Privacy Policy

1. Overview

Stay LoCo ("we", "us", "our") is a family calendar application that helps parents manage their children's activities, sports, school events, and more. This privacy policy describes how we collect, use, and protect information when you use our service at app.stay-loco.com.

2. Information We Collect

Account Information: When you sign in, we collect your email address and display name through Firebase Authentication (Google Sign-In). We do not store passwords.

Ohana and Member Information: You can add members of your household ("Ohana") to the app, including names and roles. If a member has their own account, their user ID is linked so they can see and update the shared schedule.

Calendar Data: We access calendar feed URLs (ICS feeds) that you provide. These feeds contain event names, dates, times, locations, and descriptions from your sports teams, schools, and other organizations.

Google Calendar Access: If you connect Google Calendar, we request permission to create and manage calendars and events on your behalf. We use this solely to sync your consolidated schedule to Google Calendar. We access only calendars created by Stay LoCo and do not read or modify your existing personal calendars.

Location Data: If you use the drive time feature, we send event locations to the Google Maps API to calculate travel estimates. We cache these results to reduce repeated lookups. We do not track your real-time location.

Phone Number (optional): If you enable SMS or voice-call notifications in Settings, you provide a phone number. We send time-sensitive alerts to that number via Twilio -- schedule changes, conflicts, departure reminders, and "I'm running late" alerts from other members of your Ohana. You can turn SMS and voice channels off at any time.

Push Notification Tokens: If you enable push notifications, we store a Firebase Cloud Messaging (FCM) token for each device you grant permission on. We use these tokens solely to deliver push alerts to your devices. You can revoke permission from your device settings or by signing out.

Notification History: We keep a per-user record of the notifications we send you (schedule changes, conflicts, departure reminders, weather warnings, and running-late alerts from your Ohana) so you can review them in the in-app notification center. Only you can read your own notification history.

Running-late Alerts: When you tap "I'm running late" on an event, we store the event reference, your optional ETA, and any note you add. We use this record to notify the rest of your Ohana and to show your running-late status on the event until you clear it. These alerts are visible only to members of your Ohana.

Usage Data: We collect basic usage analytics through Firebase to understand how the app is used and to diagnose issues. This may include page views, feature usage patterns, and error logs.

3. How We Use Your Information

We use your information to provide and improve the Stay LoCo service, including:

- Fetching and merging calendar feeds, syncing events to your Google Calendar, calculating drive times, and detecting scheduling conflicts.

- Sending push notifications, SMS messages, and voice calls through the channels you have opted into, for events such as schedule changes, conflict alerts, departure reminders, weather warnings, carpool coordination, and "I'm running late" alerts from other members of your Ohana.

- Saving a record of each notification to the in-app notification center so you can review what you missed.

- Fanning out "I'm running late" alerts that you send to the other members of your Ohana.

We do not sell, rent, or share your personal information with third parties for marketing purposes. We do not use your data to train general-purpose machine learning models.

4. Data Storage and Security

Your data is stored in Google Firebase (Firestore) and secured using Firebase security rules and HTTPS encryption in transit. Google Calendar OAuth tokens are stored encrypted in Firestore and are only used to maintain your calendar sync connection. We retain your data for as long as your account is active.

5. Third-Party Services

Stay LoCo integrates with the following third-party services, each governed by their own privacy policies:

- Google Firebase -- authentication, Firestore database, Cloud Functions, Cloud Messaging (push), and hosting.

- Google Calendar API -- event sync (opt-in).

- Google Maps Platform -- drive-time estimates.

- Twilio -- SMS and voice-call delivery for opt-in alert channels. Phone numbers and message text are transmitted to Twilio only when you have enabled those channels. See Twilio's privacy policy.

- MailerSend -- transactional email delivery (notifications and invites).

- Anthropic API (Claude) -- AI assistant features.

We encourage you to review the privacy policies of these services.

6. Google API Services User Data Policy

Stay LoCo's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we only use Google Calendar data to provide and improve user-facing features visible to you, we do not transfer data to third parties except as necessary to provide the service, we do not use data for advertising, and we do not allow humans to read your data unless you provide affirmative consent, it is necessary for security purposes, or it is required by law.

Stay LoCo accesses Google Calendar data only to publish unified family activity events to a dedicated "Stay LoCo" calendar that the app creates in the user's account.

We store this data in Firestore. We do not share it with third parties, use it for advertising, use it to train general-purpose machine learning models, or sell it.

Users can revoke access at any time via Settings > Disconnect Google Calendar or at myaccount.google.com/permissions.

Users can delete all their data at any time via Settings > Danger Zone > Delete Account.

Stay LoCo complies with the Google API Services User Data Policy, including the Limited Use requirements.

7. Your Rights

You can manage your data at any time from within the app:

- Disconnect Google Calendar from Settings, which revokes our access and removes the synced calendar.

- Turn any notification channel (push, SMS, voice, email) on or off from Settings > Notifications.

- Remove a phone number from your profile to stop SMS and voice alerts.

- Mark individual in-app notifications as read or clear a running-late alert you've sent.

- Remove individual calendar feeds at any time.

- Delete your account and all associated data (Ohana, events, notifications, running-late alerts, carpool assignments, FCM tokens, and phone number) from Settings > Danger Zone. Deletion is immediate with no recovery window.

8. Children's Privacy

Stay LoCo is designed for use by parents and guardians to manage their children's schedules. The service is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can take appropriate action.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this privacy policy or your data, please contact us at bdinsmor@gmail.com.