Privacy Policy

Last updated: February 27, 2026

Introduction

Barnevakten ("we", "us" or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use and protect your information when you use the Barnevakten app.

Information We Collect

We collect the following information to provide the service:

  • Account information: Email address and name when you register
  • Profile information: Optional profile picture, phone number and bio
  • Family group information: Names of family groups you create or join
  • Child information: Name, date of birth and profile picture for children in your family group (visible only to group members)
  • Assignment information: Details about babysitting assignments you create
  • Messages: Direct and group chat messages you send, including reactions
  • Device information: Push token for notifications
  • Reports: If you report a user, we store report content, reason and timestamp
  • Moderation information: Status for warnings, suspensions or bans

How We Use Information

We use your information to:

  • Let you sign in and use the app
  • Show your profile to members of your family group
  • Deliver messages between group members
  • Send push notifications for assignments, messages and updates
  • Process and follow up reports of rule violations
  • Enforce our terms and keep the platform safe
  • Send important service notices and updates
  • Improve the app based on usage

Legal Basis (GDPR)

For users in Norway/EEA, we process personal data on the following legal bases:

  • Contract (GDPR Art. 6(1)(b)): To provide core app functionality such as account, groups, messages and assignments.
  • Legitimate interests (GDPR Art. 6(1)(f)): For security, abuse prevention, troubleshooting and product improvement, including aggregated usage analytics.
  • Consent (GDPR Art. 6(1)(a)): Where required, for example for personalized advertising/tracking via ATT/UMP.

Product Analytics and Activation Metrics

To understand how new users get started, we record a limited set of activation funnel events.

  • What we store: Event key (for example created group, shared invite), timestamp, app version/platform, internal user ID, and optionally internal group ID.
  • What we do not store: No message content, no free text from chats/posts, and no extra profile fields beyond existing app data.
  • Purpose: Measure onboarding quality, detect flow failures and improve product experience.
  • Access: Only authorized administrators with a business need can access overview data.

Data Used for Tracking and Advertising

The free version of Barnevakten shows ads provided by Google AdMob. In this context, the following data categories may be processed:

  • Identifiers: Device-level identifiers used for measurement and advertising.
  • Usage Data (product interaction): Events related to app usage, interactions, and onboarding/funnel steps.

For users in the EEA, consent is requested through Google UMP, and on iOS we request App Tracking Transparency (ATT) before any tracking-based personalization.

You can update your privacy choices at any time in app settings or in iOS settings.

Sharing of Information

We do not sell or share your personal data with third parties for marketing purposes.

Your information is shared only with:

  • Other group members: Name, profile image and contact info are visible to users in the same family group
  • Service providers: We use Railway for hosting, Supabase for secure image storage, Resend for email, and Apple Push Notification Service for notifications. These providers process data on our behalf under data processing agreements.

Reporting and Moderation

To keep Barnevakten safe, we process reporting and moderation information:

  • Reports you submit: Content, reason and timestamp are stored. Reports are anonymous to the reported user.
  • Reports about you: If you are reported, we store the report for review by our team.
  • Moderation status: Warnings, suspensions and bans are stored on your account with timestamp and reason.
  • Access: Only authorized administrators can view reports and process moderation cases.

Reports that are dismissed or resolved are deleted after 12 months. Suspension status is automatically removed when a suspension expires.

Storage and Security

Your data is stored securely on servers in the EU/US via Railway (database and API) and Supabase (image storage). We use encrypted communication (HTTPS/TLS) for all traffic.

Where personal data is processed outside the EEA, relevant transfer mechanisms (such as Standard Contractual Clauses) are used through our processors where required.

Retention

  • Account and app data: Stored while your account is active and deleted when you delete your account (subject to legal retention requirements).
  • Activation metrics (funnel): Stored for up to 12 months before deletion or aggregation.
  • Reports/moderation: As described in the Reporting and Moderation section.

Image Storage and Access

Images you upload (profile images, post images and chat images) are stored in a private, encrypted storage bucket with Supabase.

  • Private storage: Images are not publicly accessible and cannot be browsed or searched without authorization.
  • Time-limited links: Temporary links are generated when images are viewed in the app and expire automatically.
  • Access: Only authenticated members of the relevant family group can view images in-app.
  • Deletion: Images you uploaded are deleted when you delete your account.

Biometric Authentication

The app supports Face ID or Touch ID for faster sign-in. Biometric data is processed locally by iOS only. We never access your face or fingerprint data.

  • Local storage: Your login token is stored securely in iOS Keychain on your device
  • Biometrics: Face ID / Touch ID is only used to unlock the locally stored token
  • Optional: You can disable biometric sign-in at any time in the app

Your Rights

You may have the right to:

  • Access the information we store about you
  • Correct inaccurate data
  • Delete your account and related personal data
  • Export your data

Data Deletion

You can delete your account at any time in the app under Settings. When deleted, your personal information is removed from our systems.

Subscriptions and Payments

Barnevakten offers an optional PRO subscription to remove ads and unlock extra features.

  • Payments: All payments are processed by Apple through the App Store. We never receive your payment card details.
  • Subscription data: We store subscription status information (for example whether your subscription is active) to provide PRO features.
  • Management: You can manage or cancel subscriptions in iOS Settings - Apple ID - Subscriptions.

Advertising and Tracking Consent

The free version shows ads via Google AdMob.

  • Ad data: Google may process limited data to deliver ads.
  • Consent and tracking: In EEA regions, ad consent is handled through Google UMP, and on iOS App Tracking Transparency (ATT) is requested before any tracking-based personalization.
  • Ad-free: PRO subscription removes ads in the app.

For details, see Google Privacy Policy.

Service Communications

We may send push notifications with important information:

  • Activity notifications: New messages, assignments and group invitations
  • Moderation notifications: Warnings, suspensions or account status changes
  • Service notifications: Important app updates, new features or policy changes

You can disable push notifications in iOS Settings, but some service messages may still be shown in-app.

Children Under 13

The app is intended for adults coordinating childcare. We do not knowingly collect personal data from children under 13 as direct users of the app.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via the app or email.

Questions about privacy?

We are happy to help.

hei@barnevakten.app