🏡 Privacy & GDPR Compliance

1. Introduction

At FamilyNest, we are committed to protecting your privacy and ensuring full compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws. This policy explains how we collect, use, store, and safeguard your personal information when you use our platform, including our pregnancy tracker, parenting resources, community forums, and expert consultation services.

By using FamilyNest, you consent to the practices described in this policy. We encourage you to read it carefully.

2. Information We Collect

We only collect data that is necessary for our services. Information is categorized as follows:

• Account Information: Name, email, password, family structure, children’s ages/names (optional).
• Usage Data: Pages visited, features used, time spent, device/browser info, IP address.
• Content & Interactions: Posts in community forums, questions to experts, activity logs, milestone tracking entries.
• Payment Information: Processed securely by Stripe/PayPal. We do not store full card details.
• Cookies & Analytics: Session cookies, preference cookies, and anonymized analytics (see Section 9).

3. How We Use Your Information

Your data helps us deliver personalized, safe, and effective family support services:

• Provide and improve our parenting tools, trackers, and educational content
• Facilitate community interactions and expert consultations
• Send service updates, security alerts, and personalized parenting tips (with consent)
• Process payments and manage subscriptions
• Ensure platform security, prevent fraud, and comply with legal obligations
• Generate anonymized insights to improve family wellness research

4. Legal Basis for Processing

Under GDPR, we process your data based on the following lawful grounds:

• Contractual Necessity: To provide subscribed services (e.g., Family Plus/Premium plans).
• Consent: For marketing communications, cookies, and optional features.
• Legitimate Interests: Platform security, fraud prevention, and service improvement.
• Legal Obligation: Tax, financial, and regulatory compliance.

5. Data Sharing & Third Parties

We do not sell your personal data. We only share information with trusted partners necessary to operate our services:

• Payment Processors: Stripe, PayPal (PCI-DSS compliant)
• Cloud Hosting & Analytics: AWS, Google Analytics (anonymized)
• Communication Tools: SendGrid, Intercom (service delivery only)
• Legal Authorities: Only when required by law or to protect rights/safety

6. Data Retention

We retain your data only as long as necessary:

• Active Accounts: Until you delete your account or request erasure.
• Payment Records: 7 years for tax/legal compliance.
• Community Content: Until deleted by you or removed for policy violations.
• Anonymized Analytics: Retained indefinitely for service improvement.

You may request data deletion at any time via your account settings or by contacting our DPO.

7. Your Rights Under GDPR

You have full control over your data. You may:

• ✅ Access a copy of your personal data
• ✅ Rectify inaccurate or incomplete information
• ✅ Request Erasure ("Right to be Forgotten")
• ✅ Restrict Processing of your data
• ✅ Data Portability (export in CSV/JSON format)
• ✅ Object to profiling or direct marketing
• ✅ Withdraw Consent at any time (doesn’t affect prior lawful processing)

To exercise these rights, visit Settings → Privacy in your dashboard or email dpo@familynest.com. We respond within 30 days.

8. Children’s Privacy

FamilyNest is designed to support parents and guardians. We do not knowingly collect personal data from children under 16 without verifiable parental consent. If you believe a child has provided data inadvertently, please contact us immediately for prompt deletion.

Our content is educational and age-appropriate, but we encourage parental guidance for all minors using the platform.

9. Cookies & Tracking Technologies

We use essential, functional, and analytics cookies to ensure platform functionality and improve user experience. Marketing cookies are only used with explicit consent via our cookie banner.

You can manage preferences at any time via Settings → Cookie Preferences or browser settings. Disabling essential cookies may limit platform functionality.

10. Data Security

We implement industry-standard safeguards including:

• 256-bit TLS encryption for data in transit
• AES-256 encryption for data at rest
• Regular security audits & penetration testing
• Role-based access control & employee training
• Incident response protocol with 72-hour breach notification compliance

11. International Data Transfers

FamilyNest is headquartered in the UK. Data may be processed in jurisdictions outside the EEA. We ensure adequate protection via:

• EU Standard Contractual Clauses (SCCs)
• Privacy Shield successors & Data Processing Agreements
• Regular compliance reviews of overseas partners

12. Policy Updates

We may update this policy to reflect legal, technological, or operational changes. Material changes will be notified via email or in-app banner. Continued use after updates constitutes acceptance. The current date is displayed at the top of this page.

13. Contact & Data Protection Officer

For privacy inquiries, data requests, or complaints, please contact:

• 📧 Email: dpo@familynest.com
• 🌐 Web: familynest.com/contact
• 📍 Address: FamilyNest Ltd, 123 Family Way, London EC1V 9NR, United Kingdom
• 👤 Data Protection Officer: Dr. Elena Rossi (GDPR Certified)

You also have the right to lodge a complaint with your local supervisory authority or the UK Information Commissioner’s Office (ICO).