Privacy Policy
Last updated: April 18, 2026
Famnly ("the App", "we", "us", "our") is a family calendar and planning application. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
1. Information We Collect
Account Information
When you create an account, we collect your name, email address, and optionally a profile image. If you sign in with Google, Apple, or Microsoft, we receive basic profile information from those providers.
Family and Calendar Data
To provide the service, we store the content you create within your family groups, including:
- Calendar events (titles, descriptions, times, locations)
- Family member profiles (names, colors, roles)
- Birthdays (name, date, optionally birth year)
- Grocery lists and items
- Tasks and task completions
- Vacation plans
- Event comments
Location Data
If you add a location to an event, we store the address and coordinates. The App also offers optional real-time location sharing within your family group. Shared locations automatically expire after 1 hour and are only visible to members of your group. Location sharing is entirely opt-in.
Device and Session Data
We collect your device platform (iOS), push notification tokens (if you enable notifications), and basic session information (IP address, user agent) for security purposes.
Subscription Data
We store your subscription status and related dates (trial start/end, subscription period). We do not store credit card numbers or payment details — all payments are processed by the Apple App Store through RevenueCat.
2. How We Use Your Information
We use your information to:
- Provide and operate the App
- Sync your calendars with Google Calendar and Microsoft Outlook
- Share events, lists, and plans with your family group members
- Send push notifications you have opted into
- Process AI-powered features (voice-to-event, meal plans, grocery sorting)
- Manage your subscription
- Maintain security and prevent abuse
3. Third-Party Services
We use the following third-party services to operate the App:
| Service | Purpose | Data Shared |
|---|---|---|
| Google (OAuth, Calendar, Places, Maps) | Sign-in, calendar sync, location autocomplete, map display | Email, calendar events, location queries |
| Microsoft (OAuth, Graph API) | Sign-in, Outlook calendar sync | Email, calendar events |
| Apple (Sign in with Apple) | Sign-in | Name, email (as configured by you) |
| RevenueCat | Subscription and purchase management | User ID, subscription status |
| Cloudflare R2 | Image storage (avatars) | Uploaded images |
| Expo | Push notifications, app updates | Push tokens, device platform |
| Google Gemini (paid API) | Voice-to-event extraction, meal plan generation, grocery list sorting | Transcribed text from your dictation, family member first names and adult/child role (for "my daughter"-style references), grocery item names, meal preferences. No audio, email, account details, photos, or other family data. |
| Supabase | Database hosting | All app data (encrypted at rest) |
Each third-party service is governed by its own privacy policy. We only share the minimum data necessary for each service to function.
4. Calendar Sync and OAuth Tokens
When you connect Google Calendar or Microsoft Outlook, we store OAuth access and refresh tokens to keep your calendars in sync. These tokens are stored securely in our database and are only used to communicate with the respective calendar APIs on your behalf. You can disconnect your calendar at any time, which revokes our access and deletes the stored tokens.
5. AI-Powered Features
Voice-to-event (Sidekick)
Sidekick lets you press and hold a microphone button to dictate a calendar event in plain language ("Dentist for Oli tomorrow at 4pm", "Tandläkare imorgon kl 16"). We have designed this flow with privacy as a default, not an afterthought:
- The raw audio recording is never sent to Famnly's servers. Speech is handed to your iPhone's built-in speech recognizer (Apple's) and is transcribed fully on-device whenever your phone supports it. On older devices that do not support on-device recognition, iOS may fall back to Apple's own cloud speech service under the device's own privacy settings — Famnly is not in that path.
- Only the resulting text is sent to our server, which forwards it to Google Gemini to extract a structured event draft (title, date, time, who it is for, optional reminder). Gemini receives text, never audio.
- To resolve references like "my daughter" or "the kids" to the right person, we include the first names and adult/child role of members in your family group with the request — nothing more. We do not send email addresses, account details, locations, photos, existing calendar events, or any data from other parts of the App.
- The microphone is only active while you are physically holding the button. iOS displays a system-level recording indicator the entire time it is in use.
- The extracted event drafts are returned to your device for you to review before they are saved. You always have the final say.
- You can deny or revoke microphone permission at any time from your device settings without losing access to the rest of the App — events can still be entered manually.
Meal plans & grocery sorting
We also use Google Gemini to generate meal plans and sort grocery lists. When you use these features, we send your grocery item names or meal preferences to the AI service. We do not send personal information, account details, or other family data.
How Google Gemini handles your data
We use Google Gemini through Google's paid API. Under Google's published terms for the paid Gemini API, requests sent through this API are not used to train Google's models and are not retained beyond what is needed to generate a response. Google publishes these terms at ai.google.dev/gemini-api/terms. We do not use AI for advertising, profiling, or any purpose other than the feature you have explicitly triggered.
6. Children's Privacy and COPPA Compliance
The App supports child accounts that are created and managed by a parent or guardian. Child accounts have limited capabilities and are linked to a parent's family group through a join code. By creating a join code and sharing it with a child, the parent or guardian provides verifiable parental consent for the child's use of the App.
In compliance with the U.S. Children's Online Privacy Protection Act (COPPA) and similar international regulations, we do not knowingly collect personal information from children under 13 (or under 16 in the EU/EEA) without verifiable parental consent. Child accounts do not require an email address and are not identified in our analytics systems.
Data collected for child accounts is limited to: a display name chosen by the parent, and any calendar events, tasks, or lists the child interacts with within their family group. This data is visible only to members of the same family group and is deleted when the parent removes the child from the group or deletes the family.
Parents can review, modify, or delete their child's data at any time through the App's settings. If you believe a child has created an account without parental authorization, please contact us at hello@famnly.com and we will promptly delete the account and any associated data.
7. Data Sharing Within Family Groups
The App is designed for families to share information with each other. When you join a family group, other members of that group can see your calendar events, shared lists, tasks, vacation plans, and (if enabled) your location. Only members of your group can see your shared data.
8. Data Retention and Deletion
We retain your data for as long as your account is active. You can delete your account at any time from the App's settings. When you delete your account:
- Your personal data (profile, email, sessions) is permanently deleted
- Your uploaded images (avatars) are removed from our storage
- Any groups you created are deleted along with all their content
- Your memberships in other groups are removed
- Connected third-party services (Google Calendar, Outlook) are disconnected and tokens are deleted
This action is permanent and cannot be undone.
9. Data Security
We use industry-standard security measures to protect your data, including encrypted database connections, secure OAuth token storage, HTTPS for all communications, and rate limiting on sensitive endpoints. However, no method of transmission or storage is 100% secure.
10. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and associated data
- Export your data in a portable format
- Withdraw consent for optional features like location sharing and push notifications
- Disconnect third-party services (Google Calendar, Outlook) at any time
To exercise any of these rights, contact us at hello@famnly.com.
11. Cookies and Tracking
The App does not use advertising cookies or third-party tracking. We use session cookies solely for authentication. We do not sell your data to third parties.
12. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the App or by email. The "last updated" date at the top of this page reflects the most recent revision.
13. Contact
If you have questions about this Privacy Policy or your data, contact us at hello@famnly.com.
