GenderJourney.xyz Gender Journey
Login Register

Privacy Policy

Effective Date: 28 Nov 2025

1. Introduction

GenderJourney.xyz ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal and health information. This Privacy Policy explains how we collect, use, store, and protect your data in compliance with:

  1. UK General Data Protection Regulation (UK GDPR)
  2. Data Protection Act 2018
  3. Privacy and Electronic Communications Regulations (PECR)
  4. EU General Data Protection Regulation (EU GDPR) where applicable


Data Controller: Gender Journey Ltd

Company Number: 16877382

ICO Registration Number: ZC049881

Registered Office: 128 City Road, London, United Kingdom, EC1V 2NX

Contact Email: [email protected]

Service Location: United Kingdom


2. Information We Collect


2.1 Account Information (Required)

When you create an account, we collect:

  1. Email Address - Used as your username and for account communications
  2. Password - Stored using industry-standard bcrypt hashing
  3. Preferred First and Last Name - How you wish to be addressed
  4. Legal First and Last Name - Optional, defaults to preferred name if not provided
  5. Date of Birth - For age verification (minimum age: 16 years)
  6. Gender Identity - To personalize your experience
  7. Subscription Plan - Free, Egg Cracking (£1/month), or Hatched (£3/month)


2.2 Special Category Health Data (Optional)

Under UK GDPR Article 9, health data is classified as "special category data" requiring explicit consent and additional protections. You may optionally provide:

  1. Blood Test Results - PDF uploads or Medichecks API imports with biomarker values, reference ranges, and laboratory information
  2. Hormone Medications - Drug type, dosage, frequency, start/end dates, prescription information
  3. Blood Pressure Readings - Systolic, diastolic, pulse, reading dates, and notes
  4. Weight and Height Measurements - Weight in kg, height in cm, BMI calculations, and notes
  5. Surgery Records - Surgery type, consultant name, location, cost, dates, and notes
  6. Voice Recordings - Audio files with optional pitch frequency analysis (encrypted)
  7. Photos - Progress photos stored in your private photo journey
  8. Health Scores - Calculated indicators based on your health data (opt-in, for informational purposes only)
  9. UK Gender Recognition Certificate (GRC) Application Data - Documents, statutory declarations, and application metadata
  10. Diary Entries - Personal journal entries about your journey


Legal Basis for Processing Health Data: We process your health data under UK GDPR Article 9(2)(a) - explicit consent. By creating an account and uploading health information, you provide explicit consent for us to process this data solely for the purposes described in this policy. You may withdraw consent at any time by deleting your data or account.


2.3 Social Features Data (Optional - "My Connect")

If you enable "My Connect" social features, we collect:

  1. Display Name and Pronouns - Public profile information
  2. Profile Photo - Optional public or private photo
  3. Bio - Optional personal description
  4. Posts, Comments, and Reactions - Content you share with the community
  5. Friend Connections - Users you connect with
  6. Community Memberships - Communities you join
  7. Direct Messages - End-to-end encrypted conversations with connections
  8. Content Moderation Data - AI and human moderation results for safety


2.4 Technical and Usage Data

  1. Session Cookies - Essential for authentication and security (strictly necessary)
  2. Login Activity - Login timestamps, login count, active sessions for security
  3. PWA Installation Data - Whether you installed the Progressive Web App
  4. Service Worker Cache - Offline functionality for PWA
  5. Browser Local Storage - Feature flags, UI preferences (stored locally only)
  6. Two-Factor Authentication (2FA) Data - If enabled: SMS number, email, or authenticator app secret


2.5 Payment Information

Payment processing is handled by Stripe (PCI DSS Level 1 certified). We store:

  1. Stripe Customer ID - Links your account to Stripe
  2. Payment Method ID - Tokenized reference (not actual card numbers)
  3. Subscription Status - Active, cancelled, past due, etc.
  4. Billing History - Invoice dates and amounts


We never store full credit card numbers, CVV codes, or raw payment details.


3. How We Use Your Information


3.1 Service Provision

  1. Provide access to your personal health tracking dashboard
  2. Store and display your health data securely
  3. Calculate health indicators and insights (opt-in only)
  4. Generate hormone reports and blood test summaries
  5. Facilitate My Connect social features (if enabled)
  6. Process payments and manage subscriptions


3.2 Communication

  1. Transactional Emails - Account verification, password resets, security alerts (required)
  2. Service Notifications - Medication reminders, prescription reminders (if configured)
  3. Push Notifications - My Connect interactions, friend requests, reminders (opt-in)
  4. Newsletters - Product updates and community news (opt-in only, never automatic)


3.3 Security and Safety

  1. Detect and prevent unauthorized access
  2. Monitor for suspicious activity and fraud
  3. Moderate user-generated content for safety (AI-assisted + human review)
  4. Enforce Terms of Service and Acceptable Use Policy


3.4 Legal Compliance

  1. Comply with UK GDPR, Data Protection Act 2018, and other applicable laws
  2. Respond to lawful requests from authorities
  3. Protect our legal rights and interests


We do NOT use your data for:

  1. ❌ Marketing or advertising to third parties
  2. ❌ Selling or renting your personal information
  3. ❌ Training AI models (except for content moderation of your own posts)
  4. ❌ Profiling or automated decision-making that affects your rights


4. Data Security and Encryption


4.1 Encryption at Rest

All Personal Health Information (PHI) is encrypted at rest using AES-256-CBC encryption. This includes:

  1. Blood test data (files, samples, test results, biomarker values)
  2. Hormone medications (drug types, doses, dates)
  3. Blood pressure and weight readings
  4. Surgery records
  5. Voice recordings and pitch frequency data
  6. User personal data (names, date of birth, gender identity)
  7. Addresses
  8. GRC application documents and metadata


4.2 Encryption in Transit

  1. TLS 1.3 - All data transmitted between your browser and our servers
  2. Cloudflare SSL - Production environment uses Cloudflare Origin Certificates
  3. End-to-End Encryption - Direct messages in My Connect are encrypted


4.3 Access Controls

  1. Your data is accessible only by you - No staff access to encrypted PHI
  2. Role-Based Access Control (RBAC) - Administrative functions are restricted
  3. Two-Factor Authentication (2FA) - Optional additional security layer
  4. Session Management - Automatic logout after inactivity, ability to logout all sessions
  5. Account Lockout - Immediate lockout on unauthorized access reports (requires photo ID to unlock)


4.4 Infrastructure Security

  1. PostgreSQL Database - Running in Docker containers with encrypted volumes
  2. Laravel Framework - Industry-standard PHP framework with built-in security features
  3. Regular Security Updates - Dependencies and infrastructure are kept up-to-date
  4. Backup Encryption - Database backups are encrypted and stored securely


5. Third-Party Data Processors

We use the following third-party services to provide our platform. Each processor is bound by Data Processing Agreements (DPAs) and complies with UK GDPR:


5.1 Payment Processing

  1. Stripe - Payment processing, subscription management
  2. Data Shared: Email, name, payment method tokens, subscription status
  3. Location: USA (EU-US Data Privacy Framework certified)
  4. Privacy Policy: stripe.com/privacy


5.2 Email Services

  1. Mailjet - Transactional emails, verification codes, notifications
  2. Data Shared: Email address, name, email content
  3. Location: EU (GDPR compliant)
  4. Privacy Policy: mailjet.com/privacy-policy


5.3 Authentication

  1. Google OAuth - Optional social login
  2. Data Shared: Email, name, profile photo (only if you choose Google login)
  3. Location: USA (EU-US Data Privacy Framework certified)
  4. Privacy Policy: policies.google.com/privacy


5.4 Content Moderation

  1. OpenAI - AI-assisted content moderation for My Connect posts
  2. Data Shared: Post content only (no PHI, no personal identifiers)
  3. Location: USA
  4. Privacy Policy: openai.com/policies/privacy-policy
  5. Note: We only send post text for moderation. Your health data is never sent to OpenAI.


5.5 Health Data Integration

  1. Medichecks - Optional blood test import (if you connect your Medichecks account)
  2. Data Shared: Your Medichecks login credentials (stored encrypted), blood test results
  3. Location: UK
  4. Privacy Policy: medichecks.com/privacy-policy


5.6 Push Notifications

  1. Web Push Protocol (VAPID) - Browser-native push notifications
  2. Data Shared: Push subscription endpoint, notification content
  3. Location: Your browser vendor (Google, Apple, Mozilla)
  4. No third-party service - uses browser standards


We do NOT share your health data with any third parties except as explicitly listed above and only to the extent necessary to provide the service.


6. Your Rights Under UK GDPR

You have the following rights regarding your personal data:


6.1 Right to Access (Article 15)

You can access all your data at any time through your account dashboard. For a complete data export, contact [email protected].


6.2 Right to Rectification (Article 16)

You can update your personal information through your profile settings at any time.


6.3 Right to Erasure / "Right to be Forgotten" (Article 17)

You can delete your account and all associated data at any time via your profile settings. Deletion is permanent and irreversible. All data is deleted within 30 days.


6.4 Right to Restrict Processing (Article 18)

You can disable specific features (e.g., My Connect, health scores, voice pitch tracking) to restrict processing of certain data types.


6.5 Right to Data Portability (Article 20)

You can export your data in machine-readable formats (JSON, PDF) through your account dashboard or by contacting [email protected].


6.6 Right to Object (Article 21)

You can object to processing of your data for specific purposes by disabling features or deleting your account.


6.7 Right to Withdraw Consent (Article 7(3))

You can withdraw consent for processing health data at any time by deleting your health records or account. This does not affect the lawfulness of processing before withdrawal.


6.8 Right to Lodge a Complaint

You have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

  1. Website: ico.org.uk/make-a-complaint
  2. Phone: 0303 123 1113
  3. Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF


Gender Journey Ltd is registered with the ICO under registration number: [Your ICO number]


7. Data Retention

  1. Active Accounts: Data is retained as long as your account is active
  2. Deleted Accounts: All data is permanently deleted within 30 days of account deletion
  3. Inactive Accounts: Accounts inactive for 3+ years may be deleted after email notification
  4. Backup Retention: Encrypted backups are retained for 90 days for disaster recovery
  5. Legal Obligations: Some data may be retained longer if required by law (e.g., financial records for 7 years)


8. International Data Transfers

Your data is primarily stored in the United Kingdom. Some third-party processors are located in the USA and EU. All international transfers are protected by:

  1. EU-US Data Privacy Framework - For US-based processors (Stripe, Google, OpenAI)
  2. Standard Contractual Clauses (SCCs) - EU Commission-approved data transfer agreements
  3. Adequacy Decisions - For transfers to countries with adequate data protection (EU)


Note: Our service is not available in the United States due to political considerations. US residents cannot create accounts.


9. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect data from children under 16. If you are under 16, do not create an account or provide any personal information. If we discover that a child under 16 has provided personal information, we will delete it immediately.


10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  1. Email notification - 30 days before changes take effect
  2. In-app notification - Banner on your dashboard
  3. Updated "Last Updated" date - At the top of this policy


Continued use of the service after changes take effect constitutes acceptance of the updated policy.


11. Contact Us

For privacy-related questions, concerns, or requests, please contact us:

  1. Email: [email protected]
  2. Data Protection Officer: [email protected]
  3. Support: Via the "Contact Support" link in your account


Response Time: We aim to respond to all privacy requests within 30 days as required by UK GDPR.

By using GenderJourney.xyz, you acknowledge that you have read, understood, and agreed to this Privacy Policy.