Privacy Policy — SIS (Symptom Insight System)

Effective date: 28 April 2026

Last updated: 6 June 2026

SIS ("we", "our", or "us") is a pattern-tracking and summary tool designed to help individuals record symptoms, appointments, and health-related information in a calm, non-diagnostic way.

Your privacy is foundational to how SIS is built. This policy explains, plainly and fully, how your information is handled when you use SIS.

1. The short version

• Your health information stays on your device. We never see it.
• We use a simple, privacy-friendly analytics tool (Plausible) to count visits and understand which features are used. It does not use cookies, does not collect personal data, and does not track you across other websites.
• Analytics is disabled on the page where the founder shares her personal story.
• We do not sell, share, or advertise with your data — ever.
• You can email us at hello@bigsis.health with any questions.

2. Information you enter into SIS

SIS allows you to enter personal health-related information, including:

• Symptoms and patterns you've noticed
• Notes, observations, and free-text diary entries
• Appointments and what was discussed
• Procedures and medications
• How symptoms are affecting your life

This information is entered voluntarily by you and is stored only on your device, in your browser's local storage, under the keys womens-health-pattern-app, sis-diary-entries, and womens-health-documents.

We do not transmit, copy, back up, or have any access to this information. If you clear your browser's data, the information is gone — including from us, because we never had it.

3. Analytics

SIS uses Plausible Analytics, a privacy-friendly, EU-hosted analytics service designed to be compliant with GDPR, ePrivacy, PECR, and CCPA without requiring a cookie banner.

What Plausible collects:

• Page views and the page being viewed
• The country a visit comes from (derived from IP, then discarded)
• Browser and device type (e.g. "Chrome on iPhone")
• Referrer (the website that linked to us, if any)

What Plausible does not do:

• Use cookies or any persistent identifier
• Store IP addresses
• Collect, see, or transmit anything you enter into SIS — your symptoms, notes, appointments, and medications are never seen by Plausible or by us
• Track you across other websites
• Share data with advertisers

Where this analytics is and isn't used: Plausible is enabled on the main SIS app pages so we can understand whether the tool is reaching people and which features are useful. It is disabled on the founder's personal story page (story.html) — that page is a personal account and we don't believe visits to it should be counted, even anonymously.

Plausible's own privacy policy is available at plausible.io/privacy.

4. If you email us

If you contact us at hello@bigsis.health, we will see your email address and the contents of your message. We use this only to reply to you. We do not add you to any mailing list, and we do not share your email with anyone.

The hello@bigsis.health address is forwarded to a personal inbox managed by the founder. Email is not encrypted end-to-end — please don't include sensitive medical details in messages to us.

5. Data sharing

We do not:

• Sell your data
• Share your personal health data with third parties
• Use your data for advertising
• Combine your data with data from other sources

Anything you choose to export from SIS (for example, a summary to share with a clinician) is entirely under your control. Once you export it, it leaves the protection of your device — please handle exports as you would any other personal medical document.

6. Future features and research

SIS's long-term mission includes the possibility of feeding anonymous, aggregated patterns — never personal information — back into clinical and research systems, so that the experience of being dismissed becomes harder to repeat.

This is a future feature, not a current one. If and when it is built, it will:

• Be entirely opt-in, with explicit, specific consent
• Share only de-identified, aggregated pattern data — never your name, your free text, your appointments, or anything that could identify you
• Be documented in detail in this privacy policy before it goes live
• Be designed with appropriate safeguards under UK and EU GDPR provisions for health and research data

Until then, none of your data leaves your device.

7. Medical positioning

SIS is not a medical device. It does not diagnose, treat, monitor, or make clinical decisions. It is a personal record-keeping and pattern-noticing tool. SIS does not provide medical advice, diagnosis, or treatment, and is not a substitute for advice from a qualified healthcare professional. Always consult your doctor about any medical concerns.

8. Security

Because your information is stored only on your device, the security of that information depends on the security of your device and browser. We recommend:

• Keeping your device locked with a passcode, PIN, or biometric
• Keeping your browser up to date
• Being mindful when using SIS on shared or public devices

SIS itself is delivered over HTTPS and does not transmit your health information anywhere.

9. Your rights

Because we don't hold your personal health data, most data-protection rights (access, correction, deletion, portability) are exercised directly by you on your own device — your data is yours, immediately and completely.

For the limited information we do process (analytics and any email correspondence), under EU GDPR, UK GDPR, and equivalent laws in other regions, you have the right to:

• Ask what information we hold about you
• Ask us to correct or delete it
• Object to its processing
• Lodge a complaint with a supervisory authority — in Cyprus, the Office of the Commissioner for Personal Data Protection (or, if you are elsewhere, your local data-protection authority)

To exercise any of these rights, email hello@bigsis.health.

10. International users

SIS is available globally. Plausible Analytics is hosted in the European Union (Germany). Email sent to hello@bigsis.health is forwarded to an inbox managed by the founder in Cyprus. Because your health data never leaves your device, there are no international transfers of your health information.

11. Children's privacy

SIS is intended for adults. It is not directed at children. Different countries set the minimum age for digital consent differently (commonly between 13 and 16). If you are under the age of digital consent in your country, please use SIS only with the involvement of a parent or guardian. If you believe a child has used SIS on a device you control and you wish to remove the data, clearing the browser's storage for the SIS site will delete it.

12. Changes to this policy

If we make material changes to this policy — for example, adding a new feature that involves processing data differently — we will update this page and revise the "Last updated" date at the top. For significant changes, we will surface a notice in the app itself.

13. Contact

For any privacy questions, requests, or concerns, please email:

hello@bigsis.health

SIS is built on the belief that your story belongs to you. This policy is the practical expression of that belief.