← Back

Privacy

Version 1.1 · Last updated 18 May 2026

Pacer+ is a small app for tracking activity, energy and symptoms in ME/CFS. It is built carefully, by a small team, and the people who use it are people we care about. The way we handle your data reflects that.

This page explains, in plain language, what Pacer+ stores, what it doesn’t, and what your rights are. If anything here is unclear, write to us — the addresses are at the bottom.

What we store

  • Your email address, used to sign you in (or, if you join the waiting list, to contact you about access).
  • The activities, symptoms and notes you log in the app, with the time you logged them.
  • A small amount of account information: when you signed up, when you last signed in, your preferences (such as a display name if you choose to set one).
  • If you later connect a wearable or health app (this is not available yet), the health metrics you authorise. We will ask again, separately, before any of that happens.

The waiting list

Pacer+ is in private testing, so we keep a waiting list of people who would like access. If you add your email to that list, here is what happens to it.

We store your email address, the date you joined the list, and — if you choose to write one — a short note. We use this only to contact you about access to Pacer+. We do not add you to any other mailing list, and joining the waiting list does not create an account.

Our lawful basis for holding this is your consent, given when you submit the waiting-list form. You can withdraw it at any time: email us and we will remove you from the list. We also review the list periodically and remove entries we no longer need. Once you either join Pacer+ or ask to be removed, your waiting-list entry is deleted.

What we don’t do

  • We don’t use analytics, tracking pixels, or third-party advertising. There are no cookies beyond the one that keeps you signed in.
  • We don’t send marketing emails, nudge emails, “you missed a day” emails, or any other prompt designed to get you to open the app. The only emails we send are sign-in links you asked for and, if you join the waiting list, a single note confirming you are on it.
  • We don’t sell your data. We never will.
  • We don’t share your data with insurers, employers, researchers, or anyone else without your explicit, specific consent.

Where your data lives

Pacer+ runs on a server in Nuremberg, Germany, operated by netcup GmbH. The database is encrypted at rest. The connection between your device and Pacer+ is encrypted in transit using TLS.

Your sign-in emails are sent via Brevo (sendinblue SA, France), which receives your email address and the magic-link URL for the sole purpose of delivering the message. Brevo does not use this data for any other purpose.

We do not currently use Cloudflare, a CDN, or any analytics provider. If that changes — for example, if we add Cloudflare for storage of larger files in the future — we will update this page and tell you in the app before it takes effect.

How long we keep it

We keep your data for as long as your account is active. If you ask us to delete your account, we delete your activity logs, symptoms, notes and account record within 30 days. Backups roll off within a further 35 days, after which no copy remains.

Your rights

Under UK and EU data protection law, you have the right to:

  • See a copy of the data we hold about you.
  • Have inaccurate data corrected.
  • Have your data deleted.
  • Export your data in a portable format (we’ll send JSON).
  • Withdraw consent for any optional data (e.g. wearable sync).
  • Complain to a regulator — the Data Protection Commission (dataprotection.ie) in Ireland, or the Information Commissioner’s Office (ico.org.uk) in the UK.

To exercise any of these, email the relevant address below. We normally respond within a few days and always within 30 days, which is the legal maximum.

Health data and GDPR Article 9

Symptoms, energy and activity logs are “special category” health data under GDPR Article 9. We process this data only on the basis of your explicit consent, given when you sign up and used solely to provide the app to you. The database that holds your health data is isolated from any other application on the server, and no person, including us, accesses it routinely. We may access it only to investigate a fault you have asked us to investigate, or where required by law.

Who we are

Pacer+ is operated by two entities, depending on where you live. Both entities follow the same practices described on this page. Either address is fine for getting in touch — we’ll route internally.

If you live in the EU or EEA

Pacer+

Boyle, Co. Roscommon, Ireland

app@pacer.plus

If you live in the UK

Pacer+

Ipswich, Suffolk, England

app.uk@pacer.plus

Changes to this page

If we change anything material on this page — for example, adding a new service like Cloudflare, or beginning to sync data from a wearable — we will update the version number above and show a notice in the app the next time you sign in. We will not quietly change practices behind your back.