?

The Two Week Wait is the period between embryo transfer and the pregnancy test. TrackMyIVF provides specific emotional support and symptom tracking during this high-anxiety phase.

Security at TrackMyIVF

Medical-grade protection. Defensive Architecture. Zero Trust.

1. Our Security Philosophy

We treat your data as if it were our own medical records. Because often, it is. Our security model is based on Defense in Depth and Data Minimization.

2. Encryption Standards

At Rest: All local database files (SQLite/WatermelonDB) are encrypted using SQLCipher with 256-bit AES encryption.
In Transit: All data synchronization occurs over TLS 1.3 (Transport Layer Security). We use strict HSTS (HTTP Strict Transport Security) to prevent downgrade attacks.
Key Management: Encryption keys are stored in the secure hardware enclave of your device (iOS Keychain / Android Keystore). We do not have access to your raw keys.

3. Infrastructure Security

Our cloud infrastructure is hosted on AWS and Vercel, complying with SOC 2 Type II standards.

DDoS Protection: Automated mitigation via AWS Shield.
WAF: Web Application Firewall to block common exploits (SQLi, XSS).
Access Control: Strict Principle of Least Privilege (PoLP) for all engineering staff.

4. Incident Response

In the unlikely event of a data breach, we are committed to transparency. We will notify affected users within 72 hours of confirmation, in accordance with GDPR and US breach notification laws.

5. Vulnerability Disclosure (Bug Bounty)

If you believe you have found a security vulnerability in TrackMyIVF, please report it to security@trackmyivf.com. We operate a "Safe Harbor" policy: we will not pursue legal action against researchers who report vulnerabilities in good faith and do not exploit user data.