Privacy
Famlysync is a household organizer for small families. This notice explains what personal data we process, why, on what legal basis, who we share it with, how long we keep it, and the rights you have under the EU/UK General Data Protection Regulation (GDPR). We store only the data you choose to enter and the minimum needed to run the service. There is no ad network.
Data controller
The data controller is Famlysync, operated by [LEGAL ENTITY — pending registration]. You can reach us about anything in this notice, including to exercise your rights, at famlysync@outlook.com.
What we collect
- Account data — your email address, display name, avatar colour and emoji, subscription tier, account status (including whether the account has been suspended), and sign-in timestamps.
- Household and relational data — the names of the households you create or join, your membership and role in each, and the fact of who else belongs to your households.
- Content you create — events (including titles, locations, and notes), tasks, lists, and shopping items. This content may include personal details about other members of your household, including children, that you choose to enter.
- Invitation records — the email addresses of people you invite to a household.
- Google Calendar integration data (optional) — only if you connect a Google account: your Google account email, the read-only calendar events you choose to import, and the OAuth tokens needed to fetch them. See the Google section below for full detail.
- Calendar-feed tokens — if you enable the calendar (ICS) feed, the secret token embedded in that feed URL.
- Limited diagnostic logs — error reports (the page path where an error occurred plus your browser's user-agent string) and Content-Security-Policy violation reports. These help us find and fix bugs and detect attacks; they are not used to profile you.
Why we process it & our lawful basis
| Purpose | Lawful basis (GDPR Art 6) |
|---|---|
| Providing the service — your account, households, and the content you create | Performance of a contract — Art 6(1)(b) |
| Security, audit logging, and abuse prevention | Legitimate interests — Art 6(1)(f) |
| Optional usage analytics | Consent — Art 6(1)(a) |
| Optional Google Calendar import | Consent — Art 6(1)(a) |
Where we rely on consent, you can withdraw it at any time — turn off Usage analytics in Settings → Preferences, or disconnect Google in Settings → Integrations — without affecting the lawfulness of processing before withdrawal.
Who we share it with (sub-processors)
We use a small number of trusted service providers to run Famlysync. We do not sell your data or share it for advertising. Some providers are located in the United States; where that involves a transfer of EU/UK personal data, it is covered by an appropriate transfer safeguard such as Standard Contractual Clauses and/or the EU–US Data Privacy Framework.
| Provider | Role | Region | Transfer basis |
|---|---|---|---|
| Supabase | Database, authentication, and file storage | EU | Within EU — no transfer |
| Vercel | Hosting / CDN and usage analytics | US | SCCs / Data Privacy Framework [confirm DPA/SCCs] |
| Resend | Sending transactional invitation emails | US | SCCs / Data Privacy Framework [confirm DPA/SCCs] |
| Calendar import — only if you connect it | US | SCCs / Data Privacy Framework [confirm DPA/SCCs] |
What we don't do
- No advertising.
- We do not use your content — or any data we hold about you — to train AI or machine-learning models.
- Analytics is off until you opt in. When enabled, we use Vercel's Web Analytics to understand which pages people visit.
Your rights
Under the GDPR you have the right to:
- access the personal data we hold about you;
- have inaccurate data rectified;
- have your data erased;
- receive your data in a portable, machine-readable format;
- restrict or object to certain processing;
- withdraw consent where processing is based on it; and
- lodge a complaint with a data-protection supervisory authority.
You can delete your account and download a data export yourself from Settings → Account. You can also email an access, rectification, or erasure request to famlysync@outlook.com and we will respond within the time limits the law allows.
How long we keep it
- Account data is kept for as long as your account exists.
- Audit logs are retained for approximately 12 months.
- Expired or accepted invitations are purged after approximately 90 days.
- Diagnostic logs are retained per our hosting providers' default log-retention periods.
Note that content you added to a shared household stays with that household after you leave or delete your account, so the remaining members don't lose shared events, tasks, or lists. Such content is no longer linked to your account and is attributed to a removed user.
Your data & how it's protected
Your household content is visible only to members of your household, enforced by row-level security in our database. You can leave a household at any time from Settings.
Calendar feed (ICS)
If you enable the optional calendar feed, Famlysync generates a private ICS URL containing a secret token. That URL is a bearer link: anyone who has it can read your household's event details (titles, times, locations, notes) without signing in, because calendar apps can't log in to fetch a feed. Treat the URL like a password — share it only with apps and people you trust. You can revoke it at any time from Settings, which immediately invalidates the old link.
Children
Famlysync accounts are for adults. The account holder must be an adult — or at least the age of digital consent in their country — and is responsible for any personal data they enter about children in their household (for example, a child's name on an event). We do not knowingly create accounts for children. If you believe a child has created an account, contact us and we will remove it.
Google API access (optional)
If you choose to connect a Google account from Settings → Integrations → Google Calendar, Famlysync uses Google's OAuth to request three read-only pieces of information:
- Your Google account email address — used only to show "Connected as foo@gmail.com" in Settings so you can confirm which account is linked.
- The list of calendars you are subscribed to in Google Calendar — used to show you a picker so you can choose which calendars to import from.
- Events on the calendars you explicitly enable for import — used to display them inside Famlysync alongside the events you create directly in the app.
What we do with Google data:
- Imported event details (title, time, location, notes) are stored in your household's database, visible only to other members of your household via the same row-level security that gates all other household content.
- We never write to, modify, or delete anything in your Google Calendar. The OAuth scopes we request are read-only:
calendar.events.readonlyandcalendar.calendarlist.readonly. - We do not share Google data with any third party. We do not use it for advertising. We do not use it to train AI or machine-learning models. No human at Famlysync reads your Google data except in response to a direct support request from you, with your explicit consent.
How long we keep Google data:
- We continue polling Google for new events as long as your Google account is connected. When you click Disconnect in Settings, your OAuth tokens are immediately revoked at Google and we stop polling. Previously-imported events remain in your Famlysync household so you don't lose visible data; you can delete them individually like any other event.
- To request deletion of all Google-sourced data — both stored events and the OAuth identity record — email famlysync@outlook.com. We complete deletion within 30 days.
Famlysync's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Questions about your data, or to request account deletion: famlysync@outlook.com.