Privacy Policy

1. Overview

Baseline is a private family health check-in application that helps parents and children record symptoms, daily factors, and patterns over time. Baseline uses authentication, role-based access controls, HTTPS, hashed child passwords, and limited third-party processing to protect family health logs. This Privacy Policy explains what information we collect, how we use it, and how we protect it.

Baseline is intended for family awareness and communication, not for medical diagnosis, treatment, or emergency use.

2. Data We Collect

2.1 Information You Provide

Child account credentials — username and a bcrypt-hashed password. We never store passwords in plain text.
Child profile information — name, date of birth, gender, weight, and diagnoses. This is used to personalize the experience and provide contextual AI analysis.
Daily health logs — factors such as water intake, electrolyte use, caffeine consumption, exercise, sleep duration, nutrition notes, and symptom severity ratings.

2.2 Information Collected Automatically

Google account email — when a parent logs in via Google OAuth, we receive their email address to verify they are on the authorized parent list.
Session tokens — we use browser cookies to keep you logged in. Session cookies expire after 30 days.

2.3 Data We Do Not Collect

We do not collect location data.
We do not collect analytics or tracking data from the app itself.
We do not use third-party advertising or tracking scripts.
We do not collect payment information.

3. How We Use Your Data

Health logging and trends — to display daily logs, compute trend statistics, and surface patterns over time.
AI analysis — when a parent requests AI insights, we send a limited data summary to OpenAI's API. This summary does not include the child's name, username, email address, or internal account ID. It may include age, gender, diagnoses, symptom ratings, health factors, and statistical summaries.
Parent administration — to allow parents to manage child accounts, view health data, and export records.
Authentication — to verify parent identity via Google OAuth and child identity via username/password.

We do not sell, rent, or share your health data with any third parties for marketing or commercial purposes.

The only external service that receives any data is OpenAI, and only when a parent explicitly clicks the “Generate AI Insights” button. When a parent requests AI insights, Baseline sends a limited data summary to OpenAI's API. This summary does not include the child's name, username, parent email address, or internal account ID. It may include age, gender, diagnoses, recent symptom ratings, health factors, and statistical summaries. AI insights are optional and are generated only when a parent selects the AI insights feature.

AI generation is limited to 5 requests per child per day.

OpenAI API data handling is governed by OpenAI's applicable API terms and privacy practices. As of this policy date, OpenAI states that API data is not used to train models by default and may be retained for abuse monitoring unless a different data-retention setting applies. See OpenAI's Privacy Policy for current details.

5. Data Storage and Security

Database — all data is stored in a SQLite database on a persistent volume hosted on Fly.io.
Encryption in transit — all connections use HTTPS/TLS encryption.
Password security — child passwords are hashed using bcrypt with a default cost factor. Parents authenticate via Google OAuth and do not have passwords stored in our system.
Session security — session cookies use SameSite=Lax to prevent cross-site request forgery, and the Secure flag is enforced in production.
Access control — children can only view and edit their own data. Parents can view all children's data and manage accounts. There is no public access to any health data.

6. Data Retention

We retain your data for as long as your account is active. If you would like your data deleted, please contact the app administrator directly. Deletion of a child account will cascade and remove all associated health logs, symptom data, and AI reports.

7. Children's Privacy

Children may use Baseline only through an account created and authorized by a parent or legal guardian. A parent or legal guardian is responsible for providing consent for the child's use of the app and for the collection of the child's health check-in data.

Parent or guardian consent is required before a child uses Baseline. Parent accounts control account creation, password management, data access, export, and deletion. A parent or guardian may request access to, correction of, export of, or deletion of a child's data by contacting the app administrator.

Children can only log their own daily health data and view their own trends. Children cannot access AI analysis features, administrative functions, or other children's data.

We do not intentionally send a child's name, username, or direct account identifiers to third-party AI services.

8. HIPAA

Baseline is intended for personal family use and is not operated on behalf of a health plan, health care clearinghouse, or covered health care provider. Baseline is not intended to create, receive, maintain, or transmit protected health information on behalf of a HIPAA covered entity.

9. Third-Party Services

Fly.io — application hosting and database storage. Their privacy policy is available at fly.io/legal/privacy-policy.
Google OAuth — parent authentication. Google provides the user's email address for verification. See Google's Privacy Policy.
OpenAI — AI analysis (on-demand only). Data handling is governed by OpenAI's API terms. As of this policy date, OpenAI states that API data is not used to train models by default. See OpenAI's Privacy Policy.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by updating the “Last updated” date at the top of this page. Your continued use of the app after changes are posted constitutes acceptance of the updated policy.

11. Contact

For questions about this Privacy Policy or to request access to, correction of, export of, or deletion of a child's data, please contact the app administrator.