Privacy Policy

Last updated: May 4, 2026

1. Introduction

FAMMO ("Service"), available at fammo.app ("we", "us", "our"), is operated by a company registered in Latvia. We are the data controller for the purposes of the General Data Protection Regulation (GDPR). Full legal entity details are available in our Legal Notice.

This Privacy Policy explains how we collect, use, and protect your information and your child's information when you use our Service. Because FAMMO processes data about children, we take extra care to minimize data collection, protect children's privacy, and ensure transparency.

2. Children's Data — Our Approach

FAMMO is a parental monitoring tool. By design, it processes data about minors (your children) under your parental authority. We are committed to protecting children's privacy and follow these principles:

Data minimization: We collect only the data necessary to provide the Service.
Purpose limitation: Children's data is used solely to generate insights and reports for their parent/guardian.
No profiling for marketing: We never use children's data for advertising, marketing, or profiling for commercial purposes.
No selling of data: We never sell or share children's data with third parties for their own purposes.
Parental control: Parents have full control over their child's data and can request deletion at any time.

Legal Basis for Processing Children's Data

Under GDPR Article 8, processing personal data of a child below 16 years of age (or the lower age set by the child's Member State, but not below 13) in relation to information society services requires consent given or authorized by the holder of parental responsibility.

By creating a FAMMO account and linking your child's data, you, as the parent or legal guardian, provide this consent and authorize the processing of your child's data as described in this policy. You may withdraw this consent at any time by deleting the child's profile or contacting us (see Section 12).

3. Information We Collect

3.1 Parent Account Information

When you create an account, we collect your email address and password (stored as a bcrypt hash). If you subscribe to a premium plan, payment processing is handled entirely by Stripe — we do not store your credit card details.

Legal basis: Performance of a contract (GDPR Article 6(1)(b)) — this data is necessary to create and maintain your account and provide the Service.

3.2 Child Profile Information

When you add a child to your account, you provide their name (or nickname) and age. You may optionally add additional context to help the AI provide better insights.

Legal basis: Consent of the holder of parental responsibility (GDPR Articles 6(1)(a) and 8).

3.3 Activity Data

Depending on how you configure the Service, FAMMO may process:

App and screen time usage data from your child's device
Website browsing summaries (domains visited, not full page content)
Notification summaries
Location data (if enabled by you)
Communication metadata (message counts, contact frequency — not message content unless you specifically enable this feature)

All activity data collection features can be individually enabled or disabled by you in the Service settings.

Legal basis: Consent of the holder of parental responsibility (GDPR Articles 6(1)(a) and 8).

3.4 AI-Processed Data

Activity data is sent to our AI processing pipeline to generate:

Daily and weekly activity summaries
Well-being insights and alerts
Usage pattern analysis

AI processing is performed on our behalf by Anthropic (Claude API). The data sent to the AI is limited to what is necessary for generating insights and does not include direct identifiers of the child (such as full name) where technically feasible.

Legal basis: Consent of the holder of parental responsibility (GDPR Articles 6(1)(a) and 8), and legitimate interest in providing the core functionality of the Service (GDPR Article 6(1)(f)).

3.5 Technical and Analytics Data

We collect standard technical data including:

IP address
Device type and operating system
Browser type and version
Pages visited within FAMMO
Session duration and interaction data

We use PostHog for product analytics. PostHog is self-hosted on our EU-based infrastructure.

Legal basis: Legitimate interest (GDPR Article 6(1)(f)) — maintaining and improving the Service. For any analytics beyond strictly necessary functionality, we rely on your consent.

3.6 Error and Performance Monitoring

We use Sentry to track application errors and performance. Sentry may receive technical data about errors including device information, browser state, and anonymized usage context. No child activity data is intentionally sent to Sentry.

Legal basis: Legitimate interest (GDPR Article 6(1)(f)) — ensuring Service reliability and resolving technical issues.

3.7 Waiting List

If registration is not yet open and you join the Fammo waiting list, we collect your email address, language preference, signup time, confirmation status, beta-invite eligibility, launch-offer eligibility, and basic technical information used to prevent abuse. We use double opt-in email verification before sending launch announcements, beta invitations, or promotional offers.

Legal basis: Consent (GDPR Article 6(1)(a)) — you can unsubscribe at any time from waiting-list emails.

4. How We Use Your Information

To provide the core Service: generating AI-powered insights and summaries for parents
To process payments and manage subscriptions (via Stripe)
To send transactional emails: account verification, password resets, billing notifications, and alert emails (via AWS SES)
To send waiting-list verification, launch announcements, beta invitations, early-access updates, and promotional offers if you explicitly opt in
To monitor and improve the Service's performance and reliability
To respond to support inquiries
To comply with legal obligations

We do not:

Sell personal information — neither yours nor your child's — to third parties
Send marketing emails unless you explicitly opt in
Use children's data for advertising or commercial profiling

5. Data Sharing and Sub-Processors

We share data with the following service providers who act as data processors on our behalf (unless otherwise noted):

Sub-Processor	Purpose	Data Processed	Location
Anthropic (Claude API)	AI processing of activity data to generate insights	Anonymized/pseudonymized activity data	United States
Hetzner Online GmbH	Server hosting and data storage	All Service data	Germany (EU)
Cloudflare, Inc.	CDN, DDoS protection, object storage (R2)	IP addresses, traffic data, stored files	EU (with global edge network)
Stripe, Inc.	Payment processing	Parent's payment data (Stripe is an independent controller)	EU/US
Amazon Web Services (AWS SES)	Transactional email delivery	Parent's email address, email content	EU (Frankfurt region)
Sentry (Functional Software, Inc.)	Error monitoring	Technical error data, device info	United States
PostHog	Product analytics	Usage analytics (self-hosted)	Germany (EU, self-hosted)

We may disclose information if required by law or to protect our rights and the safety of our users.

6. International Data Transfers

Your data is primarily stored and processed within the European Economic Area (Germany).

Where data is transferred outside the EEA (specifically to Anthropic and Sentry in the United States), such transfers are protected by appropriate safeguards, including:

The EU-US Data Privacy Framework (where the recipient is certified), or
Standard Contractual Clauses approved by the European Commission (GDPR Articles 44–49)

Regarding Anthropic (Claude API): Activity data sent to Anthropic for AI processing is pseudonymized before transmission (direct child identifiers are removed where technically feasible). Anthropic processes this data solely on our instructions and does not use it to train their models (per their API data usage policy as of the date of this policy).

You may request information about the specific safeguards in place by contacting us at [email protected].

7. Data Retention

Parent account data

Retained while your account is active. After account deletion, we retain minimal records (registration date, email, transaction history) for up to 5 years to comply with Latvian accounting and tax obligations.

Child profile and activity data

Retained while the child's profile is active in your account. When you delete a child's profile or your account, this data is permanently deleted within 30 days (except for anonymized, aggregated data that cannot identify any individual).

AI-generated insights

Retained for up to 12 months to allow you to review historical summaries. Deleted when the child's profile is removed.

Technical logs

IP addresses and error logs retained for up to 90 days.

Payment records

Retained for up to 5 years as required by Latvian tax law.

You may request earlier deletion of data by contacting us (see Section 12).

8. Data Security

We implement appropriate technical and organizational measures to protect your data and your child's data, including:

HTTPS/TLS encryption for all data in transit
Encryption at rest for stored activity data
Bcrypt hashing for passwords
Access controls limiting who can access child data (only the linked parent account)
Regular security reviews of our infrastructure
Pseudonymization of child data before AI processing

No system is 100% secure. We cannot guarantee absolute security, but we are committed to promptly notifying affected users in the event of a data breach, as required by GDPR Articles 33–34.

9. Local Storage and Cookies

The Service uses local storage (browser-based storage similar to cookies) to maintain your session, preferences, and application state. This is strictly necessary for the Service to function.

We use essential cookies for authentication and session management. These do not require consent as they are strictly necessary.

We do not use advertising cookies or third-party tracking pixels. Our analytics (PostHog) are self-hosted and do not place third-party cookies.

10. Automated Decision-Making

The Service uses AI to generate summaries and insights about your child's digital activities. These are informational outputs intended to assist you as a parent — they are not automated decisions with legal or similarly significant effects on your child.

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects any individual (GDPR Article 22).

If you believe an AI-generated insight is inaccurate, you can disregard it and contact us to report the issue.

11. Your Rights (GDPR)

As a parent/guardian and data subject in the European Economic Area, you have the right to:

Access your personal data and your child's data
Rectify inaccurate data
Request deletion ("right to be forgotten") of your data and your child's data
Object to or restrict processing based on legitimate interest
Data portability — receive your data in a structured, machine-readable format
Withdraw consent at any time (this does not affect the lawfulness of processing before withdrawal)
Lodge a complaint with the supervisory authority

Your child's rights: Children are data subjects with their own rights under GDPR. As the holder of parental responsibility, you exercise these rights on behalf of your child. As your child matures, they may exercise their own data protection rights.

The relevant supervisory authority is the data protection authority in Latvia.

12. Contact and Data Requests

For privacy-related questions, data access requests, or to exercise any of your rights, contact us at:

Email: [email protected]
General support: [email protected]

We will respond to data subject requests within 30 days. If a request is complex, we may extend this by an additional 60 days with notice to you.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes — especially those affecting how we process children's data — will be communicated via email to registered users with at least 30 days' notice before taking effect. Continued use of the Service after the effective date constitutes acceptance.

For significant changes to children's data processing, we may require you to re-confirm your consent.