Privacy Policy — Mon parcours trans

Last updated: 9 May 2026

In one sentence: the app collects, transmits and stores no data on any server. Everything stays encrypted locally on your device.

Who publishes the app

Mon parcours trans is published by Mourad Zinbi, as a sole individual, in France. For any question relating to privacy, you can write to zinbimourad149@gmail.com.

Data you enter

When you use the app, you may record:

your treatments and hormone doses,
your lab results,
your personal journal entries,
your preferences (lock, notification sounds, etc.).

All of this information is stored only on your iPhone, in a database encrypted with your master password (SQLCipher / AES-256 encryption, Argon2id key derivation). It is never sent to a server, a cloud service or any third party.

What we do not collect

no account data (the app works without sign-up),
no analytics, telemetry or audience-measurement data,
no advertising identifiers, no cookies, no trackers,
no location data,
no contact, address book or calendar data.

The Apple privacy manifest (PrivacyInfo.xcprivacy) explicitly declares zero tracking and zero collection. You can verify this in the App Privacy section of the App Store listing.

System permissions

The app requests the following permissions:

Camera — to scan a lab report or add a photo to your journal. The image stays on the device; nothing is sent.
Face ID / Touch ID — to unlock the app without typing your master password. Apple never gives us access to your biometric data.
Notifications — for the reminders you set yourself. Scheduled locally, never via a server.

Text recognition (OCR) and Apple Intelligence

When you scan a lab report, the text is extracted by the Apple Vision and, where applicable, Apple Intelligence frameworks. These run locally on your device. The document is neither kept nor transmitted.

PDF and JSON exports

You can export your data as PDF or JSON from Settings. These files are generated on the device and handed to the iOS share sheet: you then decide who to send them to (your doctor, AirDrop, email, etc.). The app does not keep them anywhere else.

Deleting your data

You can delete all your data at any time from Settings → Erase my data. Uninstalling the app has the same effect: because no copy exists outside your device, deletion is immediate and permanent.

Legal bases (GDPR)

Within the meaning of Regulation (EU) 2016/679 (GDPR), processing is based on your consent and on the performance of a service you initiate yourself. Because no data leaves your device, the publisher does not act as a data controller with regard to your health data: you are its sole technical holder.

Security

database encryption via SQLCipher (AES-256-CBC, HMAC-SHA-512),
Argon2id key derivation from your master password,
secrets stored in the iOS Keychain,
configurable auto-lock, optional biometric unlock,
source code published under a free licence (AGPL-3.0), auditable.

Changes to this policy

Any material change will be flagged in the app (notice version update). The date at the top of this page indicates the most recent revision.

Contact

For any question relating to your data or to exercise your GDPR rights (access, rectification, erasure): zinbimourad149@gmail.com.

← Back