Where does my period data live?

On your iPhone. Only on your iPhone. Nowhere else. If your phone is lost, your data is lost — we can't recover it, because we never had a copy.

Is Dew a private period tracker?

Yes. Dew has no account, no email collection, no ads, no third-party trackers, and no data sold to anyone. Your cycle logs stay on your iPhone — we have no way of knowing who you are.

Does Dew use iCloud sync?

Optional. If you turn iCloud sync on, your data lives in your own private iCloud, encrypted so only your Apple devices can open it. We don't see it. Apple can't read it.

Where are insights generated — on my phone, or somewhere else?

Insights are written entirely on your iPhone by Apple's on-device language model. No prompts, no data, no outputs ever leave the device — no one but you can see them.

How much does Dew cost?

Dew is free during v1. When pricing arrives in v1.1+, there will be a small one-time price for core tracking and a small monthly Pro tier for advanced features. Both are honest. No surprises, no dark patterns.

Because accounts mean we'd have to keep something about you. We don't want to. The whole app is built so it's impossible for us to know who you are.

Period tracker iCloud sync, explained

iCloud sync usually means your data lives on Apple's servers. For cycle tracking, the version that matters is different — end-to-end encrypted with your own keys, invisible to Apple, invisible to the app. Here's how it works.

Most "cloud sync" in a period app means: your data goes to the app company's servers (usually AWS), and a copy goes to your other devices over the same path. The company can read it. Anyone with a subpoena can read it. A breach can leak it.

That's not the only way to do iCloud sync. There's a second, much-more-private version called the CloudKit Private Database, which is what Dew and Apple Health both use. The difference is the difference between "the cloud" and "your cloud."

The two kinds of cloud sync

Kind 1: The app company's cloud

Your data goes to a server owned by the company that made the app. They write it to a database (typically AWS). Encryption at rest protects against AWS having a bad day, but the company holds the keys — they can decrypt to ship the data to your other devices.

This is what Flo, Clue, Stardust, and most "cloud" period apps do. It works fine. It is not private from the company.

Kind 2: Your iCloud Private Database

Apple gives every app a place to store data inside your iCloud account. There are two scopes:

Public Database: shared across all users of the app. Apple stores it, the app developer can read it.
Private Database: scoped to your iCloud account. End-to-end encrypted with your iCloud keys. Apple cannot decrypt it. The app developer cannot decrypt it. Only code running on a device signed into your Apple ID can decrypt it.

Dew uses only the Private Database. There is no Dew server. There is no Dew administrator who can peek. Even if Dew the company stopped existing tomorrow, the data in your iCloud Private Database would still be yours, accessible from any Apple device you sign in on.

What "end-to-end encrypted" actually means here

"End-to-end" is a phrase that's been diluted by marketing. In the CloudKit Private Database, it means something specific:

Your iPhone has cryptographic keys derived from your iCloud account.
Before any data goes to Apple's servers, it's encrypted with those keys.
Apple's servers store ciphertext — they don't have the keys.
When your iPad or Mac (also signed into your Apple ID) wants the data, it decrypts locally using its own copy of the same keys.
Apple's role is essentially: "encrypted blob distribution service." They never see plaintext.

Apple has stated this publicly and contractually. They have also reaffirmed it in court filings — most notably in the iCloud subpoena response history, where Apple has said they cannot produce HealthKit data because it's E2E-encrypted from them.

Why most period apps don't use it

Three reasons, in roughly the order they actually matter to the app companies:

You can't do server-side processing. If you can't read the data, you can't run ad-targeting models on it. You can't aggregate it for research. You can't train an LLM on it. The privacy property is good for users but bad for monetization.
It's iOS-only. CloudKit doesn't exist on Android. If your tracker is cross-platform, you'd need a second sync system for Android, and two systems is more work than one.
Customer support is harder. When a user emails "I lost my data," you can't help — you literally don't have a copy. The user has to fix it themselves through iCloud restore.

Dew's stance on these three: the first is the whole point (we never wanted to read your data), the second is fine (we're iOS-only by design — see the founder's note), and the third is a feature, not a bug.

What you'd notice as a user

From your side, iCloud Private Database sync looks like... nothing. You don't sign in to Dew. You don't enter an email. The app finds your iCloud account because the OS already knows it. If you have a second device signed into the same Apple ID — iPad, Mac, family member's iPhone — you open Dew there and the data is already in sync.

From Dew's side, we can't see it. From Apple's side, they can't read it. From anyone-else's side, the data is encrypted ciphertext on Apple's servers that nobody else has the key to.

Trade-offs to know

You need an iCloud account. If you're signed out of iCloud, sync can't run. Dew works fully offline — your data just won't sync to other devices.
Family Sharing doesn't share private databases. Each Apple ID has its own. If you and a partner both use Dew, you each have your own data.
Recovery depends on Apple ID access. If you lose access to your Apple ID entirely, your encrypted backup is unreachable. This is the same property as iMessage backup, Keychain, and Health.

The short version

"Period tracker iCloud sync" can mean two different things. Most apps mean: we sync our copy of your data through iCloud to your other devices. The iCloud bit is incidental — they store the data themselves.

Dew (and Apple Health) mean: your data lives only in your iCloud, end-to-end encrypted, and we can't see it. The iCloud bit is the whole architecture.

For more on the broader privacy comparison, see Flo, Clue, Stardust, Dew: a privacy comparison.