Privacy Policy

Effective date: [INSERT DATE]

Family Chat (“we”, “us”, or “our”) operates the Family Chat platform, which provides private Matrix chat servers for families. This Privacy Policy explains how we collect, use, store, and protect your personal information.

1. Information We Collect

Information you provide

• Account information: family name, email address, and password when you sign up.
• Member information: names and email addresses of family members you add to your server.
• Payment information: billing details processed by Stripe. We do not store credit card numbers on our servers.

Information collected automatically

• Usage data: server provisioning status, federation settings, and administrative actions within the control panel.
• Log data: IP addresses, browser type, and access timestamps for security and debugging purposes.

Information we do NOT collect

• Message content: your chat messages are stored on your dedicated Dendrite server. We do not read, analyse, or mine your messages.
• Media files: images, videos, and files shared in your chats remain on your server.

2. How We Use Your Information

We use your information to:

• Provision and maintain your private Matrix chat server.
• Process payments and manage your subscription.
• Send transactional emails (account setup, billing notifications, federation requests).
• Monitor server health and resolve technical issues.
• Comply with legal obligations.

We do not sell your personal information to third parties. We do not use your data for advertising or profiling.

3. Data Storage and Security

• Your account data is stored in a PostgreSQL database hosted on Hetzner Cloud infrastructure in the EU.
• Your chat data is stored on your dedicated Dendrite instance, isolated from other families.
• All data in transit is encrypted via TLS.
• Access to infrastructure is restricted to authorised personnel and secured with SSH keys and API tokens.

4. Third-Party Services

We use the following third-party services:

5. Data Retention

• Account data is retained for the duration of your subscription and for 30 days after cancellation.
• Chat data on your Dendrite server is retained while your subscription is active. After cancellation, server data is deleted within 30 days.
• Payment records are retained as required by applicable tax and accounting regulations.
• Server logs are retained for up to 90 days.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal data.
• Correct inaccurate data.
• Delete your data (“right to be forgotten”).
• Export your data in a portable format.
• Object to processing of your data.
• Withdraw consent where processing is based on consent.

To exercise any of these rights, contact us at [INSERT CONTACT EMAIL].

For EU/EEA residents (GDPR)

We process your data under the following legal bases:

• Contract performance: providing the service you signed up for.
• Legitimate interest: security monitoring, fraud prevention, and service improvement.
• Legal obligation: tax and accounting requirements.

Our infrastructure is hosted in the EU (Hetzner, Helsinki). If data is transferred outside the EEA, appropriate safeguards are in place.

7. Children’s Privacy

Family Chat is designed for family use, including children. Parent accounts control all access. Child accounts are created and managed by parents. We do not knowingly collect personal information from children without parental consent through the parent account holder.

8. Cookies

The Family Chat website uses only essential cookies required for the control panel session. We do not use tracking cookies, analytics cookies, or third-party advertising cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the control panel. Continued use of the service after changes constitutes acceptance.

10. Contact

For questions about this Privacy Policy or your data, contact us at:

Email: [INSERT CONTACT EMAIL]