Privacy Policy

1. Who We Are

Nest ("we", "our", "the app") is a family coordination app designed to help families — especially those with neurodivergent or special needs members — organise daily routines, calendars, care updates and AI-generated daily summaries.

Contact: privacy@nestcare.me

2. What Information We Collect

Account information

• Email address (for login and communication)
• Name (display name you set)
• Optional profile details you choose to add: city, country, phone, date of birth, avatar

Family data you create in the app

• Family member profiles (including children you add)
• Daily routines, tasks and completion status
• Care updates, notes, photos, videos and voice recordings you submit
• Calendar events you sync (Apple, Google, Outlook) or enter manually

Email monitoring (optional feature)

• If you connect Gmail or Outlook, we read email subject and body text only from senders/domains you've approved
• Attachments are never sent to our servers or to AI
• You control which senders and domains are monitored — you can disconnect at any time

Device and usage

• App version, operating system, device type (for crash reports and compatibility)
• We do not track your location unless you explicitly grant the app permission

3. How We Use Your Information

• To provide the service: storing your routines, showing your calendar, generating your daily summary
• AI summaries: we send email subjects/bodies and calendar event text to Anthropic's Claude AI to generate your daily summary. Anthropic processes this data solely to return the summary on your behalf, does not retain it after processing, and does not use it to train, develop, or improve any general-purpose AI or machine-learning models. We do not use Google Workspace API data (Gmail content) to train AI/ML models either.
• Account communication: password resets, critical service updates
• Improving the app: anonymous crash reports and error logs to fix bugs

4. What We Never Do

• We do not sell your data. Ever.
• We do not share your data with advertisers.
• We do not use your family's content to train our AI models.
• We do not share your data with other families or users.
• We do not track you across other apps or websites.

5. Who Can See Your Data

Only you and the family members you invite. Each family member's access level (edit / view / none, per child) is controlled by the family manager.

Our staff can only access your data if you explicitly request technical support, and only to solve that specific issue.

6. Third-Party Services We Use

• Supabase — secure cloud database (encrypted at rest, SSL in transit)
• Anthropic Claude — AI for generating daily summaries. Anthropic does not train on your data and does not retain it after processing.
• Google & Microsoft — only when you connect Gmail/Outlook for email monitoring
• Apple TestFlight / App Store — app distribution
• Google Tag Manager & Google Analytics — used ONLY on our marketing website (nestcare.me) to measure page visits. The app itself does not include analytics. No Gmail data, email content, child profiles, or family information is ever sent to Google Analytics. You can opt out by enabling "Do Not Track" or installing the Google Analytics Opt-out Browser Add-on.

7. Children's Privacy

Nest is designed for families to manage children's routines and care, but children do not create accounts. Parents/guardians create and manage child profiles on behalf of their children.

If a child under 13 wants to use Child Mode (a simplified task view), the parent sets it up with a PIN. No personal information is collected from the child directly.

We comply with COPPA (Children's Online Privacy Protection Act).

8. Your Rights

• Access: export all your data at any time from the app
• Correct: edit any information in your profile or family settings
• Delete: permanently delete your account and all stored data directly from the app at Settings → Account → Delete Account. Deletion removes every record associated with your user account (family data, routines, email summaries, care sessions, integrations) within 30 days. You may also email privacy@nestcare.me for assisted deletion.
• Disconnect integrations: remove Gmail, Outlook or calendar connections at any time from Settings → Integrations. Disconnecting revokes the OAuth token at Google or Microsoft so the connection cannot be used to access your inbox again.

9. Data Retention

We keep your data as long as your account is active. If you delete your account, all your data is permanently deleted within 30 days.

Email content analysed for summaries is not stored long-term — only the generated summary text is retained.

10. Security

All data is encrypted in transit (HTTPS/TLS) and at rest. Passwords are hashed. We use row-level security to ensure users can only access their own family's data.

That said, no system is 100% secure. If we ever become aware of a breach affecting your data, we will notify you within 72 hours.

11. Changes to This Policy

If we make material changes, we'll notify you via email and in-app before they take effect. The date below shows when this policy was last updated.

12. Contact Us

Questions? Concerns? Email us at privacy@nestcare.me.

Last updated: 11 May 2026