← Back to Home
Privacy Policy
Last updated: January 8, 2026
Family Routine Tracker ("we", "our", or "us") is committed to protecting the privacy of families using our service. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and Dutch privacy law.
1. Data Controller
Family Routine Tracker is the data controller for the personal data processed through our service. We are based in the Netherlands.
Contact: family-routine-planner@gmail.com
2. Data We Collect
2.1 Account Data
- Email address (for account recovery and notifications)
- Name or nickname (for display purposes)
- Password (stored securely using industry-standard hashing)
- PIN code (for parent access, stored securely)
2.2 Family Member Data
- Child names or nicknames
- Birth dates (optional, for birthday countdown feature)
- Avatar selections and color preferences
2.3 Usage Data
- Task completion history
- Points and level progression
- Calendar events and activities
- Meal plans and recipe selections
- Savings goals and transactions
2.4 Technical Data
- Browser type and version
- Device type
- Session information for authentication
3. Children's Privacy
Our service is designed for family use, including children. We take extra care with children's data:
- Parental Control: Only parent/guardian account holders can create and manage child profiles
- Minimal Data: We collect only the minimum data necessary for the service to function
- No Marketing: We never use children's data for marketing purposes
- No Third-Party Sharing: We do not share children's data with advertisers or third parties
- Parental Access: Parents can view, edit, export, or delete their children's data at any time
4. How We Use Your Data
| Purpose |
Legal Basis |
| Providing the service (task tracking, meal planning, etc.) |
Contract performance |
| Account authentication and security |
Contract performance, Legitimate interest |
| Sending service notifications |
Contract performance |
| Improving the service |
Legitimate interest |
| Responding to support requests |
Contract performance |
5. Data Sharing
We do not sell your personal data. We may share data only in these limited circumstances:
- Service Providers: Trusted providers who help us operate the service (e.g., hosting), bound by strict data protection agreements
- Legal Requirements: When required by law or to protect our legal rights
- Business Transfer: In case of a merger or acquisition, with appropriate safeguards
6. Data Security
We implement appropriate technical and organizational measures to protect your data:
- Encryption in transit (HTTPS/TLS)
- Encryption at rest for sensitive data
- Secure password hashing (Argon2id)
- Regular security assessments
- Access controls and audit logging
6.1 End-to-End Encryption (E2E)
Family Routine Tracker offers optional end-to-end encryption for sensitive personal data. When enabled:
- Zero-Knowledge Architecture: Your encryption key is derived from your password on your device and never transmitted to our servers
- Client-Side Encryption: Sensitive data (names, birth dates, task labels, calendar events, savings goals) is encrypted in your browser before being sent to our servers
- We Cannot Read Your Data: Without your password, we have no way to decrypt your personal information
- Industry-Standard Cryptography: We use libsodium with Argon2id for key derivation and XSalsa20-Poly1305 for encryption
- Recovery Key: You can generate a recovery key to regain access if you forget your password
What is encrypted (when E2E is enabled):
- Child names and birth dates
- Task labels and descriptions
- Calendar event summaries, descriptions, and locations
- Savings goal names
- Hobby and activity labels
- Pantry item names
- Gratitude journal entries
What is NOT encrypted (operational data):
- Household name (for admin visibility)
- Module configurations
- Task completion timestamps
- Points and XP values
- System settings
7. Data Retention
We retain your data for as long as your account is active. After account deletion:
- Most data is deleted immediately
- Backup copies are deleted within 30 days
- Some data may be retained longer if required by law
8. Your Rights
Under the GDPR, you have the following rights:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Portability: Export your data in a machine-readable format
- Restriction: Limit how we process your data
- Objection: Object to certain processing activities
- Withdraw Consent: Where processing is based on consent
To exercise these rights, use the data export and deletion features in the parent dashboard, or contact us at family-routine-planner@gmail.com.
9. Data Transfers
Your data is primarily stored and processed within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses).
10. Cookies and Tracking
We use only essential cookies required for the service to function:
- Authentication cookies: To keep you logged in
- Preference cookies: To remember your language and display settings
We do not use tracking cookies, analytics cookies, or third-party advertising cookies.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the service. The "Last updated" date at the top indicates when the policy was last revised.
12. Contact Us
For privacy-related questions or concerns:
- Email: family-routine-planner@gmail.com
- Location: Netherlands
13. Supervisory Authority
If you have concerns about our data processing practices, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):