Privacy policy
Here's how we handle your data. Plain language, no surprises.
1. What we collect
We only collect what we need to make EasyCo work for you:
- Account info — your email, display name, and role (admin or viewer).
- Family data — the kids you add, your shared calendar, child support records, expenses, and messages between co-parents.
- Usage data — an audit log of changes inside your family, plus error events so we can fix bugs faster.
2. How we use it
Your data exists to power EasyCo for your family. We use it to:
- Run the co-parenting features you actually opened the app for.
- Send the reminders you've turned on.
- Keep an audit trail so both parents can see what changed and when.
- Diagnose and fix technical errors.
We don't sell your data, share it for advertising, or use it to train anyone's AI.
3. Where it lives
Your data is stored in Supabase (PostgreSQL) on secure cloud infrastructure in the United States. Every row is scoped to your family, and we use database-level row-level security so other families can't see anything that's yours — not even by accident.
4. How long we keep it
We keep your data while your account is active. When you delete your account, your personal profile and login record are removed permanently. Family records (events, expenses, support history) created by an admin stay until that admin deletes their account as the last family member.
5. Your rights
You're in control of your data. You can:
- See it — every record is visible inside the app (settings, audit log, calendar, expenses).
- Fix it — update records directly, or ask your family admin for account-identity corrections.
- Delete it — wipe your account permanently from the Settings page (Danger Zone).
- Take it with you — export your expense history as CSV from the Expenses page.
6. Cookies
We use the bare minimum:
- An authentication session cookie (Supabase) so you stay signed in.
- A CSRF token to keep your account safe.
- Your language preference (
easyco_language).
No tracking pixels, no advertising cookies. Period.
7. Your CCPA rights
We don't sell your data. Period. Under the CCPA, you have these rights — and we'll honor them within 45 days:
- The right to know what data we collect
- The right to delete your data (visit Settings → Delete account) /settings
- The right to correct inaccurate data
- The right to not be punished for exercising these rights
- The right to opt out of sale — and again, we do not sell personal data.
Email privacy@esaycoparenting.com to request, correct, or delete your data within 45 days.
8. Who else touches your data
We work with a few trusted vendors to run EasyCo. Each one only sees what they need to do their job:
| Service | Purpose | Region |
|---|---|---|
| Supabase | Auth, database, storage | United States |
| Resend | Transactional email | United States |
| Twilio | SMS notifications (when enabled) | United States |
| Vercel | Hosting + edge compute | United States |
| Sentry | Error monitoring | United States |
9. How long we keep things
How long different kinds of data stick around:
| Data type | Retention period |
|---|---|
| Account data | Until deletion + 45-day grace period |
| Audit logs | 24 months rolling |
| Error events | 90 days rolling |
| Notification outbox | 90 days rolling |
10. Get in touch
Privacy questions or concerns? Email us at privacy@esaycoparenting.com — a real human reads every message.
Last updated: 2026-05-04