Privacy Policy

Our Commitment to Your Privacy

At BabyScore ("we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our baby care time-tracking application (the "Service").

We believe in transparency. We collect minimal data, never sell your information, and give you full control over your account.

1. Information We Collect

Information You Provide

• Account Information: Email address, password (encrypted), and authentication method (email/password or Google OAuth)
• Household Information: Household code, caregiver names, optional profile pictures
• Baby Care Data: Session start/end times, activity types (feeding, changing, playing, etc.), optional session notes
• Profile Pictures: Optional photos you upload for caregiver profiles

Information We Collect Automatically

• Device Information: Browser type, operating system, device type (for responsive design)
• Usage Data: Pages viewed, features used, session duration (for improving the app)
• Log Data: IP address, access times, error logs (for security and debugging)

Information We Do NOT Collect

• We do NOT track your location
• We do NOT access your contacts, photos (except those you explicitly upload), or other apps
• We do NOT collect sensitive personal information (race, religion, political views, health data beyond baby care activities)
• We do NOT use tracking cookies for advertising

2. How We Use Your Information

We use your information to:

• Provide the Service: Track baby care sessions, sync data across devices, generate stats and leaderboards
• Authenticate Your Account: Verify your identity and secure your household data
• Improve the Service: Analyze usage patterns to fix bugs, optimize performance, and develop new features
• Communicate With You: Send service updates, security alerts, and optional product announcements (you can opt out)
• Process Payments: Handle Pro tier subscriptions (processed securely via Stripe or similar)
• Comply With Legal Obligations: Respond to legal requests, prevent fraud, enforce our Terms of Service

3. How We Share Your Information

Within Your Household

Your baby care data is visible to anyone you invite to your household. This includes session times, activities, notes, and caregiver stats. You control who joins your household via the 6-character household code.

With Service Providers

We use third-party services to operate BabyScore:

• Supabase: Database hosting, authentication, file storage (US-based servers, SOC 2 compliant)
• Payment Processors: Stripe or similar for Pro tier subscriptions (PCI-DSS compliant)
• Analytics: Privacy-focused analytics tools (no tracking cookies, anonymized data only)
• Email Services: Transactional email providers for account notifications

These providers only access your data as necessary to perform their services and are contractually bound to protect it.

We Do NOT Sell Your Data

We will NEVER sell, rent, or trade your personal information to third parties for marketing purposes. Period.

Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, safety, or property.

4. Data Security

We take security seriously:

• Encryption: All data transmitted between your device and our servers uses TLS/SSL encryption
• Password Protection: Passwords are hashed using industry-standard algorithms (never stored in plain text)
• Row-Level Security: Database-level access controls ensure you can only see your household's data
• Regular Audits: We conduct security reviews and update our systems regularly
• Limited Access: Only authorized personnel can access user data, and only when necessary

However, no system is 100% secure. We cannot guarantee absolute security, but we do our best to protect your information.

5. Your Rights & Choices

You have the following rights regarding your data:

Access & Export

You can view all your baby care data in the app. We're building an export feature (CSV format) to download your full history. Contact us if you need your data before this feature launches.

Edit & Delete

You can edit or delete caregivers, sessions, and notes at any time in the app. Changes sync immediately across all devices in your household.

Delete Your Account

You can delete your account at any time in Settings. This will:

• Remove your profile from the household
• Delete your account credentials
• Mark your data for deletion within 30 days (grace period for accidental deletions)

Note: If you're the only member of a household, deleting your account will delete the entire household and all its data after the 30-day grace period.

Opt Out of Communications

You can opt out of non-essential emails (product updates, tips) in Settings. You'll still receive critical account notifications (password resets, security alerts).

Regional Rights (GDPR, CCPA, etc.)

If you're in the EU, California, or other regions with specific privacy laws, you may have additional rights:

• Right to access your personal data
• Right to correct inaccurate data
• Right to delete your data ("right to be forgotten")
• Right to restrict or object to processing
• Right to data portability

To exercise these rights, contact us at privacy@babyscore.app.

6. Data Retention

• Active Accounts: We retain your data indefinitely while your account is active
• Deleted Accounts: 30-day grace period, then permanently deleted (anonymized analytics may remain)
• Free Tier History: 90 days (older sessions deleted automatically)
• Pro Tier History: Unlimited (retained until you delete or cancel)
• Backups: We maintain encrypted backups for disaster recovery (deleted within 90 days after account deletion)

7. Children's Privacy

BabyScore is designed for adults (parents, caregivers) to track baby care. We do not knowingly collect personal information from children under 13. The "babies" being tracked are not users of the Service—you (the adult) are the user.

If you believe we've inadvertently collected information from a child under 13, please contact us immediately at privacy@babyscore.app.

8. International Users

BabyScore is operated from the United States. If you're using the Service from outside the US, your data will be transferred to and stored on US-based servers (via Supabase).

By using BabyScore, you consent to this data transfer. We comply with applicable data protection laws, including GDPR for EU users.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

• We'll update the "Last Updated" date at the top
• We'll notify you via email or in-app notification for significant changes
• Continued use of the Service after changes means you accept the updated policy

We'll never make retroactive changes that reduce your privacy rights without your explicit consent.

10. Contact Us

Questions, concerns, or requests regarding this Privacy Policy? We're here to help.