Privacy Policy

Data We Collect

Data You Provide

• Email address — for identity verification and authentication token delivery
• Family member display names — stored on our servers in plaintext so they can appear in push notification titles (for example, when a family member triggers an SOS alert, the recipient sees who sent it). Display names are the only piece of family-group content our servers can read. If you don't want a real name on our servers, use a nickname.
• Location data — end-to-end encrypted GPS coordinates shared between family members. Our servers relay encrypted payloads they cannot decrypt.
• Messages — end-to-end encrypted, we cannot read them
• Geofence configurations — stored on your device only and never synced to our servers
• SOS alert data — end-to-end encrypted

Data Collected Automatically

• Device identifiers — unique device key in your device's secure enclave, never leaves your device
• FCM token — for push notification delivery only, not linked to your real-world identity. Push notifications we send contain only the sender's display name and a timestamp — no message content, no location data, no event details.
• Aggregate session counts — anonymous, no PII

Data We Do NOT Collect

No passwords (passwordless auth). No payment card numbers (Stripe handles all payments). No advertising identifiers. No contacts, photos, or files. No browsing history.

What We Read vs. What We Don't

Most family-safety apps collect significantly more data than Kinsight Secure does. Many sell location histories, build advertising profiles, log driving behavior, or read message content. We don't.

Here's the precise picture of what our servers can see and what they cannot:

What our servers CAN read

• Email address — used for account authentication and transactional emails (magic link, account notices).
• Family member display names — used in push notification titles so recipients know who sent an alert.
• Subscription status — whether your account is active, what plan you're on. Payment details themselves are handled entirely by Stripe; we never see card numbers.
• Device identifiers (FCM token) — a token Firebase uses to deliver push notifications. Not linked to your real-world identity.
• Aggregate, anonymous usage counts — how many sessions occurred in a given period, with no per-user attribution.

What our servers CANNOT read

• Your location — GPS coordinates shared between family members are end-to-end encrypted with keys held only on family devices. Our servers relay encrypted payloads they cannot decrypt.
• Your messages — secure messages between family members are end-to-end encrypted. The content is opaque to our servers.
• Your SOS alert details — the location and context attached to an SOS alert are encrypted end-to-end. The push notification we relay contains only the sender's display name and a timestamp.
• Your geofence configurations — geofences you set up live on your device only. They are never synced to our servers.
• Anything you do inside the app — we do not log screen views, button taps, navigation paths, time-on-screen, or any per-user behavioral analytics.

What we never collect

• Passwords (there aren't any — Kinsight Secure uses passwordless authentication).
• Payment card numbers, CVVs, or billing addresses (Stripe handles all of that).
• Advertising identifiers (IDFA, GAID).
• Your phone's contact list, photo library, browser history, or app usage from other apps.
• Driving behavior, speed records, or commute patterns.
• Anything derived from data we cannot read — including metadata about your location history, message frequency, or family interactions.

Why this matters

The “zero-knowledge” architecture means that the categories of data most relevant to your family's safety — where you are, what you say, what alerts you send — cannot be read by us, sold by us, subpoenaed from us in usable form, or stolen from our servers in usable form. The categories we can read (email, display names, FCM token, aggregate counts) are the minimum needed to deliver the service and to send you a push notification when something happens.

We chose this architecture deliberately. It is structurally different from the family-safety apps that monetize their users' data, and we are committed to keeping it that way.

How We Protect Your Data

• Zero-knowledge architecture — all sensitive data encrypted on your device before transmission. The platform stores encrypted blobs it cannot decrypt.
• End-to-end encryption — Curve25519 key exchange with NaCl box (XSalsa20-Poly1305). Ed25519 device authentication.
• Passwordless auth — biometric + device-bound cryptographic key. No passwords ever created or stored.
• TLS in transit — two layers of encryption (E2EE + TLS).

Third-Party Services

• Stripe — payment processing only. We never see your card number.
• Firebase Cloud Messaging (our push notification service) — receives FCM device token, sender's display name, and a timestamp. We do not send message content, location data, geofence details, or event-specific information through FCM.
• Hetzner (our infrastructure provider) — only sees encrypted blobs.

We do not share, sell, or rent your data with any other third parties.

Children's Privacy

Only adults (18+) can create accounts. Children are added by parents/guardians. We do not knowingly collect information from children under 13. No behavioral targeting of any users.

Your Rights

• Access — view all data on your device at any time
• Deletion — delete your account and all data permanently, at any time
• Portability — export your data from the app
• Withdraw consent — stop using the service, no penalty

Additional rights apply for EU/EEA residents (GDPR) and California residents (CCPA). We do not sell personal information.

If You Are Being Tracked Without Consent

Kinsight Secure is designed for family safety. If you have reason to believe this app is being used to track you without your knowledge or consent, you have options:

• You can review who has access to your location and remove yourself from any family group through the app's settings.
• If you are experiencing domestic abuse, the National Domestic Violence Hotline is available 24/7: 1-800-799-7233 (or text START to 88788), or visit thehotline.org.
• If you are in immediate danger, call 911.

We design Kinsight Secure to make non-consensual tracking difficult, but no technology fully prevents misuse. If you discover the app on your device without your knowledge, please uninstall it and contact a trusted person, support service, or law enforcement.

Summary

Can KS read my data?	No. Zero-knowledge architecture.
Does KS sell my data?	No. Never have, never will.
Does KS show ads?	No.
Does KS track me?	No individual tracking. Anonymous session counts only.
What can KS read on its servers?	Your email, display names you set, and aggregate counts. That's it. Location, messages, SOS details, and geofences are end-to-end encrypted.
Can I delete my data?	Yes, permanently, at any time.
Who sees my location?	Only your family group's devices. Not us.