Privacy Policy

2.1 Account Information

• Email address (for account identification and communication)
• Password (encrypted and hashed)
• Parent and family member names
• Billing information for subscription management

2.2 Device and Technical Information

• Device identifiers, type, and operating system version
• Installed applications and their metadata
• IP address and location data (for security purposes)
• Log files and diagnostic information

2.3 Usage and Activity Information

• Application usage times and session data
• Websites visited and web browsing activity
• Screen time statistics and device interaction patterns

2.4 Child Device Monitoring Data (Android App)

The ParentalEdge child monitoring app installed on Android devices collects the following specific data to provide parental control services:

• Installed Applications: Package identifiers, app names, and app icons (base64 encoded) of all installed apps on the child's device
• App Usage Sessions: When apps are opened/closed, session duration, app categories, and usage patterns
• Web Browsing Activity: URLs visited, domain names, web page titles, browsing session data including list of visited pages within each session
• YouTube Video Tracking: Video identifiers, video titles, channel names, thumbnails, and watch duration for YouTube content viewed through the YouTube app
• Search Activity: Search queries entered in web browsers, search engines used (Google, Bing, DuckDuckGo, etc.), and URLs clicked from search results
• Content Categories: Automatic classification of apps and websites into content categories (e.g., social media, gaming, educational, adult content) for filtering purposes
• Blocking Events: Records of blocked activities including the app/website blocked, timestamp, and reason for blocking (e.g., time limit exceeded, restricted content)
• Device Activity: Screen on/off events, device lock status, and battery optimization settings

2.5 AccessibilityService Data Collection (Android)

ParentalEdge uses Android's AccessibilityService permission to enable core parental control features. This permission allows the app to read screen content for legitimate parental monitoring purposes only, even when the app is closed or running in the background. We collect the following data through AccessibilityService:

• App Names: We identify which apps your child uses (e.g., WhatsApp, Instagram, YouTube) by detecting when apps are opened or switched, including the app package names and usage timestamps
• Website URLs: We read the web address from the browser's address bar to know which websites are being visited
• Search Queries: We read what your child types into search boxes across all apps to monitor search queries
• YouTube Video Information: We read YouTube video titles displayed on screen and identify video IDs to log which videos your child watches
• App Usage Activity: We detect when apps are opened, closed, or switched to track how long each app is used and calculate session durations

How We Use AccessibilityService Data:

• Real-time blocking of prohibited apps/websites configured by parents
• Screen time tracking and automatic blocking when limits are reached
• Activity reports and alerts sent to parent dashboard
• Aggregated usage summaries for daily, weekly, and monthly reports

3.1 Primary Purposes

• Parental Control Services: Monitor and control device usage according to your configured settings
• Family Safety: Generate activity reports, usage statistics, and safety insights
• Real-time Alerts: Send notifications about blocked content, time limits, and safety concerns
• Account Management: Maintain your subscription and provide access to family controls

3.2 Secondary Purposes

• Customer Support: Respond to inquiries and troubleshoot technical issues
• Service Improvement: Analyze usage patterns to enhance features and functionality
• Security: Detect fraud, prevent misuse, and protect system integrity
• Legal Compliance: Meet Australian regulatory requirements and court orders

4.1 Technical Safeguards

• Encryption: All personal information encrypted in transit (TLS 1.3) and at rest (AES-256)
• Authentication: Multi-factor authentication and secure password policies
• Network Security: Firewalls, intrusion detection systems, and network monitoring
• Database Security: Encrypted databases with access logging and audit trails

4.2 Administrative Safeguards

• Access Control: Personal information access restricted to authorized personnel only
• Staff Training: Regular privacy and security training for all employees
• Background Checks: Security screening for staff with access to personal information
• Incident Response: Established procedures for data breach notification and response

6.1 Access Rights (APP 12)

• Access Request: Request access to personal information we hold about you
• Response Time: We will respond within 30 days of receiving your request
• Format: Information provided in a reasonable format (digital copy, summary, or inspection)
• Fees: No charge for standard requests; reasonable fees may apply for extensive requests

6.2 Correction Rights (APP 13)

• Correction Request: Request correction of inaccurate, out-of-date, or incomplete information
• No Charge: Corrections provided at no cost to you
• Notification: We will notify third parties of corrections where reasonably practicable
• Statement: If we refuse correction, you may request we attach a statement of your view

6.3 Additional Rights

• Complaint Rights: Lodge complaints with us or the Office of the Australian Information Commissioner (OAIC)
• Consent Withdrawal: Withdraw consent for data collection where legally permissible
• Account Deletion: Request deletion of your account and associated personal information
• Data Portability: Request export of your personal information in a standard format

7.1 Australian Privacy Act Compliance (APP 3.6)

• Parental Authority: Only parents or legal guardians can create accounts and configure monitoring
• Reasonable Collection: Children's personal information collected only when reasonably necessary for family safety services
• Best Interests: All data collection conducted with the child's best interests as primary consideration
• Age Verification: Parental identity verified before accessing children's information

7.2 International Child Privacy Standards

• COPPA Compliance (USA): Verifiable parental consent obtained before collecting personal information from children under 13
• GDPR Compliance (EU): Enhanced protection for children's personal data with explicit parental consent
• Access Restrictions: Children cannot directly access, modify, or delete their monitoring data
• Age-Based Transitions: Data handling policies automatically update as children mature