← Back to home

Privacy Policy

What we collect, why we collect it, and the rights you have over your data.

Last updated · April 21, 2026

01Who we are

This Privacy Policy explains how Baby App PRO ("we", "us") collects, uses, and protects personal data when you use our iOS app and related services (the "Service").

We are the data controller for the personal data described in this policy. You can contact us at hello@babyapp.pro.

Baby App PRO is built privacy-first. We do not run ads, we do not sell data, and we do not embed third-party analytics or tracking SDKs. The entire business model is you paying for the app.

02Data we collect

We only collect data that is necessary to run the Service. Concretely, that is:

Account data

  • A Sign in with Apple identifier, if you choose to sign in. Apple provides us a stable, relay-style email address by default.
  • A pseudonymous device identifier for anonymous accounts that do not sign in.
  • Authentication tokens (stored in iOS Keychain on your device; only short-lived refresh tokens reach our servers).

Baby and event data (provided by you)

  • A name or nickname, date of birth, and sex (optional) for each baby profile you create.
  • Events you log: sleeps, feedings, diapers, activities, medications, symptoms, weight and height measurements, and similar entries.
  • Notes or comments you choose to attach to events.

Household data

  • The email or identifier of co-parents or caregivers you invite to your household, so we can deliver the invitation and sync data.

Device and diagnostic data

  • App version, iOS version, device model (coarse), and anonymised crash diagnostics.
  • Request metadata (hashed IP address, timestamp) for rate-limiting and abuse detection.

We do not collect precise location, contacts, microphone audio, photos, or any health data from Apple Health.

03How we use your data and our legal basis

Under the GDPR, we need a legal basis to process your personal data. We rely on the following bases:

  • Performance of a contract (Art. 6(1)(b) GDPR) — to provide the core Service: storing your logs, running sleep predictions, syncing with caregivers, and managing your subscription.
  • Legitimate interest (Art. 6(1)(f) GDPR) — to keep the Service secure, prevent abuse, debug crashes, and communicate service-critical messages. We balance these interests against your rights.
  • Legal obligation (Art. 6(1)(c) GDPR) — to respond to lawful requests and to keep required records (for example, tax records related to subscription payments).
  • Consent (Art. 6(1)(a) GDPR) — for anything that requires your explicit opt-in (for example, push notifications at the OS level).

We do not use your data for targeted advertising, profiling for marketing, or automated decisions with legal effect.

04Third parties and subprocessors

We use a small number of service providers that process personal data on our behalf, under a data-processing agreement:

  • Apple Inc. — Sign in with Apple, App Store / StoreKit billing, APNs push delivery. Apple's Privacy Policy applies to data Apple processes.
  • DigitalOcean, LLC. — cloud hosting for our backend servers and database, in the European Union region.

We do not share personal data with advertisers, data brokers, or social networks.

05How long we keep your data

  • Account and baby/event data — kept while your account is active. After account deletion, we erase it within 72 hours.
  • Backups — encrypted backups are purged on a 30-day rolling schedule, after which deleted data is gone from them too.
  • Diagnostic and sync logs — auto-purged after 30 days.
  • Billing records — we keep the minimum records required by tax law (typically 10 years in the EU).

06Your rights

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the GDPR:

  • Access — request a copy of your personal data (Art. 15).
  • Rectification — correct inaccurate data (Art. 16).
  • Erasure — delete your data (Art. 17). You can trigger this directly from the app.
  • Portability — receive your data in a structured, machine-readable format (Art. 20). The app exports your full history as JSON.
  • Restriction and objection — limit or object to certain processing (Art. 18, 21).
  • Withdraw consent — where processing is based on consent, you can withdraw it at any time without affecting prior processing.
  • Lodge a complaint — with your local data-protection authority. In Romania, this is ANSPDCP.

To exercise any of these rights, email hello@babyapp.pro. We will respond within 30 days (and usually much sooner).

07International data transfers

Our servers and database are hosted in the European Union. Some of our subprocessors (for example, Apple) may transfer data to the United States. Where that happens, transfers rely on appropriate safeguards, typically the European Commission's Standard Contractual Clauses and, for Apple, the EU–US Data Privacy Framework.

08Security

We protect your data using industry-standard measures: HTTPS in transit, encrypted backups at rest, short-lived JWTs, strict role-based access for our team, and minimum necessary data retention. Events created in the app live on your device first; sync is scoped to the caregivers in your household.

No system is perfectly secure. If we ever become aware of a personal-data breach that is likely to affect your rights, we will notify you and the relevant supervisory authority within the timeframes required by law.

09Children and babies

The Service is designed for adults (parents and caregivers) to log information about an infant in their care. The account holder is the data subject we primarily deal with. Information about a baby (name, date of birth, events) is provided by the parent or caregiver and we treat it as personal data handled under the account holder's control.

You must be at least 18 years old to use the Service. If you believe a child under 18 has created an account, contact us at hello@babyapp.pro and we will delete it.

10Cookies and the website

This website (babyapp.pro) does not set any cookies and does not use any analytics. We do not track your visit. The only HTTP requests the site makes are for the page itself and the site icon.

11Changes to this policy

We may update this Privacy Policy from time to time. If we make a material change, we will notify you in the app and, where applicable, by email at least 14 days before the change takes effect. Non-material changes (for example, clarifications) may take effect immediately.

12Contact

Questions, requests, or concerns about this policy or your data? Email hello@babyapp.pro.