Privacy Policy
FamilyPlanner is a private family calendar and chore planner. This policy explains what personal data we collect, why, who we share it with, and the choices and rights you have. We collect as little as possible and never sell your data or use it for advertising.
1. Who we are
FamilyPlanner (“we”, “us”) provides this service. For any privacy question, or to exercise your rights, contact us at privacy@yourdomain.example.
2. The short version
- You sign in with your Microsoft account — we never see or store your password.
- We store the family content you create: events, chores, reminders and family membership.
- If you connect an external calendar, we store an encrypted access token and only read the events you choose to share.
- We use essential storage to keep you signed in and remember preferences — no third-party tracking or advertising cookies.
- One family’s data is never visible to another family.
3. What we collect
| Category | Examples |
|---|---|
| Account & identity | Your Microsoft Entra ID object identifier, display name and email address (used to match invitations). We never receive your password. |
| Family content you create | Families you create or join, your role, calendar events, chores, reminders and event-sharing choices. |
| Managed (proxy) members | For a family member without their own login — typically a child — the display name and colour an organiser gives them. They have no account and no email. |
| Connected calendars | The provider you linked (Microsoft, Google or Apple) and an encrypted access/refresh token. We read only the events you tag to overlay, and our calendar access is read-only. |
| Notifications | Browser push-subscription details (if you opt in) and your reminder preferences such as time zone and quiet hours. |
| Technical | Standard server logs needed to run and secure the service (e.g. request metadata). We do not build advertising profiles. |
4. Why we use it (lawful basis)
- To provide the service — show your family’s calendar, run chores and send reminders (performance of our terms with you).
- To keep it secure — authenticate you, isolate families and prevent abuse (our legitimate interest and legal obligations).
- To contact you about the service — for example invitation and reminder emails you have asked for.
We do not use your data for advertising and we do not sell it.
5. Cookies & local storage
We use only what the app needs to function:
- Sign-in cookie — set by our hosting provider to keep you securely signed in. Essential; the app cannot work without it.
- Local storage — remembers preferences such as your light/dark theme and that you have seen this notice. It stays in your browser.
We do not use third-party advertising or tracking cookies, so there is nothing to “reject” — the notice you see is informational.
6. Who we share it with
We share data only with the service providers we need to run FamilyPlanner, as our processors:
| Provider | Purpose |
|---|---|
| Microsoft Azure | Hosting, database and key management. |
| Microsoft Entra ID | Sign-in / authentication. |
| Azure Communication Services | Sending invitation and reminder emails. |
| Calendar providers (Microsoft, Google, Apple) | Reading the events you choose to overlay, if you connect a calendar. |
| Your browser’s push service | Delivering browser notifications, if you opt in. |
We share data with members of your own family as part of using the planner. We do not share it with any other family, and we never sell it.
7. Children’s data
FamilyPlanner is designed to be run by an adult organiser for their household. A child can be added as a managed (proxy) member with no login of their own; only the organiser and family members can see that information. If you add details about a child, you confirm you are their parent or guardian (or have that person’s consent) and are responsible for the information you enter. Contact us to review or remove a child’s data at any time.
8. How long we keep it
We keep your data while your account and family are active. When you delete an event, chore or family, it is removed. When you disconnect a calendar, its stored token is deleted and access is revoked. When you delete your account, we delete or anonymise your personal data, except where we must keep limited records to meet a legal obligation.
9. How we protect it
- All traffic is encrypted in transit (HTTPS/TLS).
- Calendar tokens are encrypted at rest (AES-256-GCM), with keys held in a managed key vault.
- Every request is checked against your family membership, so families stay isolated.
- We request the minimum, read-only calendar permissions and never store raw invitation tokens.
10. Your rights
Depending on where you live, you may have the right to access, correct, export or delete your personal data, and to object to or restrict certain processing. You can edit or delete most of your content directly in the app, and you can download a copy of your data or permanently delete your account at any time from Settings → Account & data. To make a request, contact privacy@yourdomain.example. You also have the right to complain to your local data-protection authority.
11. International transfers
Our providers may process data in countries outside your own. Where they do, appropriate safeguards (such as standard contractual clauses) are relied upon to protect it.
12. Changes to this policy
We may update this policy as the service evolves. We will revise the “last updated” date above and, for significant changes, give you notice in the app.
13. Contact
Questions or requests? Email privacy@yourdomain.example. See also our Terms of Service.