Plain English summary.
To buy Kidley and use it across your devices, we need to store a small amount about you on our servers: your email, that you paid, your child's first name and age, and the protocols you've saved. That's it. We do not run advertising trackers and we do not sell your data to anyone.
1. Who we are
Kidley is operated by the Kidley team. You can reach us at privacy@kidley.app.
2. What we store on our servers
When you buy Kidley and create an account, the following sits in our database (hosted on Netlify, powered by Neon Postgres):
- Your email address — for login, account recovery, and the Stripe purchase record.
- A password hash — managed by Netlify Identity. We never see your password in plain text.
- The fact that you paid, the date, and the Stripe session ID, so we can verify access on every device.
- Your profile — parent first name, child's first name, child's age, and the goals you set in onboarding. Used to personalise the daily content and the protocol scripts.
- Your saved library — the protocols, guides, and tools you've tapped "save" on. So your library follows you from your phone to your laptop.
That's the entire schema. We don't ask for your address, phone number, payment card, or anything we don't strictly need.
3. What stays only on your device
- Notification preferences (browser-native — we don't see them).
- Cached daily content (so the app works offline and doesn't re-download).
- Your draft entries in interactive tools, until you save them.
4. What we do not collect
- No Google Analytics or any other analytics platform.
- No advertising trackers, no Facebook pixel, no Twitter pixel, no TikTok pixel.
- No session recording, heatmaps, or behavioural tracking.
- No microphone, camera, location, or contacts access.
- No payment-card details. Stripe handles your card; we only see the email and the fact that the payment succeeded.
5. Who can see your data
- You, by logging into Kidley.
- The Kidley team, in the limited cases needed to operate the service (support, billing disputes, debugging). We do not browse user data for any other reason.
- Our infrastructure providers, as a normal part of hosting:
- Netlify — hosts the site, the database, and the authentication.
- Neon — the underlying Postgres database engine inside Netlify DB.
- Stripe — processes payment. Sees your card; we never do.
We never sell, rent, or share your data with anyone else.
6. Cookies and similar
Kidley itself sets one functional cookie used by Netlify Identity to keep you logged in. We do not set or read any tracking, advertising, or analytics cookies. Netlify may set small functional cookies for security purposes.
7. Children
Kidley is built for parents to use. The account holder is always an adult. The information you choose to enter about your child (first name, age) is used only to personalise the content shown to you. We never collect data directly from children.
8. Your rights
- Access: log in and see everything we hold.
- Export: email privacy@kidley.app and we'll send you a JSON file of your data within 30 days.
- Correction: change anything via the Settings page in the app.
- Deletion: click "Delete my account" in Settings, or email us. We remove your row from the database and the Netlify Identity account within 30 days.
9. Data retention
We keep your data for as long as your account is active. If you delete your account, we delete everything within 30 days, except a minimal record (your email + the fact that a payment was made) which we keep for accounting purposes, as required by tax law.
10. Where your data lives
The database is hosted on Netlify's infrastructure (region typically United States or European Union depending on Netlify routing). Stripe operates globally with their own data-protection commitments. Both Netlify and Stripe are GDPR-compliant processors.
11. Changes to this policy
If we change anything material, we'll update the "Last updated" date at the top and surface a notice the next time you open the app.