Privacy Policy

Legal
Privacy Policy
Effective: April 24, 2026
In plain language
We collect the minimum data we need to run a family coordination app. We never sell it. We never use it to train AI models. You can export everything we have about you, or delete your account, with one tap from Settings → Privacy.
1. Who we are
FamCove (the "app") is a household-coordination service operated by FamCove, Inc. ("we", "us", "our"). We are the data controller for the personal data described in this policy. Our contact information is at the bottom of this page.
This policy applies to the iOS app, Android app, web app, and any marketing site at famcove.com. It does not apply to third-party services we link to.
2. What we collect, and why
Every category below is collected for a specific purpose. We do not collect data "just in case". If a feature doesn't need a piece of data, we don't store it.
Email address
Used to sign you in via magic link. We never set a password.
Display name
Shown to other family members so you appear as a person, not a UUID.
Family members & children
Names, birth dates, schools, classrooms — entered by you. Powers calendars, coverage planning, and the school directory link.
Calendar events
Title, date/time, category, coverage plan, optional location/notes. Created by you, imported from school PDFs, or synced from the public Kentucky school directory.
Custody handoffs & co-parent messages
Plain-text content + automatic tone score. Visible to both adults in the household; never shared outside.
Reimbursements & payments
Amounts, payment methods, optional receipts. Used for budget views, the year-end CSV, and the court-export PDF.
Family Vault documents
Insurance cards, vaccination records, IDs, medical notes — any file you choose to upload. Encrypted at rest. Served via 10-minute signed URLs.
Location pings
Last latitude/longitude per user, only if you turn on Location Sharing. We do not store history.
Subscription state
Tier, billing period, and AI-imports quota — mirrored from the App Store / Google Play / RevenueCat.
Device permissions
Photo library, camera, notifications, and location — each requested only when you invoke the relevant feature.
3. What we do not collect
Advertising identifiers (Apple IDFA, Google AAID).
Cross-app or cross-site tracking cookies. The mobile app uses zero cookies.
Payment card numbers. The App Store, Google Play, RevenueCat, and Stripe handle that. We never see your PAN.
Biometric data, voiceprints, or facial geometry.
Location history. We keep only the most recent ping, and only if sharing is on.
Browsing or app-usage data outside FamCove.
4. Legal basis for processing (GDPR)
For users in the EU, UK, EEA, and Switzerland, the lawful basis under GDPR Article 6 for each category is:
Performance of a contract (Art. 6(1)(b)) — account data, family data, calendar events, vault documents, subscriptions. We can't deliver the service without these.
Consent (Art. 6(1)(a)) — location sharing, AI processing of your message tone, marketing emails, anonymous analytics. You opt in, and you can withdraw any time in Settings → Privacy.
Legitimate interest (Art. 6(1)(f)) — security audit logs, fraud prevention, debugging crash reports.
We do not process special-category data (Article 9) unless you choose to upload medical documents to your Family Vault. Those documents are stored only because you put them there for your own reference, and are not shared, analyzed, or used by us.
5. Who processes your data on our behalf
We are a small team. We use vetted infrastructure providers under signed Data Processing Agreements:
Supabase Inc. (US)
Database, authentication, file storage. Encrypted at rest with AES-256.
OpenAI, L.L.C. (US)
AI extraction of school PDFs, photos, tone coach, weekly retro. Configured with training opt-out and zero-retention.
Apple Inc.
iOS distribution, in-app purchases, push notifications.
Google LLC
Android distribution, in-app purchases, push notifications.
RevenueCat, Inc. (US)
Subscription orchestration. Sees only the entitlement state, not your other data.
Expo, Inc. (US)
Build pipeline + over-the-air JS updates. No user data passes through Expo at runtime.
The complete current list lives at /subprocessors and changes there are announced 30 days in advance.
6. How we use AI
We use OpenAI's GPT-4o family of models for:
Extracting events from school PDFs you upload.
Extracting events from photos you take of flyers, emails, whiteboards.
Scoring the tone of co-parent messages you draft.
Writing your weekly retrospective.
Suggesting recipes and consolidating shopping lists from your meal plan.
Crawling public school websites to find calendar sources.
OpenAI processes the prompt, returns a result, and discards the input. They do not train their models on your data, and we have configured our OpenAI workspace with the "zero data retention" flag enabled. You can disable AI processing entirely in Settings → Privacy, in which case those features become unavailable.
7. Children's data
FamCove is designed for parents, guardians, and other adults who coordinate a household. Children do not create accounts and do not interact with the app directly. Data about a child (name, school, allergies, vaccinations) is entered by the parent or guardian and is stored under that adult's account.
Under U.S. COPPA, we rely on parental consent provided when the parent accepts these terms at sign-up. Parents can review, edit, or delete their child's data at any time from the child profile screen. See our Children's Privacy Notice at /childrens-privacy for details.
8. Your rights
You can, free of charge and without lawyer-talk:
Access — tap Settings → Privacy → "Export my data" to download a JSON file with every row tied to your family.
Rectify — edit any field in the app directly.
Erase — tap Settings → Privacy → "Delete my account". We schedule cascade deletion for 14 days later; you can cancel before then.
Restrict — turn off AI processing, location sharing, or analytics from the same screen.
Object — to processing based on legitimate interest; email us.
Portability — the JSON export is machine-readable and structured per Article 20.
Withdraw consent — anywhere we asked for it; flips a single toggle in Settings.
Lodge a complaint — with your supervisory authority (in the UK, the ICO; in the EU, your country's DPA).
9. How long we keep it
Account data (email, profile)
While your account is active. Deleted within 30 days after account deletion grace period ends.
Family content (events, vault, messages)
While your account is active. Deleted within 30 days after grace period.
Subscription state
Required by Apple/Google for refund/dispute purposes; up to 7 years.
Compliance audit log
13 months from event, then automatically purged.
Backups
30-day rolling backups for disaster recovery; deletes propagate within 30 days.
Public school directory
Indefinite — public data not tied to you.
10. How we protect it
See /security for the full posture. The short version:
All traffic uses TLS 1.2+. We refuse insecure connections.
Database rows are partitioned by family_id with row-level security policies — no family can ever read another's data, even if a misconfigured query tries.
Storage buckets are private by default. Documents are served via short-lived signed URLs (10 minutes).
Encryption at rest is provided by our infrastructure (AES-256).
We use magic-link authentication. There is no password to leak.
Sensitive operations (vault opens, exports, deletions) are audit-logged with hashed IPs.
11. International transfers
Our primary infrastructure is in the United States. If you sign up from the EU/UK, your data may be transferred to the US. These transfers are covered by the Standard Contractual Clauses (SCCs) signed with each processor, plus the EU–US Data Privacy Framework where applicable. Email us if you need a copy of the SCCs.
12. Changes to this policy
When we update this policy, we'll bump the effective date at the top and email all active users at least 14 days before material changes take effect. Continued use after the effective date means you accept the new terms; if you don't, you can delete your account.
13. Contact & data protection
For privacy questions, data export requests, complaints, or anything else: email privacy@famcove.com (replace with real address before public launch). We respond within 30 days as required by GDPR Article 12.
UK and EU residents: you also have the right to lodge a complaint with your local supervisory authority (ICO in the UK; your country's data protection authority in the EU).
Questions?
Email privacy@famcove.com — we respond within 30 days as required by GDPR. Replace with your real contact before public launch.