Privacy Policy

1. Information We Collect

1.1 Information You Provide

We collect information you voluntarily provide when using Family Flow:

• Account information: name, email address, and password
• Authentication data from Google Sign-In or Apple Sign-In (name, email, account identifier)
• Family profile information: family member names, roles, birthdays, and preferences
• Calendar data: events, schedules, appointments, locations, and reminders
• Chore and task information: assignments, completion status, and rewards
• Medical information: allergies, medications, medical notes, doctor contact information, and emergency contacts (Caregiver Portal feature)
• Household information: house rules, WiFi network name and password, bedtime routines, and meal notes (Caregiver Portal feature)
• Voice input: spoken text when using voice commands to create events (processed by AI, see Section 3)
• Wellness data: self-reported check-in ratings, quick notes, and digital wellness preferences
• Communication preferences and notification settings
• Payment information (processed securely by Stripe on web, or Apple App Store / Google Play on mobile via RevenueCat)

1.2 Information Collected Automatically

When you access Family Flow, we automatically collect:

• Device information: browser type, operating system, device identifiers
• Push notification tokens: device tokens used to deliver push notifications via OneSignal
• Location data: approximate device location used solely to display weather in your morning brief (not stored)
• Usage data: features accessed, time spent, interaction patterns
• Log data: IP address, access times, pages viewed
• Error and crash data: anonymized error reports sent to Sentry for debugging
• Cookies and similar tracking technologies (see our Cookie Policy)

1.3 Information from Third-Party Services

When you connect external services or use third-party login, we receive:

• Google Sign-In: name, email address, and account identifier
• Apple Sign-In: name (if provided), email address (or Apple relay address), and account identifier
• Google Calendar: event data, calendar names, time zones, and sharing settings
• Apple Calendar: event data, calendar names, and calendar information via the device's native calendar

We only access calendar data necessary to provide synchronization features. We handle Apple's "Hide My Email" relay addresses and do not attempt to discover the user's real email. See Section 9 for detailed information about our Google Calendar integration.

2. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve Family Flow services
• Process transactions and send related information
• Send notifications, updates, and administrative messages
• Provide smart features including intelligent scheduling and wellness insights
• Analyze usage patterns to improve user experience
• Detect, prevent, and address technical issues or fraud
• Comply with legal obligations

3. Smart Features

Family Flow uses intelligent technology to provide enhanced features:

• Natural language processing for event creation from text and voice input
• Voice commands: spoken text is transcribed on-device and sent to AI for parsing
• Pattern recognition to learn your family's routines
• Smart suggestions for conflict prevention and optimization

AI processing is performed by Anthropic (Claude Haiku for event parsing and voice input) and OpenAI (GPT-4o-mini for context-aware suggestions) under strict data processing agreements. Your data is not used to train AI models. No personal identifiers are sent to AI providers — only event text, voice transcripts, timezone, and scheduling context. The app requests your explicit consent before sending any data to AI services.

3.1 Family Wellness Score

Family Flow calculates a Family Wellness Score based on the following data, all of which stays within your family account:

• Schedule balance and density (derived from your calendar events)
• Chore completion rates and consistency
• Family time together (shared events and activities)
• Optional self-reported check-in ratings (1-5 scale per wellness domain)
• Optional digital wellness preferences (screen time awareness, device-free zones)

Wellness data is never shared with third parties, is never used for advertising, and is only visible to members of your family. You can opt out of wellness tracking at any time in Settings. Wellness data is deleted when you delete your account.

3.2 Caregiver Portal

Family Flow includes a Caregiver Portal feature that allows family admins to generate time-limited shareable links for babysitters, grandparents, or other caregivers. When you create a portal link:

• The link provides read-only access to family information you choose to share
• Visible data may include: today's schedule, family member names and ages, allergies, medications, emergency contacts, house rules, WiFi password, bedtime notes, and meal notes
• Portal links expire after 30 days by default and can be revoked instantly
• Caregivers do not need to create an account or download the app — the portal opens in any web browser
• Portal pages are not indexed by search engines (noindex, nofollow)
• You are responsible for sharing portal links only with trusted individuals

WiFi passwords stored in the Caregiver Portal are stored as provided and visible to anyone with the portal link. We recommend changing your WiFi password if you revoke a portal link shared with someone you no longer trust.

4. Information Sharing

We do not sell, trade, or rent your personal information to third parties.

We may share information with:

• Service providers who assist in operating our platform (see Section 10 for full list)
• Calendar services you choose to connect (Google, Apple)
• Law enforcement when required by law or to protect rights and safety
• Business successors in the event of a merger, acquisition, or sale

All service providers are bound by data processing agreements and confidentiality obligations.

5. Data Security

We implement industry-standard security measures including:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication and access controls
• Regular security assessments and monitoring
• Employee access restrictions and training

While we strive to protect your information, no method of transmission over the Internet is 100% secure.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services.

• Account data: Retained until account deletion
• Transaction records: Retained for 90 days after account deletion for legal and accounting purposes
• Usage logs: Retained for up to 12 months

Upon account deletion, all personal data is permanently removed from our systems immediately, except for transaction records retained for the period specified above.

7. Your Rights and Choices

You have the right to:

• Access your personal information
• Correct inaccurate or incomplete data
• Delete your account and associated data
• Export your data in a portable format
• Opt-out of marketing communications
• Disconnect third-party calendar integrations at any time

To exercise these rights, visit your account settings or contact us at privacy@familyflowai.com.

8. Children's Privacy

Family Flow is designed for family use, including features for children. However:

• Children under 13 do not create their own accounts
• Children access Family Flow through parent-controlled family accounts
• Parents manage all data associated with their children's profiles
• We do not knowingly collect personal information directly from children under 13

Parents can review, modify, or delete their children's information through their account settings.

9. Google Calendar Integration and Google API Services

Family Flow integrates with Google Calendar to provide bi-directional calendar synchronization. This section describes how we handle data obtained through Google APIs in compliance with Google's API Services User Data Policy.

9.1 Data We Access

When you connect your Google Calendar to Family Flow, we request access to the following scopes:

• https://www.googleapis.com/auth/calendar - To read and write calendar events and access calendar metadata
• https://www.googleapis.com/auth/calendar.events - To manage calendar events for synchronization

9.2 How We Use Google Calendar Data

We use Google Calendar data solely to:

• Import your existing Google Calendar events into Family Flow
• Create events in your Google Calendar when you add events in Family Flow
• Keep your calendars synchronized when changes are made in either platform
• Display a unified view of your family's schedule

9.3 Google API Services User Data Policy Compliance (Limited Use Disclosure)

Family Flow's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• We only use Google Calendar data to provide and improve the calendar synchronization features you have requested
• We do not use Google Calendar data for advertising purposes
• We do not sell Google Calendar data to third parties
• We do not use Google Calendar data to determine creditworthiness or for lending purposes
• We do not transfer Google Calendar data to third parties except: (a) as necessary to provide and improve our services (e.g., secure cloud hosting), (b) with your explicit consent, (c) as required by law, or (d) for security purposes
• Humans do not read your Google Calendar data except: (a) with your explicit consent, (b) as necessary for security purposes (investigating abuse or security incidents), or (c) to comply with applicable law

9.4 Revoking Google Calendar Access

You can disconnect Google Calendar from Family Flow at any time by:

• Going to Settings → Integrations within Family Flow and clicking "Disconnect"
• Visiting your Google Account permissions at https://myaccount.google.com/permissions and removing Family Flow's access

When you disconnect, we will immediately revoke our access to your Google Calendar by calling Google's token revocation endpoint, delete your stored Google OAuth tokens, and stop accessing your Google Calendar data. Previously synchronized events will remain in Family Flow unless you delete them.

10. Third-Party Data Processors

We share data with the following service providers under data processing agreements (DPAs) that require them to protect your data and use it only as instructed by us:

All processors are bound by contractual obligations to protect your data. For GDPR purposes, these transfers are covered under Standard Contractual Clauses (SCCs) where applicable.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by:

• Posting the new policy on our website
• Sending an email notification
• Displaying a notice within the application

Your continued use of Family Flow after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, please contact us: