BabyRelay Privacy Policy
Last Updated: March 22, 2026
BabyRelay ("we", "our", or "the app") is a peer-to-peer baby monitor application. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.
1. Data We Collect
Account Data
- Email address — used for account creation, authentication, and password recovery.
- Name (optional) — if provided during registration or via social sign-in (Google, Apple).
Device & Session Data
- Device push tokens — stored to deliver alert notifications to your device.
- Device role (Baby Unit or Parent Unit) — stored to manage monitoring sessions.
- Pairing codes — temporary 6-digit codes used to connect baby and parent devices. These expire after use.
Monitoring Data
- Alert records — sound and motion detection events including type, severity, and timestamp. Alerts are automatically deleted after 7 days.
- Audio/video clips (PRO subscribers only) — short alert clips uploaded to secure cloud storage (Amazon S3). Clips are automatically deleted after 30 days.
- Sleep analytics — aggregated sleep pattern data derived from monitoring sessions, stored locally on your device.
Signaling Data
- WebRTC signaling messages — offers, answers, and ICE candidates exchanged to establish peer-to-peer connections. These are automatically deleted after 1 hour.
Subscription Data
- Subscription tier and status — synced from RevenueCat (our payment processor) to manage feature access. We do not store payment card details.
2. Data We Do NOT Collect
- Live video and audio are never stored on our servers. Streams travel directly between your devices whenever possible (P2P). On restricted networks, Base and Pro plans use an encrypted TURN relay as a fallback — streams may pass through the relay in transit but are never stored or logged.
- Passwords — managed by AWS Cognito; we never have access to your plaintext password.
- Location data — we do not request or store your geographic location.
- Contacts, photos, or files — we do not access any data outside the app.
3. How We Use Your Data
| Purpose | Data Used |
|---|---|
| Account authentication | Email, password (hashed) |
| Establishing monitoring connections | Signaling messages, pairing codes, device tokens |
| Delivering alert notifications | Push tokens, alert records |
| Managing subscriptions | Subscription status via RevenueCat |
| Storing alert clips (PRO tier) | Audio/video clips on Amazon S3 |
| Improving the app | Anonymized crash reports (via Sentry) |
4. Third-Party Services
We use the following third-party services that may process your data:
| Service | Purpose | Data Shared |
|---|---|---|
| Amazon Web Services (AWS) | Authentication (Cognito), database (DynamoDB), real-time signaling (AppSync), clip storage (S3) | Account data, signaling messages, alerts, clips |
| RevenueCat | Subscription and payment management | Anonymous user ID, subscription status |
| Google STUN Servers | NAT traversal for WebRTC connections | IP address (inherent to STUN protocol) |
| Cloudflare TURN (paid tiers) | Relay for restricted networks | Encrypted media relay (IP address visible to relay) |
| Sentry | Crash reporting and error tracking | Device type, OS version, anonymized error data |
| Expo Push Notification Service | Push notification delivery | Device push tokens, notification content |
5. Encryption & Security
- Peer-to-peer streams are encrypted using WebRTC's built-in DTLS-SRTP encryption.
- Signaling messages use ECDH (P-256) key exchange for additional encryption during the connection handshake.
- Data at rest in AWS is encrypted using AWS-managed encryption keys.
- Authentication uses AWS Cognito with enforced strong password policies.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Until you delete your account |
| Signaling messages | 1 hour (auto-deleted via DynamoDB TTL) |
| Monitoring sessions | 24 hours (auto-deleted via DynamoDB TTL) |
| Alert records | 7 days (auto-deleted via DynamoDB TTL) |
| Alert clips (PRO) | 30 days (auto-deleted via S3 lifecycle) |
| Sleep analytics | Stored locally on your device only |
7. Your Rights
Access & Export
You can export your alert data at any time from Settings > Account > Export My Data. The export includes all alert records in CSV format.
Account Deletion
You can delete your account and all associated data from Settings > Account > Delete Account, or via the web deletion page. This permanently removes:
- Your user profile and authentication credentials
- All baby unit registrations and pairing data
- All shared access permissions
- All alert records and uploaded clips
- All parent connection records
Deletion is immediate and irreversible.
Data Portability
Alert data can be exported to CSV format for use in other applications.
8. Children's Privacy
BabyRelay is designed to monitor infants and young children but does not collect any data directly from children. The app is operated entirely by parents or guardians. We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13.
9. International Data Transfers
Your data is processed on AWS infrastructure. Depending on your region, data may be transferred to and stored in the United States or other AWS regions. AWS provides appropriate safeguards for international data transfers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy within the app and updating the "Last Updated" date above.
11. Contact Us
If you have questions about this Privacy Policy or your data, contact us at:
Email: support@babyrelay.io