BabyRecallTracker

Privacy Policy

Effective Date: 04/14/2026

Last Updated: 05/03/2026

1. Introduction

Baby Recall Tracker ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use BabyRecallTracker.com and related services (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We may collect the following personally identifiable information:

  • Name
  • Email address
  • Account login credentials (via authentication providers)
  • Phone number (if SMS alerts are enabled)
  • Payment information (if using paid features, processed via third-party providers)

2.2 Account and Usage Data

We collect information related to your use of the Service:

  • Tracked items (products you own or monitor)
  • Recall matches and alert history
  • User preferences and settings
  • Interaction data (e.g., clicks, feature usage)

2.3 Email Integration Data

If you connect your email account (e.g., Gmail, Microsoft Outlook), we use the access token you grant to perform a narrowly scoped purchase-receipt scan. The exact processing flow is:

  1. We query your inbox for messages that match purchase-receipt patterns (e.g., order confirmation senders, shipping notifications). We do not download messages outside of those purchase-related queries.
  2. For each matching message, we extract only the product information needed to monitor for recalls: item names, brand/manufacturer names, model numbers when present, and purchase dates.
  3. After extraction, the original message body is discarded from our systems within approximately 60 seconds. We do not retain raw email message bodies, attachments, or unrelated email content after the extraction step completes.
  4. The extracted, structured product data is stored in your account so we can match it against incoming recall feeds and notify you when a match is found.

We do not:

  • Read unrelated personal emails beyond what is matched by the purchase-receipt query
  • Use email data for advertising, retargeting, personalization profiles, or resale
  • Sell, rent, or trade email content or extracted product data to any third party
  • Allow any human to read your email content, except (a) with your explicit, in-context permission for a specific support request you initiate, (b) when required by applicable law, or (c) when investigating an active security incident
  • Train or fine-tune general-purpose AI/LLM models using your email content
  • Store original email message bodies after extraction has completed

See Section 19 below for our binding commitment under the Google API Services User Data Policy and the Limited Use requirements that apply to data obtained via the Gmail API.

2.4 Device and Technical Data

We automatically collect:

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Log files and diagnostic data

2.5 Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain sessions
  • Improve performance
  • Analyze usage patterns

Users may control cookies through browser settings.

3. How We Use Your Information

We use collected information to:

  • Provide and operate the Service
  • Identify and track relevant products
  • Match products to recall data
  • Send alerts and notifications
  • Improve accuracy and performance
  • Provide customer support
  • Detect fraud and maintain security
  • Comply with legal obligations

4. Legal Basis for Processing (If Applicable)

Depending on your location, we process data under:

  • Consent (e.g., email scanning, SMS alerts)
  • Contractual necessity (providing the Service)
  • Legitimate interests (improving and securing the platform)
  • Legal obligations

5. Data Sharing and Disclosure

We do not sell your personal data.

Mobile opt-in data is not shared with third parties for their marketing purposes.

We may share data with:

5.1 Service Providers

  • Hosting (e.g., Vercel, cloud providers)
  • Database providers (e.g., Supabase)
  • Email/SMS providers (e.g., Brevo)
  • Analytics services

These providers only access data as needed to perform services.

5.2 Legal Requirements

We may disclose data if required to:

  • Comply with laws or regulations
  • Respond to legal requests
  • Protect rights, safety, or property

5.3 Business Transfers

If the company is acquired or merged, your data may be transferred as part of that transaction.

6. Data Retention

We retain different categories of data for different periods based on the minimum necessary to operate the Service:

  • Original email message bodies and attachments: not retained beyond the extraction step (typically discarded within ~60 seconds of being read).
  • Extracted product/purchase data (item name, brand, model, purchase date):retained until you delete the corresponding tracked item, disconnect your email account, or delete your account.
  • OAuth access and refresh tokens for connected email accounts:stored in encrypted form (AES-256-GCM) and retained until you disconnect that email account or delete your account, at which point they are removed from our database and we revoke them with the upstream provider where supported.
  • Account profile data (email address, name, preferences): retained while your account is active. Deleted within 30 days of account deletion.
  • Recall match history and alert records: retained while your account is active so you can review past alerts. Deleted within 30 days of account deletion.
  • Operational and security audit logs (request metadata, error traces, scan run records): retained for up to 90 days for debugging, abuse detection, and compliance purposes.
  • Billing records (Stripe customer/subscription IDs, transaction history):retained for the period required by tax and financial-records laws (typically 7 years in the United States), even after account deletion.
  • De-identified aggregate metrics (e.g., total scans run, average matches per week): may be retained indefinitely for product analytics. These cannot be used to re-identify any individual user.

You may request deletion at any time (see Section 9). Deletion is processed immediately for active data; backup copies are purged on the next backup-rotation cycle (typically within 30 days).

7. Data Security

We implement reasonable administrative, technical, and physical safeguards, including:

  • Encryption (in transit and at rest where applicable)
  • Secure authentication systems
  • Restricted internal access

However, no system is completely secure. Use of the Service is at your own risk.

8. Third-Party Services

The Service integrates with third parties (e.g., Google, Microsoft, analytics providers). These services have their own privacy policies. We are not responsible for their practices.

9. Your Privacy Rights

Depending on your location, you may have rights to:

  • Access your data
  • Correct inaccurate data
  • Delete your data
  • Restrict or object to processing
  • Export your data (data portability)

9.1 Account Deletion

You can delete your data at any time using either of the following methods:

  • Self-service account deletion (recommended): sign in and go to the Account page. The "Delete account" control there immediately removes your user record, all tracked items, all recall match history, all email-connection records (including stored OAuth tokens), all ingestion audit data, and all notification preferences. Stripe billing is automatically cancelled if you have an active subscription.
  • Per-item deletion: remove individual tracked items from your dashboard at any time.
  • Email request: if you cannot access your account, email contact@babyrecalltracker.com from the address associated with your account and we will process the deletion manually.

Upon deletion:

  • Active personal data is removed from our production database immediately.
  • OAuth refresh tokens for connected email accounts are deleted from our database; we revoke them with the upstream provider where the provider supports programmatic revocation.
  • Backup copies are purged on the next backup-rotation cycle (typically within 30 days).
  • Billing records may be retained as described in Section 6 to comply with tax and financial-records laws.
  • De-identified aggregate metrics may be retained for product analytics but cannot be used to re-identify you.

10. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal data from children. If such data is identified, it will be deleted promptly.

11. SMS and Communications

If you opt into SMS alerts:

  • Message frequency may vary
  • Standard carrier rates may apply
  • You may opt out at any time by replying "STOP"

We may also send:

  • Service-related emails
  • Recall alerts
  • Important account notifications

12. International Data Transfers

If you access the Service from outside the United States, your data may be transferred and processed in the United States.

13. Changes to This Privacy Policy

We may update this Privacy Policy at any time. Changes will be posted with an updated "Last Updated" date. Continued use of the Service constitutes acceptance of changes.

14. Do Not Track Signals

We do not currently respond to "Do Not Track" browser signals.

15. California Privacy Rights (CCPA/CPRA)

California residents may have the right to:

  • Know what personal data is collected
  • Request deletion of personal data
  • Opt out of data selling (we do not sell data)

Requests can be submitted via the contact information below.

16. Contact Information

For questions or requests:

Email: contact@babyrecalltracker.com

Company Name: Baby Recall Tracker

17. Data Minimization Commitment (Important for Trust)

We are committed to:

  • Collecting only what is necessary
  • Limiting data access internally
  • Avoiding unnecessary storage of sensitive data
  • Designing systems with privacy in mind

18. Transparency Regarding Recall Matching

To provide value, the Service:

  • Uses automated systems to match products to recall databases
  • Relies on third-party recall sources
  • May produce false positives or miss certain recalls

Users should always verify recall information through official sources.

19. Google API Services User Data Policy & Limited Use Disclosure

Baby Recall Tracker's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In particular, with respect to data obtained via the Gmail API (thehttps://www.googleapis.com/auth/gmail.readonlyscope), we commit to the following:

  • Use limitation: we use Gmail data only to provide the user-facing Baby Recall Tracker features that the user signed up for — specifically, identifying purchased products from receipts and matching those products against recall feeds.
  • Transfer limitation: we do not transfer Gmail data to any other application or third party, except as necessary to provide or improve those user-facing features (e.g., processing within our own infrastructure on Vercel and Supabase), to comply with applicable law, or as part of a merger, acquisition, or sale of assets where the receiving party will continue to honor this policy.
  • No advertising use: we do not use Gmail data to serve advertisements, including retargeting, personalized, or interest-based advertising.
  • No human reading: we do not allow any human to read Gmail data except (a) with the user's explicit, in-context permission for a specific support request the user has initiated, (b) when necessary for security purposes (such as investigating an active security incident), (c) when required by applicable law, or (d) where the data has been aggregated and de-identified and is used only for internal operations such as system monitoring.
  • No model training: we do not use Gmail data to develop, train, fine-tune, or improve general-purpose AI/ML models, including large language models. The narrow extraction and matching automation we run operates on each message at scan time and does not retain message content for training.

You can disconnect your Google account from the Account page at any time, which immediately deletes the stored OAuth tokens and stops further Gmail access. You can also revoke our access directly from your Google account's Third-party apps with account access page.

20. Reporting a Security Issue

If you believe you have found a security vulnerability in Baby Recall Tracker, please email contact@babyrecalltracker.com with the subject line "Security report" and a description of the issue, steps to reproduce, and any proof-of-concept material. We aim to acknowledge reports within 5 business days. See our Security & Trust page for the controls we operate and our coordinated disclosure policy.