Privacy Policy – Family Central

1. Overview

Family Central ("the App", "we", "us", or "our") is a family management application designed to help families organize their daily life through shared calendars, task lists, chat, meal planning, budget tracking, shared contacts, schedules, and real-time location features.

This Privacy Policy explains what personal data we collect when you use Family Central, why we collect it, how we store and protect it, and what rights you have over your data. By using the App you agree to the practices described in this policy.

We do not sell, rent, or share your personal data with any third party for advertising, marketing, or commercial purposes.

2. Data We Collect

The table below describes every category of data collected by Family Central, its purpose, and where it is stored.

Data Category	Specific Data Points	Purpose	Stored
Account & Identity	Full name, email address, hashed password, profile avatar, preferred language	Create and authenticate your account	Server (encrypted at rest)
Family Group	Group name, invite code, member roles (admin / member), join date	Manage the family circle and member access	Server
Calendar Events	Event title, description, date/time, location, recurrence rules, assigned members, reminders	Shared family calendar	Server
Task Lists	List name, item content, completion status, assigned members, recurrence	Collaborative shopping and task lists	Server
Chat Messages	Text messages, reactions, read receipts, deletion flags; encrypted with AES-256	Private 1:1 and group chat within the family circle	Server (AES-256 encrypted)
Chat Attachments	Images, audio recordings, video clips, documents sent in chat; stored as AES-256 encrypted binary blobs	File sharing within the family circle	Server (temporary – see §5)
Contacts	Contact name, phone numbers, email addresses, notes, favorite flag	Shared family address book	Server
Meal Planning	Meal name, date, assigned members, linked recipe	Weekly meal planner	Server
Recipes	Recipe name, ingredients, steps, tags, photos (if provided), favorites	Family recipe book	Server
Schedules & Shifts	Schedule name, entries with time slots, assigned members, recurrence	Household chore and shift management	Server
Budget & Finance	Transaction amounts, categories, dates, notes, account names, budget limits; currency codes	Family budget tracking and reporting	Server
Location Data	GPS coordinates (latitude, longitude, accuracy, timestamp), location history, pick-me-up requests, SOS alerts	Real-time family location sharing; safety features (see §6)	Server (history auto-purged)
Device Identifier	FCM device token (Firebase push token), platform (Android/iOS), app version	Deliver push notifications to your device	Server
Authentication Tokens	JWT access token (short-lived), refresh token (stored securely on device)	Authenticate API requests without re-entering credentials	Device (secure storage) & server
App Settings	Notification preferences, calendar view settings, language preference, tutorial completion state	Personalise the app experience	Device & server
Performance & Errors	Crash reports and stack traces generated by the app itself (not transmitted to any analytics service); no user content is included	Diagnose and fix technical issues	Device logs only (not sent externally)

3. How We Use Your Data

We use the data collected exclusively to provide, operate, and improve the Family Central service:

To create and manage your account and family group.
To synchronise family data (calendar, lists, meals, budget, contacts, schedules) in real time across all members' devices.
To deliver chat messages and media files securely within your family circle.
To show real-time family member locations when this feature is enabled by the user.
To send push notifications about events, messages, reminders, and safety alerts.
To allow export of budget data (PDF/CSV) for personal use.
To optionally sync family events with the native calendar of the operating system (with your explicit permission).
To process premium subscription status via the in-app purchase system (RevenueCat).
To display GIF content searched by users within the chat (via the Giphy API).
To display map views of member locations using Leaflet (open-source, no data leaves the device other than the tile requests to OpenStreetMap servers).

4. Data Storage & Security

All data is stored on our own self-hosted servers running a MariaDB relational database. We do not use cloud storage services (such as AWS S3, Google Cloud Storage, or similar) for any user content.

AES-256 chat encryption

JWT stateless authentication

Passwords hashed (bcrypt)

HTTPS / TLS transport

Secure local storage (Capacitor Preferences)

Access to the API is restricted through Spring Security with JWT-based stateless authentication. Each request is validated against the requesting user's family group membership before any data is returned or modified. Sensitive tokens are never logged.

5. Chat Messages & Attachments

Family Central includes an end-to-end family chat supporting text messages, images, audio recordings, video clips, and other file types.

Encryption: All chat messages (text content) are stored in the database encrypted using AES-256. The encryption key is held server-side and is not shared with any third party.

Attachments (images, audio, video, documents):

Attachment files are stored in the database as AES-256 encrypted binary objects (BLOBs).
They are stored temporarily: once all intended recipients have confirmed the download of the file, it is eligible for deletion from the server.
A background cleanup process periodically removes attachments that have already been downloaded by all members, or that have exceeded a reasonable retention window.
Files are never shared with, sold to, or accessible by any third party.
Attachments are only accessible to members belonging to the same family group.

Audio recordings and video clips are treated with the same level of encryption and temporary retention as other file attachments. They are never analysed, transcribed, or processed by any automated system other than encryption/decryption.

6. Location Data

Location sharing is an opt-in feature. The App will request location permission from the operating system before activating any location feature. You can revoke this permission at any time from your device's system settings.

Current location: Your current GPS coordinates are shared in real time with other members of your family group when you enable location sharing.
Background location: If you grant background location permission, the App can update your position while running in the background so other members always see your current location. This is optional and can be disabled at any time.
Location history: A rolling history of location updates is stored on the server for a limited period to allow members to review recent movements. This history is automatically purged after its retention period expires.
Pick-Me-Up requests: When you request a pick-up, your current location is shared with the relevant family member to facilitate coordination.
SOS alerts: In an emergency, your current location is broadcast to all family group members.
Location data is never shared with advertising networks or any external service other than as required by the mapping tiles described in §8.

7. Data Sharing

We do not sell, rent, trade, or otherwise transfer your personal data to any third party for any commercial purpose.

Data is shared only in the following strictly necessary situations:

Within your family group: All data you create (events, messages, lists, locations, etc.) is shared with the other members of your family group — this is the core purpose of the App.
Push notification delivery: Your FCM device token is transmitted to Firebase Cloud Messaging (Google) for the sole purpose of delivering push notifications to your device. No message content is included in push payloads beyond a short notification title and body.
Premium subscriptions: Purchase validation tokens (not personal data) are exchanged with RevenueCat to verify active subscriptions. RevenueCat does not receive family data.
GIF search: Search queries you type in the GIF picker are sent to the Giphy API to retrieve matching results. No account information is sent.
Exchange rates: Currency exchange rate requests are proxied through our server to a public exchange-rate API (open.er-api.com). No personal data is included in these requests.
Map tiles: When you view the family map, tile images are fetched from OpenStreetMap tile servers. Your IP address may be visible to those servers but no personal data from the App is sent.
Legal obligations: We may disclose data if required to do so by applicable law or by a valid court order.

8. Third-Party Services & SDKs

Family Central integrates the following third-party services and libraries. Some of them may collect data independently according to their own privacy policies. We strongly encourage you to review each policy linked below.

Service / Library	Purpose in the App	Data Potentially Collected	Privacy Policy
Firebase Cloud Messaging (FCM) Google	Push notifications delivery	Device token (FCM registration ID), device model, OS version, app version; Google may also collect diagnostic data per its own policies.	Google Privacy Policy → Firebase Privacy →
Firebase Admin SDK Google	Server-side push notification dispatch	Device tokens transmitted server-to-Firebase; no user content included.	Google Privacy Policy →
Google Play Services Google	Core Android runtime, push notification channel	Device identifiers, diagnostic data collected by Google Play Services at the OS level, per Google's policies.	Google Privacy Policy →
RevenueCat In-app purchases	Premium subscription management and purchase validation	Purchase receipts, product IDs, app user ID (anonymous), device platform, app version. RevenueCat does not receive family data or personal identifiers unless explicitly provided.	RevenueCat Privacy Policy →
Giphy API GIF search	GIF search in chat	Search query text, IP address, device type. Giphy may collect usage analytics per its own privacy policy.	Giphy Privacy Policy →
Leaflet + OpenStreetMap Open source	Family location map rendering	Leaflet itself collects no data. OpenStreetMap tile servers may log your IP address when fetching map tiles (standard web server logs).	OSM Privacy Policy →
Open Exchange Rates API Exchange rates	Currency exchange rate lookup (budget feature)	Requests are proxied through our server. No personal data is sent. The external API only receives the requested currency pair.	ExchangeRate-API Privacy →
Capacitor (Ionic) Open source	Native device APIs (camera, geolocation, filesystem, notifications, preferences)	Capacitor is an open-source framework that bridges web code to native APIs. It does not transmit any data externally by itself.	Ionic Privacy Policy →
jsPDF Open source	PDF export of budget reports	No data is collected or transmitted. All processing is done on-device.	N/A – client-side only

Important: Google's services (Firebase, Google Play Services) may collect additional device and diagnostic data beyond what is described above, in accordance with Google's own privacy policies. Please review Google's Privacy Policy for full details on what Google collects through its services.

9. Data Retention

Data is retained as follows:

Account data: Retained while your account is active. Deleted permanently upon account deletion.
Family group data (events, lists, meals, recipes, budget, contacts, schedules): Retained while the family group exists. If the last member deletes their account, all group data is permanently deleted.
Chat messages: Retained indefinitely while the family group is active, unless deleted by the user (delete for me / delete for all).
Chat attachments (images, audio, video, documents): Stored temporarily. Once all recipients have confirmed download, or after a maximum retention window, they are automatically and permanently deleted from the server.
Location history: Automatically purged on a rolling basis after a limited retention period.
Refresh tokens: Expire after a defined period of inactivity and are invalidated on logout or account deletion.
FCM device tokens: Removed when you log out of the app or delete your account.

10. Your Rights

You have the following rights with respect to your personal data:

Access: You can access all data associated with your account directly within the App (profile, events, lists, messages, etc.).
Rectification: You can edit your personal data at any time through the App's settings and profile screens.
Erasure: You can delete your account and all associated data at any time via Settings → Delete Account. See our Account Deletion page for step-by-step instructions.
Data portability: Budget data can be exported in PDF or CSV format directly from the App.
Objection to processing: You can disable optional data features (location sharing, calendar sync, notifications) at any time from within the App's settings.
Withdraw consent: You may revoke OS-level permissions (location, camera, notifications, calendar) at any time through your device's system settings.

Account deletion is processed immediately and is irreversible. All family group data will be permanently deleted. No recovery is possible after deletion.

11. Children's Privacy

Family Central is intended to be used by family groups that may include members of all ages. The App does not require a minimum age to be added as a family member; however, account creation (login credentials) is intended for adults or for use under parental supervision.

We do not knowingly collect personal data from children under 13 independently of a parent or guardian. If you believe a child under 13 has provided us with personal information without parental consent, please contact us at the email below and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the App, applicable law, or our data practices. When we make material changes, we will notify you via a push notification and/or an in-app banner. The "Last updated" date at the top of this page always reflects the most recent revision.

Continued use of the App after a policy update constitutes your acceptance of the revised policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your data, please contact us:

Email: help@family-central.app
App: Family Central (available on Google Play)

We aim to respond to all privacy-related inquiries within 30 days.