Data Policy

This data policy describes the categories of data Pebble & Petal processes, where it is stored, how long it is retained, and the controls you have over it. It supplements the Privacy Policy, which is the primary disclosure document.

Storage Model

Pebble & Petal stores a copy of your data on your device for offline access and synchronizes it to our cloud database so the app continues to work across your devices, after reinstalls, and with the caregivers you invite to your household.

The sub-processor table in the Privacy Policy lists each provider, its purpose, the data categories involved, and where it is processed.

Data Categories

• Profile data: caregiver email, names, dates, and optional profile metadata for the caregiver and any children added to the account.
• Tracking and care content: sleep, feed, diaper, growth, medicine, vaccination, teething, and activity logs; notes; diary entries; milestones; voice memos; and any photos or other media you attach.
• Household and sharing data: caregiver invitations, household memberships, role assignments, and per-baby access scope.
• Subscription data: purchase receipts, entitlement status, and subscription lifecycle events from the platform store and our subscription provider.
• Device and app data: install identifier, app version, device model and OS version, push notification token (when notifications are enabled), and anonymized usage events.
• Diagnostics: crash stack traces, error diagnostics, and operational events used to operate, troubleshoot, and improve the app.

Account Sharing

When you invite a caregiver to your household, the people you invite can view and update the baby profiles and care content that you have shared with them, based on the role you assign. You can change or revoke this access at any time from the app.

Data Retention and Deletion

• Account data: retained while your account is active.
• Account deletion: available in-app at Settings → Account → Delete account. Account deletion removes your personal data from active systems within a reasonable period, subject to legal obligations and limited backup retention. You can also request deletion from our data deletion page.
• On-device cache: cleared when you sign out, delete the app, or reset device data.
• Diagnostics and analytics: retained for limited operational periods.
• Subscription records: retained as required by the platform store and applicable tax/finance law.

Permissions and Device Access

• Microphone: used only when you start a voice log.
• Photos and camera: used only when you choose to attach a photo to a log, profile, milestone, or diary entry.
• Notifications: used only after you opt in. You can change notification preferences in the app at Settings → Notifications, and at the OS level at any time.

Data Export and Portability

• In-app account export: Settings → Account → Export my data delivers a structured export of your account’s content.
• Web request: rights requests, including portability, can be submitted via the contact channels in the Privacy Policy.

Security Practices

• Encryption in transit (TLS) for all network requests between the app, our backend, and our sub-processors.
• Least-privilege access controls for internal staff with operational need-to-know.
• Row-level access controls in the cloud database scoped to each household.

International and US State Rights

• Access, deletion, correction, and portability requests are supported through the privacy contact.
• CCPA/CPRA requests are supported for California residents.
• See the Privacy Policy for full rights disclosures and the international transfer notice.

Changes

We update this policy when the underlying data practices change. The “Last updated” date at the top reflects the most recent revision.