Privacy Policy

The data controller responsible for your personal data is:

[LEGAL_ENTITY_NAME]
[POSTAL_ADDRESS], [COUNTRY]
Email: [PRIVACY_EMAIL]

• Account data — your name, email address and password (stored encrypted) when you create an account.
• Baby & care data you enter — feeding, sleep, diapers, baths, growth measurements, notes and photos. Some of this may relate to health and is treated with extra care.
• Family-sharing data — invitations and the caregivers you share a baby with.
• Technical data — device type, operating system, app version, language, approximate region and crash/diagnostic logs.
• Usage & storage — a functional preference stored in your browser to remember your language, and on-device storage that enables offline use.
• Advertising identifiers — in the free tier, our advertising partners may process device identifiers to show ads (see our Cookie Policy).

• provide and sync the Service across your devices and family members;
• enable offline logging and automatic sync;
• maintain your account and provide customer support;
• show advertising in the free tier and manage optional ad-free subscriptions;
• improve stability and performance through diagnostics;
• comply with legal obligations and prevent abuse.

We rely on the following legal bases under Article 6 GDPR (and Article 9 where health-related data is involved):

• Performance of a contract — to provide the Service you sign up for.
• Consent — for non-essential cookies, advertising identifiers and any health-related data you choose to record; you may withdraw it at any time.
• Legitimate interests — to keep the Service secure, prevent fraud and improve it.
• Legal obligation — where we must retain or disclose data by law.

We never sell your personal data. We share it only with:

• Service providers that host and operate the Service (cloud hosting, email delivery, crash reporting) under contract and on our instructions.
• Advertising partners in the free tier, which may process advertising identifiers to deliver ads.
• Caregivers you invite, who can see the baby data you share with them.
• Authorities, where disclosure is required by law.

Some providers may process data outside the European Economic Area. Where that happens, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or an adequacy decision so your data stays protected.

We keep your data for as long as your account is active. If you delete your account, we delete or anonymise your personal data within a reasonable period, except where we must retain certain records to comply with legal obligations.

Under the GDPR you have the right to:

• access the personal data we hold about you;
• rectify inaccurate or incomplete data;
• erase your data (the "right to be forgotten");
• restrict or object to certain processing;
• data portability — receive your data in a portable format;
• withdraw consent at any time, without affecting prior processing.

To exercise any of these rights, contact us at [PRIVACY_EMAIL]. You also have the right to lodge a complaint with your local data-protection supervisory authority.

The Service is intended for parents and caregivers, who are responsible for the baby and child data they record. The Service is not directed to children, and you must be at least 16 (or the age of digital consent in your country) to create an account. We do not knowingly collect data directly from children.

We use encryption in transit and at rest, access controls and other technical and organisational measures to protect your data. No method of transmission or storage is completely secure, but we work continuously to safeguard your information.

We may update this Privacy Policy from time to time. We will post the new version here and update the "Last updated" date. We will communicate significant changes within the Service.

For any privacy question or to exercise your rights, contact [PRIVACY_EMAIL] or write to [LEGAL_ENTITY_NAME], [POSTAL_ADDRESS].