Back

Legal

Privacy Policy

Last updated: March 29, 2026

1. Introduction

Folio AI, Inc. (“we,” “our,” or “us”) operates Orrum, a pelvic floor strengthening and wellness application. We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use the Orrum mobile application and website.

2. Data Controller

The data controller responsible for your personal data is:

Folio AI, Inc.

For privacy inquiries, data requests, or to contact the data controller:

privacy@orrum.dev

3. Information We Collect

We collect information necessary to provide our service:

  • ·Workout Data: Session history, exercise metrics, and progress records. Stored on-device and synced via iCloud. This is wellness data, not medical data under HIPAA.
  • ·Apple Health Data (optional): With your explicit permission, Orrum may read and write workout activity and menstrual cycle data to Apple Health (HealthKit). See Section 6 for full details.
  • ·Account Information: Email, name, and profile information if you create an account.
  • ·AI Coach Usage: A usage quota counter to manage AI coaching interactions. Stored server-side in Firebase Firestore.
  • ·Usage Data: Anonymous metrics to improve the app.

4. How We Use Your Information

We use your information solely to provide and improve Orrum, track your progress, personalize your program, and communicate with you about updates and support.

5. Wellness Data & Not Medical Advice

Orrum is a wellness application. The data we collect is general wellness information. It is not protected health information under HIPAA. Orrum does not provide medical advice. If you have health concerns, please consult a healthcare provider.

6. Apple Health (HealthKit)

With your explicit permission, Orrum may read and write data to Apple Health (HealthKit), including:

  • ·Workout activity data (exercise sessions, duration, and metrics)
  • ·Menstrual cycle data (if you choose to enable cycle sync features)

Important: HealthKit data is used solely to enhance your in-app experience. It is never shared with third parties, never used for advertising or marketing purposes, and never uploaded to our servers. All HealthKit data remains on your device and within Apple's ecosystem.

You can grant or revoke HealthKit permissions at any time in your iPhone's Settings → Privacy & Security → Health → Orrum.

7. Data Storage & Security

We use a layered storage approach designed to keep your data private:

  • ·On-device (primary): Workout data, stats, and program progress are stored locally on your device using Apple's secure storage.
  • ·iCloud sync (Apple): Your data syncs across your own Apple devices via iCloud. Apple governs this data under their privacy policy.
  • ·Firebase Firestore (Google Cloud): Used exclusively to track your AI coach usage quota. This does not include workout data or personal health information.
  • ·Firebase Auth (Google Cloud): Manages secure account authentication.

We use industry-standard encryption and security protocols to protect your data in transit and at rest.

8. Data Sharing

We do not sell your personal information. We may share limited data with trusted third-party providers (Apple/iCloud, Google/Firebase) solely to operate the service, as described in Sections 7 and 11.

9. Your Rights

You have the right to access, correct, or delete your personal data. Manage your data in app settings where available.

Right to Erasure (GDPR Art. 17): You have the right to request deletion of your personal data. To exercise your right to erasure or request data deletion, contact us at:

privacy@orrum.dev

10. Children's Privacy

Orrum does not address anyone under 13. We do not knowingly collect data from children under 13.

11. Third-Party Processors

We use the following data processors to operate Orrum:

  • ·Apple (iCloud): On-device data sync across your Apple devices. Governed by Apple's Privacy Policy.
  • ·Google (Firebase Auth & Firestore): Account authentication and AI coach usage quota tracking. See Firebase Privacy.
  • ·Google (Gemini API): AI-powered coaching features. Data is processed in accordance with Google's Privacy Policy.

12. California Privacy Rights (CCPA)

California residents may have additional rights. We do not sell your data. Contact privacy@orrum.dev to exercise your rights.