Privacy Policy – Lina

1. Data Controller

Lina App AS, a company registered in Norway (organisation number 937090331), is the data controller responsible for the processing of personal data under this Privacy Policy.

For privacy and data protection inquiries, contact us at [email protected].

2. Scope

This Privacy Policy applies to:

• the Lina mobile application (iOS and Android)
• the Lina website (getlina.app), including the Care Schedule tool
• all features, paid and unpaid, within these services
• all users located in the European Economic Area (EEA)

This includes the use of strictly necessary local storage required for core service functionality.

It does not apply to third-party services linked from Lina.

3. Personal Data We Process

We process only data that is necessary to provide and operate the Lina service.

3.1 Data You Provide

This may include:

• name, display name, and email address
• account and authentication details (passwordless — no password is stored)
• messages and communication content
• photos and media you upload
• lists, notes, contacts, and child-related information
• support requests and correspondence

3.2 Child-Related Data

Parents may store information about their child, including:

• name and date of birth
• optional national identification number (we never validate or transmit this number externally; it is stored only as you provide it)
• height and weight
• photos and shared records
• practical notes and custom fields

3.2.1 Health Data — Special Category (GDPR Article 9)

Lina allows parents to record allergies and medication/dosage for their child. This information constitutes health data under GDPR Article 9 (special categories of personal data).

By entering allergy or medication information into Lina, you give your explicit consent under GDPR Article 9(2)(a) for us to process this health data for the sole purpose of making it available to the co-parent connected to your Lina pair. You may withdraw this consent at any time by removing the relevant data from the child's profile in the app.

Health data entered into Lina is never used for medical diagnosis, treatment, profiling, research, or any purpose beyond co-parent coordination. It is not shared with healthcare providers, insurers, or any third party other than the subprocessors listed in Section 7.

3.3 Subscription and Payment Information

Lina is a paid subscription service. We process limited subscription-related data, such as:

• subscription status (active, cancelled, expired)
• subscription type and billing period
• platform used for purchase (e.g. Apple App Store or Google Play)

Lina does not process or store payment card details. All payments are handled by Apple App Store or Google Play in accordance with their own privacy policies. Subscription entitlement status is managed via RevenueCat (see Section 7) using anonymised pair and user identifiers.

3.4 Technical and Usage Data

We may automatically collect:

• device type and operating system version
• IP address (logged server-side for security and abuse prevention)
• timestamps and usage logs related to actions within the service
• error reports (with personal identifiers removed before transmission — see Section 7)
• internal audit logs of significant actions within your pair

This data is used solely for security, stability, troubleshooting, and service integrity.

3.5 Local Storage and Essential Cookies

The Lina mobile app stores limited data locally on your device: authentication tokens, your locale and theme preferences, notification settings, and short-lived caches of album photos and care schedule drafts. Sensitive caches and authentication tokens are cleared when you sign out.

The Lina website uses limited browser storage (such as cookies or localStorage) only to remember the language preference and the Care Schedule tool's settings between visits. No tracking, analytics, profiling, or marketing cookies are used.

The Lina website uses Cloudflare Web Analytics to understand general usage patterns. Cloudflare Web Analytics collects anonymised data such as page views, time of visit, country, and device type. It does not use cookies, does not track individual users across sites, and does not enable identification of any person. No personal data is shared with Cloudflare through this service.

4. Legal Basis for Processing

Under GDPR Article 6, we process personal data based on:

• Performance of a contract (Article 6(1)(b)) — to provide the Lina service, including paid features.
• Explicit consent for special category data (Article 9(2)(a)) — for health data (allergies and medication) you choose to enter about your child. See Section 3.2.1.
• Legal obligations (Article 6(1)(c)) — where required by applicable law.
• Legitimate interests (Article 6(1)(f)) — limited to operating, securing, and improving the service, without overriding your rights.

Aside from the explicit consent for health data described above, we do not rely on consent as the primary legal basis for core service functionality.

5. Purpose of Processing

We process personal data to:

• provide and operate Lina
• enable secure cooperation between parents
• manage subscriptions and access to paid features
• maintain service security and reliability
• respond to support requests
• comply with legal obligations
• remember user-selected settings required for core functionality (such as Care Schedule preferences)

We do not use personal data for advertising, profiling, or marketing.

6. Data Minimisation and Retention

We follow GDPR principles of data minimisation and storage limitation. Specific retention periods apply:

• Account data (profile, authentication, settings): retained while your account is active. On account deletion, removed within the time periods described below.
• Shared photos in the album: automatically deleted 365 days after upload, unless a parent explicitly marks a photo to be preserved.
• Account deletion grace period: when you initiate account deletion, the request is scheduled with a 7-day cancellation window. Personal account data is removed after the grace period ends.
• Deleted album photos: removed from storage within 30 days of deletion (tombstone period for recovery).
• Audit logs and event records: retained for the lifetime of the pair to support transparency between parents; pruned per pair to a fixed maximum.
• Server-side technical logs: retained for a limited period (typically up to 90 days) for security, abuse prevention, and operational troubleshooting, then deleted or anonymised.

Content that is shared with the co-parent (such as messages, photos, and lists) is not automatically deleted when one parent deletes their account, as it may be jointly used or required for the co-parent's continued use of the service.

You can request deletion of your Lina account at any time via the app (Settings → Delete account) or by contacting [email protected].

7. Data Sharing and Processors

We do not sell or rent personal data. We share personal data only with the subprocessors listed below, and with public authorities where legally required.

All subprocessors are bound by GDPR-compliant data processing agreements.

7.1 Subprocessors

• Supabase Inc. — database, file storage, authentication, and serverless functions. Hosted in the European Union (Frankfurt, Germany — eu-central-1). All primary user data is stored here.
• Functional Software, Inc. (Sentry) — error monitoring. EU data region (Germany). Receives error reports with personal identifiers removed; only the internal user ID is included for debugging correlation.
• RevenueCat, Inc. — subscription management. United States. Receives only anonymised pair and user identifiers and platform information; never receives names, email addresses, or other directly identifying data.
• Resend, Inc. — transactional email delivery. United States. Receives your email address solely to deliver account-related emails (such as login codes and account deletion confirmations).
• Expo (650 Industries, Inc.) — push notification delivery. United States. Receives the device push token and notification title in order to deliver notifications to your device.
• Apple Inc. and Google LLC — payment processing for in-app subscriptions, in accordance with their own privacy policies.
• Cloudflare, Inc. — website hosting and anonymous web analytics for getlina.app (no cookies, no personal data — see Section 3.5).

8. Data Security

We implement appropriate technical and organisational measures, including:

• private and isolated storage environments with database-level row security
• strict access control: each user can only access data within their own pair
• passwordless authentication — no passwords are stored
• encrypted connections (TLS) for all data in transit
• encrypted at rest (AES-256) for files in cloud storage
• signed and time-limited URLs for file access; no public file storage
• two-factor authentication required for all administrator dashboards
• internal audit logging for accountability and security

Access to personal data is restricted to authorised personnel only.

9. International Transfers

Primary user data — including messages, photos, child profile information, and account details — is stored within the European Union (Supabase, eu-central-1, Frankfurt, Germany).

Limited data is transferred to the United States via the following subprocessors operating under Standard Contractual Clauses approved by the European Commission under GDPR Article 46(2)(c):

• RevenueCat — anonymised pair and user identifiers, for subscription management
• Resend — email address, for delivery of account-related emails
• Expo — push notification token, for notification delivery

We take steps to ensure GDPR-level protection regardless of processing location.

10. Your Rights Under GDPR

You have the right to:

• access your personal data
• correct inaccurate or incomplete data
• request deletion of your account and personal data, where applicable
• restrict or object to certain processing
• receive your personal data in a portable format
• lodge a complaint with a supervisory authority

Account deletion requests can be made through the Lina app or by contacting support.

When an account is deleted, personal account data such as login credentials and profile information is removed.

Content that is shared with another parent (such as messages, photos, and lists) is not automatically deleted, as it may be jointly used or required for the other parent's continued use of the service.

Certain data may be retained for a limited period where required by law or for security purposes, after which it is deleted or anonymized.

We respond to requests without undue delay and within the time limits set by applicable data protection laws.

11. Children's Privacy

Lina is intended for use by adults — parents and legal guardians. Lina is not designed or marketed for use by children, and we do not knowingly collect personal data directly from children.

Children may be the subject of data that parents enter about them (such as name, date of birth, and health information described in Section 3.2). All such data is provided and managed by parents or legal guardians, who are responsible for the lawfulness of providing information about their child to the Lina service.

12. Audit Logs and Transparency

Lina maintains internal audit logs to:

• ensure transparency between connected parents
• support security and accountability
• investigate misuse or technical issues

These logs are used solely for service integrity and not for behavioural profiling.

13. Changes to This Policy

We may update this Privacy Policy to reflect:

• legal or regulatory changes
• service improvements
• security requirements

The current version will always be available within the service.

Material changes will be communicated where appropriate.

14. Contact

For questions about privacy or data protection, contact us via:

• the Lina app, or
• [email protected]