Privacy Policy

This Privacy Policy explains how CareOkid ("we," "us," or "our") collects, uses, processes, and protects your data when you use our website and our direct-installation Android Application (collectively, the "Service"). We are committed to absolute transparency regarding our data practices.

By creating an account and deploying CareOkid, you accept the practices outlined in this policy.

1. The CareOkid Security Commitment: Zero-Access & 30-Day Purge

Before detailing our data collection, we want to outline our core architecture designed to protect the privacy of the target (child’s) device:

• Zero-Access Architecture: We use client-side encryption mechanisms. The keys required to decrypt the monitored data are derived directly from your account password. Because we do not store your plain-text password or hold these decryption keys, CareOkid staff, engineers, and third-party infrastructure providers cannot access or view your monitored data. Only you can access it through your secure Control Panel.
• Automated 30-Day Purge: We do not retain data indefinitely. An automated global system permanently deletes all monitored device data from our infrastructure once it exceeds 30 days. This cleanup occurs daily at 09:30 AM UTC. Once purged, this data is completely irrecoverable. We recommend exporting critical logs to your own secure storage before this window closes.

2. Data Roles and Legal Frameworks

• Your Role (Data Controller / Fiduciary): When using CareOkid to monitor a device, you determine the purpose of data collection. You act as the Data Controller (or Data Fiduciary under regional laws). You are solely responsible for ensuring you possess the lawful right and explicit authority (such as legal guardianship over a minor child) to monitor the target device.
• Our Role (Data Processor): CareOkid acts strictly as a Data Processor. Because your monitored data is encrypted before it reaches our infrastructure, we process this data blindly on your behalf to display it on your dashboard.

3. Information We Collect

We process information across three distinct categories:

A. Account & Billing Data (Provided by You)

• Identity Information: Full name and email address for account authentication and critical updates.
• Transaction Information: Billing address and contact details. Note: Your payment card details are securely processed directly by our third-party global payment gateways and are never stored or visible on CareOkid’s servers.

B. Target Device Data (Generated by the App)

This includes the activity data retrieved from the Android device where the CareOkid application is deployed (e.g., location logs, notification data, or device stats). As stated in Section 1, this data is fully encrypted on-device before transmission and remains unreadable to us.

C. System Logs & Analytics (Collected Automatically)

When you interact with our website or management console, we automatically log basic technical data: IP address, browser type, operating system, and basic performance telemetry to optimize server loads, prevent DDoS attacks, and ensure system stability.

4. How We Use Your Information

We use your Account and System Log data strictly to:

• Provide, host, and maintain the CareOkid infrastructure.
• Process subscription payments and detect potential transaction fraud.
• Send essential system alerts, billing confirmations, and technical support responses.
• Secure our self-hosted networks and prevent malicious system abuse.
• Send product updates or marketing communications only if you have explicitly opted in. You can opt out at any time.

5. Data Sharing & Third-Party Protections

We do not sell, rent, or trade your personal information. Data is shared exclusively under the following conditions:

• Essential Service Providers: We share limited account/billing info with trusted infrastructure partners (such as our secure cloud hosting providers and payment processors) who operate under strict Data Processing Agreements (DPAs).
• Legal Compliance Limitations: We will cooperate with lawful court orders or regulatory requests regarding your Account Data (such as registration email or billing history) if required by law. However, please note: Because Target Device Data is fully encrypted, we cannot decrypt or provide the contents of monitored logs to law enforcement or any third party. We literally do not possess the technical means to do so.

6. Your Data Rights

CareOkid supports global data protection principles, including rights aligned with the European GDPR and the Indian Digital Personal Data Protection (DPDP) Act. You have the right to:

• Access & Portability: Request a copy of your personal account information.
• Rectification: Update or correct inaccurate account details.
• Erasure (Right to be Forgotten): Request the complete deletion of your account.
• Withdraw Consent: Revoke permission for optional marketing tracks.

To exercise these rights, contact us at support@careokid.com. Account deletion requests are processed within 30 days, resulting in the permanent removal of your profile and associated encryption blocks.

7. Children’s Privacy & Consent

CareOkid is built exclusively as a parental control utility. It is designed to be managed by parents or legal guardians, not used independently by children. We do not knowingly collect account registration data from individuals under 18.

By deploying the application to monitor your minor child, you grant explicit parental consent for the secure transmission and processing of that device's telemetry on our platform.

8. Data Security & User Responsibility

We utilize production-grade firewalls, restricted database access controls, and isolated storage environments to secure our infrastructure.

However, because your personal account password is the root key used to derive your data's decryption mechanism, your account security is fundamentally in your hands. CareOkid cannot recover accounts or data lost due to compromised passwords and is not liable for unauthorized access resulting from weak or shared credentials.

9. International Data Transfers

CareOkid serves a global user base. Our central infrastructure is securely hosted in India. By using the Service, you acknowledge that your account data may be transferred to and processed in this region. We maintain uniform, high-level encryption and privacy protocols globally, regardless of where you log in from.

10. Governing Law & Jurisdiction

This Privacy Policy is governed by and construed in accordance with the laws of India. Any legal disputes or claims arising from the use of this service shall be subject to the exclusive jurisdiction of the courts located in [Panaji, Goa, India], to the exclusion of all other jurisdictions.

Contact Us

For data deletion requests, privacy inquiries, or to contact our Data Protection Officer:

Email: support@careokid.com