Storklet Logo

Privacy Policy

Last Updated: April 24, 2025

1. Introduction

Welcome to Storklet ("Service," "App," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, protect, and otherwise process your personal data when you use the Storklet mobile application and the associated website (storklet.com).

We understand that you entrust us with sensitive information, particularly data related to children. We are committed to protecting your privacy and handling your data transparently and securely in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

This Privacy Policy should be read in conjunction with our Terms and Conditions. By accessing or using Storklet, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal data as described in this Privacy Policy and our Terms and Conditions.

2. Data Controller

The entity responsible for the processing of your personal data (the Data Controller) under applicable data protection laws is:

[Your Company Name/Your Full Name] (Note: This will be updated upon formal company registration)
[Legal Address] (Note: Please insert your official registered address once available)
Finland

If you have any questions about this Privacy Policy or our data protection practices, please contact us at: info@storklet.com.

3. Information We Collect

We collect different types of information to provide and improve our Service to you. This includes:

3.1. Information You Provide Directly

  • Account Information: When you register for an account, we collect your first name, last name, and email address. You may optionally provide a profile photo.
  • Child Profile Information (Sensitive Data): The core function of Storklet involves you inputting data about the child(ren) under your care. This includes, but is not limited to:
    • Child's name, date of birth, gender (optional).
    • Photos and videos of the child.
    • Daily activity logs: Feeding details (type, amount, duration), sleep times and duration, diaper changes (type, notes), tummy time logs.
    • Health and Development Data: Measurements (weight, height, head circumference), milestones achieved (dates, notes), allergy information, health records (e.g., vaccination dates, doctor visits, medication notes).
    By providing this information, you represent and warrant that you have the necessary legal authority or explicit consent from the child's legal guardian to do so (as detailed in our Terms and Conditions).
  • Communications: If you contact us directly (e.g., via email for support), we will collect your name, email address, and the content of your message, including any attachments.

3.2. Information Collected Automatically (Usage and Technical Data)

When you use our Service (both the app and website), we may collect certain information automatically to operate, maintain, and improve the Service:

  • Usage Data: We collect anonymized information about how you interact with the Service, such as features accessed, buttons clicked, time spent on pages/screens, and general usage patterns. This data is used for service improvement and analytics.
  • Device and Connection Information: We collect information about the device you use to access the Service, such as device model, operating system version, browser type, and unique device identifiers (where applicable and anonymized if possible).
  • Crash Reports and Performance Data: If the app crashes or encounters errors, we may collect diagnostic information (anonymized where possible) to help us identify and fix problems. This includes logs and performance metrics.
  • IP Address: We collect your IP address for security purposes (e.g., preventing abuse, diagnosing connection issues) and potentially for coarse location information (e.g., country level for analytics).

Important Note on Usage Data: This automatically collected data is used for technical operation, security, and improving the functionality and usability of Storklet itself. As stated in our Terms and Conditions (Section 5.2), we **do not** use the specific Content you upload about your child (like photos, health notes, specific feeding times) for our own service improvement, analytics, advertising, or sale.

3.3. Information Related to Payments

  • Subscription Information: If you subscribe to our paid tier, we receive confirmation of your subscription status and term from the relevant third-party payment processor (Apple App Store, Google Play Store, or Stripe).
  • Payment Details: We do **not** directly collect or store your full credit card number or detailed payment information. Payments are processed securely by third-party payment processors (Apple, Google, Stripe). They may collect payment information directly from you according to their own privacy policies.

4. How We Use Your Information

We use the information we collect for various purposes:

  • To Provide and Maintain the Service: To operate the app and website, create and manage your account, store and display your Content (including Child Profile data) back to you and users you authorize, process subscriptions, and provide core functionality.
  • To Enable Sharing Features: To allow you to grant access to Child Profiles to other users you invite, and to facilitate the public sharing feature if you choose to use it, according to the permissions and instructions you set.
  • To Improve the Service: To understand how users interact with Storklet (using anonymized Usage and Technical Data), identify bugs, diagnose problems, develop new features, and enhance usability and performance.
  • To Communicate With You: To respond to your inquiries, provide customer support, send important service-related notices (e.g., updates to Terms or Privacy Policy, security alerts, subscription information), and administrative messages.
  • To Ensure Security and Prevent Fraud: To monitor for suspicious activity, protect against unauthorized access, enforce our Terms and Conditions, and protect the rights, property, or safety of Storklet, our users, or the public.
  • To Comply with Legal Obligations: To comply with applicable laws, regulations, legal processes, or governmental requests.

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), UK, or Switzerland, our legal basis for collecting and using the personal data described above depends on the specific context:

  • Performance of a Contract: We process your Account Information, Child Profile Information (as directed by you), and Payment Information to provide the Storklet service you have requested and to fulfill our obligations under our Terms and Conditions.
  • Explicit Consent: The processing of sensitive Child Profile Information (health data, photos, etc.) is based on your explicit consent, which you provide by choosing to input this data into the Service after agreeing to these terms and representing you have the authority to do so. You can withdraw this consent by deleting the data or your account, though this won't affect prior processing.
  • Legitimate Interests: We process Usage and Technical Data (including IP addresses for security) based on our legitimate interests in operating, maintaining, securing, and improving our Service, provided these interests are not overridden by your data protection rights. We also rely on legitimate interests to respond to your communications.
  • Legal Obligation: We may process your data where necessary to comply with a legal obligation to which we are subject.

6. Data Sharing and Disclosure

We do not sell your personal data or the sensitive Child Profile Information you provide.

We may share your information only in the following circumstances:

  • With Other Users You Authorize: If you use the sharing features to grant access to a Child Profile to other registered users (e.g., co-parent, caregiver), they will be able to access the information within that profile according to the permissions you set.
  • With the Public (If You Choose): If you use the feature to generate a public URL for specific Content, that selected Content will be accessible to anyone who has the link, outside of our control. This sharing is initiated solely by you.
  • With Service Providers: We engage trusted third-party companies and individuals to perform services on our behalf (e.g., payment processing, hosting, database management, email delivery, analytics, crash reporting). These providers only have access to the personal data necessary to perform their tasks, are obligated not to disclose or use it for other purposes, and are required to comply with data protection standards (including GDPR where applicable). Our key service providers include:
    • Payment Processors: Apple (App Store In-App Purchases), Google (Play Store In-App Purchases), Stripe (for potential web subscriptions).
    • Hosting & Database Provider: Currently private servers owned by the app owner, potentially moving to [Name of Hosting Provider - e.g., UpCloud/Hetzner] (Servers located within the European Economic Area).
    • Email Provider: Mailbox.org (Servers located within the European Economic Area).
    • Analytics & Crash Reporting: [Name of Analytics/Crash Reporting Service - TBD] (Anonymized usage data is sent; this provider is selected based on guarantees of GDPR/CCPA/PECR compliance).
  • For Legal Reasons: We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: If Storklet is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be transferred as part of that transaction, subject to standard confidentiality arrangements.

7. Data Storage and Security

We take the security of your data very seriously. We implement appropriate technical and organizational measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

  • Data Location: Your data, including sensitive Child Profile Information, is stored on servers located within the European Economic Area (primarily Finland or Germany, depending on the hosting provider chosen).
  • Encryption: Data is stored in encrypted databases. Communication between the app/website and our servers is protected using Transport Layer Security (TLS/SSL).
  • Access Control: Access to personal data is restricted to authorized personnel who need access to perform their job functions.

However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account and Child Profile Data: We retain your account information and the Content you provide (including Child Profile data) for as long as your account remains active or as needed to provide you with the Service.
  • Deletion Requests: If you request deletion of your account by contacting us at account@storklet.com (or using an in-app deletion feature if available), we will initiate the deletion process. Your data will typically be deleted from our live systems within 30 days of receiving a verifiable request.
  • Backups: Deleted data may remain in our secure backup archives for up to 90 days after deletion from live systems before being permanently removed. We will not use this backup data for any purpose other than disaster recovery.
  • Anonymized Usage Data: We may retain anonymized or aggregated usage data for analytical purposes for a longer period, as it does not identify you personally.

9. International Data Transfers

Your information, including personal data, is primarily processed and stored within the European Economic Area (EEA). If we engage service providers located outside the EEA, we will ensure that the transfer of your personal data is carried out in accordance with applicable data protection laws, relying on mechanisms such as Adequacy Decisions by the European Commission, Standard Contractual Clauses (SCCs), or other appropriate safeguards.

10. Your Data Protection Rights (GDPR)

If you are located in the EEA, UK, or Switzerland, you have certain rights regarding your personal data:

  • Right to Access: You have the right to request copies of your personal data.
  • Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure ('Right to be Forgotten'): You have the right to request that we erase your personal data, under certain conditions.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to Object to Processing: You have the right to object to our processing of your personal data based on legitimate interests, under certain conditions.
  • Right to Data Portability: You have the right to request that we transfer the data that we have collected directly from you to another organization, or directly to you, under certain conditions, in a structured, commonly used, machine-readable format.
  • Right to Withdraw Consent: Where we rely on your consent to process personal data (particularly sensitive child data), you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us at account@storklet.com. We will respond to your request in accordance with applicable law.

You also have the right to lodge a complaint with a data protection supervisory authority. The relevant authority in Finland is the Office of the Data Protection Ombudsman (Tietosuojavaltuutetun toimisto).

11. Children's Privacy

Storklet is intended for use by parents, legal guardians, and authorized caretakers who are adults (typically 18 years or older, and at least 16 years of age or the age of digital consent in your jurisdiction). We do not knowingly collect personal data *directly* from children under the age of 16.

The Service is designed to collect and manage information *about* children, as provided *by* authorized adult users. As stated in our Terms and Conditions, you must have the legal authority (as a parent or legal guardian) or explicit, verifiable consent from the parent or legal guardian to input, manage, and share any child's data using Storklet. You are responsible for ensuring you have these rights before using the Service for any child.

If we become aware that we have inadvertently collected personal data directly from a child under 16 without verified parental consent, we will take steps to delete that information as quickly as possible.

12. Cookies and Tracking Technologies (Website)

Our website (storklet.com) uses cookies strictly necessary for its functioning. Cookies are small text files stored on your device.

  • Essential Cookies: We use cookies solely for purposes like maintaining your login session (authentication) while you are browsing the logged-in sections of our website. These are essential for you to use the service securely and effectively.

We do not use cookies for advertising, tracking across third-party websites, or non-essential analytics on the website itself at this time. Because we only use strictly necessary cookies, we do not require a separate cookie consent banner for these specific cookies under current regulations.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. For material changes, we may provide more prominent notice (such as through an in-app notification or by email).

We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact the Data Controller:

[Your Company Name/Your Full Name]
Attn: Privacy Officer
info@storklet.com

ennllt-ltpt-br