Privacy Policy
Last updated: March 28, 2026 ยท Effective: March 28, 2026
๐
Privacy isn't a feature. It's the foundation.
No raw data leaves your child's iPhone. Everything is scrubbed, de-identified, or summarized on-device before anything is transmitted. We never see your child's messages. Ever.
๐ฑ
On-device processingAll activity is parsed on your child's iPhone. Raw data never moves.๐
De-identified onlyOnly anonymized metadata leaves the device. Never word-for-word content.๐ค
Transparent consentYour child knows the app is installed. No covert surveillance.๐ซ
Never soldWe do not sell data. To anyone. Ever.
1. Who We Are
MyKidsDay ("we," "us," or "our") is operated by My Kids Day LLC, based in Prosper, TX. We provide parents with AI-generated daily summaries of their child's iPhone activity to support informed, calmer parenting.
Contact us: privacy@mykidsday.ai
2. How Our Technology Works โ The Privacy Architecture
Everything is processed on your child's iPhone. MyKidsDay uses Apple's official Family Controls framework to read activity data locally on-device. The app parses this data into de-identified metadata โ no raw messages, no exact search terms, no word-for-word content. Only that anonymized summary is ever transmitted off the device.
Here's exactly what happens:
- Step 1 โ On-device reading: The app reads activity (messages, app usage, screen time, web activity) directly on your child's iPhone using Apple's sanctioned APIs.
- Step 2 โ On-device parsing: The app converts raw activity into de-identified metadata. For example: "47 messages sent, 3 conversations flagged as emotionally significant, 1 unknown contact" โ never the actual message text.
- Step 3 โ Metadata transmission: Only the anonymized metadata summary is sent to our servers over encrypted HTTPS.
- Step 4 โ AI summary generation: We pass the metadata to Claude (Anthropic's AI) to produce a readable, warm parent summary. Claude sees only de-identified metadata โ never your child's actual messages.
- Step 5 โ Email delivery: You receive your daily summary email at the time you choose.
We do not store iCloud credentials. We do not access iCloud backups. We do not transmit raw message content. The architecture is built so that even if our servers were compromised, your child's messages would not be exposed โ because we never have them.
3. Information We Collect
Parent Account Information
- Name and email address
- Password (hashed using bcrypt โ never stored in plain text)
- Billing information (processed by Stripe โ we never see or store card numbers)
- Preferred summary delivery time and timezone
De-identified Child Activity Metadata (transmitted from child's device)
- App usage duration by category (e.g., "social media: 2hr 10min") โ not specific content
- Screen time totals and patterns
- Message volume and tone signals (e.g., "emotionally flagged conversation detected") โ not message text
- Web activity categories (e.g., "educational content, social media, gaming") โ not exact URLs or searches
- Contact interaction patterns (e.g., "new unknown contact") โ not contact names or numbers
We do not collect or store: raw message content, exact search queries, contact names or phone numbers, photos or videos, location data, iCloud credentials, or any other sensitive personal data from your child's device.
4. How We Use Information
- To generate daily AI-powered summaries for parents
- To surface parenting nudges โ suggested actions based on patterns
- To send summary emails via Resend
- To process payments via Stripe
- To improve our summarization quality (using aggregated, anonymized data only โ never individual child data)
- To provide customer support
We do not use child activity data for advertising. We do not sell data to third parties. Ever.
5. COPPA โ Children Under 13
MyKidsDay is designed for use by parents to monitor their minor children. We do not knowingly collect personal information directly from children. All data collection is parent-authorized and parent-controlled via Apple's Family Sharing consent framework. Parents may review, export, or delete their child's data at any time by contacting privacy@mykidsday.ai.
In compliance with COPPA:
- Parents provide verifiable consent by creating an account and enrolling their child's device via Apple Family Sharing
- Children are aware the app is installed โ no covert monitoring
- Parents may request deletion of all data at any time
- We retain de-identified activity metadata for a maximum of 90 days, after which it is automatically deleted
6. Data Retention
- De-identified activity metadata: retained for 90 days, then automatically deleted
- Daily summary emails (your copy): retained for 12 months
- Parent account information: retained until account deletion
- Billing records: retained as required by law (typically 7 years)
7. Data Security
- All data transmitted over HTTPS/TLS encryption
- Passwords hashed with bcrypt (cost factor 12)
- Database access restricted to application server only
- JWT authentication with cryptographically secure secrets
- Rate limiting on all authentication endpoints
- Regular security audits planned quarterly
8. Third-Party Services
- Apple Family Controls โ on-device monitoring framework. All data stays on-device; Apple's privacy protections apply.
- Anthropic Claude โ AI summary generation. Receives only de-identified metadata. Anthropic does not use API inputs to train models by default. (privacy policy)
- Stripe โ payment processing. We never see card numbers. (privacy policy)
- Resend โ transactional email delivery. (privacy policy)
- DigitalOcean โ cloud infrastructure in the United States. (privacy policy)
9. Your Rights
You have the right to:
- Access all data we hold about you and your child
- Correct inaccurate information
- Delete your account and all associated data
- Export your data in a portable format
- Withdraw consent and stop monitoring at any time
- Lodge a complaint with a supervisory authority
To exercise any of these rights, email privacy@mykidsday.ai. We respond within 5 business days.
10. Cookies
We use only essential session tokens required for authentication. We do not use tracking cookies, analytics cookies, or advertising cookies.
11. Changes to This Policy
We will notify registered users by email of any material changes at least 30 days before they take effect. Continued use after changes take effect constitutes acceptance of the updated policy.
12. Contact
Questions about this privacy policy or your data:
๐ง privacy@mykidsday.ai
๐ mykidsday.ai
My Kids Day LLC ยท 4341 Mueller Lane ยท Prosper, TX 75078