BabyMom privacy

Your privacy matters. Protect yourself with a secure VPN.
Sponsored

BabyMom — Global Privacy Policy

Version: v1.0
Effective date: 31 Aug 2025
Service: BabyMom (iOS/Android)
Operator: jiseosiyu
Address/Country: South Korea
Contact: myclick90@gmail.com

This global Privacy Policy applies to BabyMom users primarily in Korea and also in the U.S., Japan, and parts of Europe. Local law supplements are provided in the Annexes. If you have any questions, contact us at the email above.

 

1. What personal information we collect

1.1 Information you provide

Account & authentication: Email address (stored as a bcrypt hash for password authentication). We may also store email verification status and timestamps.

Content you choose to upload: Images from your photo library (e.g., to attach to your records). No camera permission is requested. Uploaded content is stored on our servers in encrypted form.

1.2 Information collected automatically (minimal)

We minimize automatic collection. We process only what is necessary to deliver and protect the service, and to show non‑personalized ads.

Technical essentials: IP address, device/OS type, app version, and basic event logs necessary to operate and secure the service.

Advertising identifiers for non‑personalized ads: AdMob may receive device/advertising identifiers (e.g., IDFA/AAID) to deliver non‑personalized advertising (NPA). We do not use these identifiers to profile you.

No social login. We do not receive data from social sign‑in providers.

If we later enable push notifications or crash/analytics SDKs, we will update this policy before activation.

1.3 Permissions (mobile)

Photos (Library only) — purpose: to let you select and upload images you choose.

No Camera access is requested; you can still pick images from your library.

 

2. How we use personal information

Provide and maintain the service (account creation, login, synchronization, storage of your chosen content).

Security and fraud prevention (maintaining logs, preventing abuse).

Support and communications (respond to inquiries, service notices).

Non‑personalized advertising (AdMob) — without profiling.

Service improvement (aggregated or de‑identified insights where feasible).

Legal bases (EU/UK only)

Contract (to provide the service you requested).

Legitimate interests (security, service maintenance, de‑identified analytics).

Consent (where required by law, e.g., for certain ad/identifier uses).

Legal obligations (to comply with applicable laws).

 

3. Retention

Account & profile data / uploaded content: retained for the life of your account and deleted promptly when you delete your account. Backups containing your deleted data are purged within 30 days.

Security and operational logs: retained up to 6 months unless we must keep them longer for fraud prevention or legal obligations.

 

4. Sharing and processors (service providers)

We do not sell your personal information. We share it only with service providers under contracts that protect your data.

Supabase — hosting/database/authentication (project located in the Asia‑Pacific region, e.g., Tokyo or Seoul; exact project region available on request).

Google AdMobnon‑personalized advertising delivery.

If we add new processors (e.g., push or crash reporting), we will update this section and, where required, seek your consent.

 

5. International data transfers

Where your information is transferred outside your country, we rely on appropriate transfer safeguards (e.g., Standard Contractual Clauses or equivalent mechanisms) and implement technical/organizational measures to protect your data.

 

6. Security

In transit: TLS encryption.

At rest: server‑side encryption for stored content and databases.

Passwords: hashed using bcrypt.

Access controls: least privilege, role‑based access, logging and monitoring (including row‑level controls where supported).

Organizational: internal policies, need‑to‑know access, and vendor oversight.

 

7. Your rights

Depending on your location, you may have the right to access, correct, delete, restrict or object to processing, and/or data portability. You can also withdraw consent where processing is based on consent. We respond to requests within 30 days (or the period required by law). Contact: myclick90@gmail.com.

 

8. Children

The app is not directed to children and is intended for users who meet the minimum age in their region: KR: 14+, US: 13+, EU/UK: up to 16 (member‑state dependent), JP: 13+. We do not knowingly collect data from children. If you believe a child has provided data, contact us and we will delete it.

 

9. Cookies and tracking

We do not operate a consumer website requiring cookies. In‑app ads are non‑personalized via AdMob, which may use device/advertising identifiers solely to serve and limit ads without building behavioral profiles.

 

10. “Do Not Sell or Share” (California)

We do not sell or share personal information as defined by California law. Because we serve non‑personalized ads, your ad choices are respected via platform settings. California residents may exercise their privacy rights by emailing myclick90@gmail.com.

 

11. Changes to this policy

We may update this policy as our service or laws change. We will post changes in‑app and, for material changes, notify you at least 7 days in advance (30 days where required). We will maintain version and effective date information.

 

12. Contact

Operator: jiseosiyu
Email: myclick90@gmail.com
Address: South Korea

 

Annex A — Korea (PIPA)

Controller: jiseosiyu.

Rights: access, correction, deletion, and processing suspension per PIPA; requests via myclick90@gmail.com.

Overseas transfers: we provide notice of transferees (e.g., Supabase, Google AdMob) and safeguards; contact us for the latest list and regions.

Complaint channels: KISA (118), Supreme Prosecutors’ Office (1301), National Police Agency (182).

Annex B — EU/UK (GDPR/UK GDPR)

Legal bases: contract; legitimate interests (security/maintenance); consent where required; legal obligations.

Your rights: access, rectification, erasure, restriction, objection, portability, and the right to lodge a complaint with a supervisory authority.

Transfers: safeguarded via SCCs or equivalent. Where required, we will designate an EU/UK representative and publish details.

Annex C — United States (California)

Categories collected: identifiers (email; device/advertising IDs for NPA), internet activity (basic app event logs).

No sale/share: we do not sell/share PI as defined by CPRA.

Rights: know/access, delete, correct, and limit certain uses of sensitive data (not used). Requests: myclick90@gmail.com.

Annex D — Japan (APPI)

Cross‑border transfers: when transferring PI to a third party in a foreign country, we implement required measures and provide information about the recipient’s data‑protection system and safeguards upon request.

Your rights: access, correction, suspension of use, deletion.