Privacy Policy and Data Protection Notice
Introduction
This Privacy Policy has been prepared by Rojhat Eşin ("Data Controller"), the developer of the Parentigo mobile application ("App"). It explains how we collect, use, store, and protect your personal data in compliance with:
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- Children’s Online Privacy Protection Act (COPPA)
- Turkish Personal Data Protection Law (KVKK)
- Other applicable international data protection laws
By using Parentigo, you acknowledge and consent to the practices described in this Privacy Policy.
Data Controller
Name: Rojhat Eşin
Email: support@parentigo.app
User Scope
- Parentigo is intended for adults (18+) who act as legal guardians of children.
- COPPA Compliance: The App is designed for parental use only. Children do not directly use the App. Parents/guardians provide their child’s information and consent to its processing.
Processed Data Categories
We may process the following categories of personal data:
1. Authentication & Account Data
- Email address (required)
- Password (encrypted)
- Phone number (optional)
- Authentication tokens and session data
- SSO/OAuth identity data (if using Apple/Google login)
- Account timestamps (creation, last login)
2. Parent Profile Information
- Full name
- Profile photo/avatar (optional)
- Language and timezone preferences
- Notification and theme settings
- Subscription status
3. Child Profile Data
- Name, date of birth, gender
- Birth measurements (weight, height, head circumference)
- Child’s photo/avatar (optional)
4. Activity and Health Tracking Data
- Sleep sessions and duration
- Feeding sessions (breast/bottle/formula)
- Diaper change details
- Growth and vaccination records
- Developmental milestones
5. AI Chat Data
- Conversation history with AI Assistant
- Message content, including child context data (e.g., age, gender)
- Timestamp of interactions
6. Technical & Analytics Data
- Device information
- App version
- Crash reports and error logs
- Usage patterns and navigation events
Data Processing Purposes
We process data for the following purposes:
- To provide and improve core services (tracking, reminders, analytics)
- To personalize user experience
- To support AI Assistant responses
- To manage authentication, subscriptions, and notifications
- To comply with legal obligations
- To ensure security and prevent misuse
Legal bases (GDPR Art. 6): Consent, Contract necessity, Legal obligation, Legitimate interest.
Third-Party Service Providers
We may share data with trusted third parties strictly for service delivery:
- Google Gemini AI / OpenAI: For AI-powered chat features (conversations may be transmitted for processing).
- Supabase: For secure data storage and management. Data is encrypted at rest and protected with Row Level Security.
- RevenueCat: For managing subscription status and payments. We do not store credit card details.
- Apple / Google: For authentication and in-app purchase processing.
Your data is never sold to advertisers.
Data Security
We implement industry-standard safeguards including:
- Encryption at rest and in transit (SSL/TLS)
- Access control and authentication
- Row Level Security (RLS) for database access
No system is 100% secure. While we take reasonable measures, we cannot guarantee absolute security.
Data Retention
- Account data: retained while your account is active
- Child data: retained until account deletion
- Technical logs: retained for a limited period for troubleshooting
- Upon account deletion, personal data is permanently erased unless retention is required by law (e.g., billing records)
User Rights
Depending on your jurisdiction, you may have the following rights:
- GDPR / KVKK (EU/Turkey): Access, correction, deletion, portability, objection, withdrawal of consent
- CCPA (California): Right to know, delete, opt-out of sale (we do not sell data), non-discrimination
- COPPA (US): Children under 13 cannot directly use the App; guardians provide and control all child data
You may exercise these rights by contacting: support@parentigo.app
International Transfers
Data may be transferred internationally to our service providers (Google, OpenAI, Supabase, RevenueCat). Safeguards such as Standard Contractual Clauses (SCCs) and equivalent measures are applied for GDPR compliance.
Medical Disclaimer
⚠️ Parentigo is not a medical device. The App and AI Assistant do not provide medical advice, diagnosis, or treatment. All outputs are for informational purposes only. Always consult a qualified healthcare professional for medical concerns.
Data Breach Notification
In the event of a data breach:
- We will notify relevant authorities within legally required timelines (e.g., 72 hours under GDPR).
- We will notify affected users via email with details and recommendations.