Privacy Policy

1. Introduction

MinuteMasters ("we," "us," or "our") is committed to protecting the privacy of families who use our app and services. This Privacy Policy explains what information we collect, how we use it, and the choices you have regarding your data.

By using MinuteMasters, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Family Account Data

When you create a MinuteMasters family account, we collect:

• Parent name and email address
• Account authentication credentials (managed securely via Firebase Authentication)
• Family name and configuration preferences

2.2 Child Profile Data

When you add a child to your family, we collect:

• Child's first name (or nickname)
• Date of birth or age range
• Gender (optional, used for age-appropriate content filtering)
• Wake and bedtime preferences
• Voice and notification preferences

2.3 Habit and Reminder Data

As you use the app, we store:

• Reminders and habit schedules you create
• Acknowledgment and completion records
• Streak, XP, and achievement progress
• Day type overrides and calendar settings

2.4 Mental Health and Wellbeing Data

If you enable optional wellbeing features, we may store:

• Mood check-in responses
• Gratitude journal entries
• Period tracking data (if enabled by parent)

All mental health and sensitive content features are PIN-protected and require explicit parental consent before activation.

2.5 Subscription and Purchase Data

If you subscribe to MinuteMasters Premium, we store:

• Subscription status (active, trial, expired)
• Subscription plan type and billing period
• Trial start and end dates

Payment processing is handled entirely by the Apple App Store or Google Play Store. We do not collect or store credit card numbers, bank account details, or other payment credentials. Purchase validation is managed through RevenueCat.

2.6 Device and Technical Data

• Device type and operating system
• FCM (Firebase Cloud Messaging) tokens for push notifications
• MinuteMasters Speaker device identifiers (if applicable)

3. How We Use Your Information

We use the information we collect to:

• Deliver and personalize voice reminders and notifications
• Track habit progress and gamification features (XP, streaks, achievements)
• Generate AI-powered, age-appropriate reminder messages
• Provide daily and weekly progress summaries to parents
• Improve and maintain the quality of our services
• Send parent alerts when wellbeing thresholds are triggered

4. Data Storage and Security

All data is stored securely using Google Firebase (Firestore, Authentication, and Cloud Storage) with encryption in transit and at rest. We follow industry-standard security practices to protect your information.

If you use the optional MinuteMasters Speaker, device configuration is stored locally on the device using encrypted non-volatile storage (NVS) and synced with Firebase for remote management.

5. We Do Not Sell Your Data

We do not sell, rent, or trade your personal information or your child's data to third parties. We do not serve advertisements. Your family's data is used solely to provide and improve the MinuteMasters service.

6. COPPA Compliance & Apple Kids Category

MinuteMasters is designed for children aged 7-16 under direct parental supervision. We comply with the Children's Online Privacy Protection Act (COPPA) and Apple's App Store Kids Category requirements:

• Parental consent required: A parent or guardian must create the family account and add child profiles. Children do not create their own accounts.
• Minimal data collection: We collect only the information necessary to provide the service (name/nickname, age, and preferences).
• No direct child contact: We do not collect email addresses or other contact information directly from children.
• Parental control: Parents can review, modify, or delete their child's data at any time through the app settings.
• PIN-gated sensitive content: Modules covering mental health, puberty education, and period tracking require parental PIN authentication to enable.
• Parental gate on links and purchases: All links that navigate outside the app (e.g., Privacy Policy, Terms of Service, external resources) and all in-app purchase or subscription actions are gated behind parental verification. When a signed-in parent has configured a parent PIN, that PIN is required. In pre-account flows where no PIN exists yet, the app uses a separate verification challenge before allowing the user to continue. This helps ensure children do not inadvertently leave the app or make purchases.
• No advertising: MinuteMasters does not display any advertisements and does not integrate any advertising SDKs.
• No third-party analytics: MinuteMasters does not use third-party analytics services (such as Google Analytics, Amplitude, or Mixpanel). We collect only anonymized crash reports via Firebase Crashlytics for app stability purposes. Crash data is not linked to any individual user's identity.

7. Third-Party Services

MinuteMasters uses the following third-party services to operate:

• Google Firebase Authentication: Manages parent account sign-in. Stores authentication credentials (email, hashed password). Data stored on Google Cloud servers.
• Google Cloud Firestore: Primary database for family, child, reminder, and preference data. All data encrypted in transit and at rest. Stored on Google Cloud servers.
• Firebase Cloud Messaging (FCM): Delivers push notifications to parent and child devices. Only FCM device tokens and notification payloads are transmitted. No personal data is shared with third parties through FCM.
• Firebase Crashlytics: Collects anonymized crash reports (stack traces, device model, OS version) for app stability. Crash data is not linked to any individual user identity. No user identifiers, email addresses, or personal data are included in crash reports.
• Firebase Cloud Storage: Stores parent voice recordings for custom reminder messages. Files are encrypted at rest and access-controlled via Firebase security rules.
• Google Cloud Text-to-Speech: Voice generation for reminders (Speaker device only). No child data is stored by this service.
• OpenAI / Anthropic: AI-generated reminder messages. Only the child's age bracket and reminder context are sent; no personally identifiable information is transmitted or stored by these providers.
• RevenueCat: Subscription management and purchase validation. Only the parent's anonymous app user ID and purchase receipt data are shared. No personal or child data is transmitted to RevenueCat.
• Apple App Store / Google Play Store: In-app purchase processing and subscription billing (governed by Apple's and Google's respective privacy policies).

Each third-party service is governed by its own privacy policy. We only share the minimum data necessary for these services to function. We do not use any third-party advertising or analytics services.

8. Data Retention

We retain your data for as long as your account is active. If you delete your family account:

• All child profiles and associated data are permanently deleted
• Reminder history, mood logs, and achievement data are removed
• Deletion is processed within 30 days of the request

You can request account deletion at any time through the app settings or by contacting us at the email below.

9. Your Rights

You have the right to:

• Access the personal data we hold about you and your children
• Correct inaccurate information
• Delete your account and all associated data
• Export your data in a portable format
• Opt out of optional features (mood tracking, period tracking, etc.)

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy in the app and on our website with a revised "Last updated" date.

11. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

• Email: minutemastersapp@gmail.com
• Team: MinuteMasters Team