BabyFoon Privacy Policy

Version 1.0 — last updated 2026-05-03

This is the privacy policy for BabyFoon, a baby monitor application that runs on two or more iPhones. It is operated by CB Engineering BV (Belgium). If you have questions about this policy, email support@cbengineering.be.

This policy is written in plain language because the app's whole point is to be honest about what happens to your baby's audio. If anything below is unclear, that's a bug — let us know.

What we don't do

• We do not require an account, an email address, a phone number, or any other personally identifying information to use BabyFoon.
• We do not record, store, or have access to your baby's audio in any form we can decode. Audio is encrypted on your iPhone before it leaves the device, and the encryption key is never transmitted to our servers.
• We do not sell, rent, share, or otherwise transmit any of your data to advertisers, data brokers, or any third party for marketing purposes.
• We do not train any machine learning model on data from BabyFoon users.
• We do not use third-party tracking SDKs.

What we do collect

Always

• A device-generated, randomly-chosen pairing code (6 digits) and the X25519 public keys of devices that use it. These are stored in our backend (Supabase) for at most 5 minutes during pairing, then deleted. Public keys do not allow anyone — including us — to decrypt the audio that flows through the resulting session.
• Encrypted audio clips, stored only when the LAN-direct transport is unavailable and the app falls back to the cloud relay. Clips are encrypted with AES-256-GCM using a key derived locally on your devices via X25519 + HKDF. The bucket retention is 24 hours, after which the clips are automatically deleted. We have no way to decrypt them while they exist.
• Anonymous device labels (e.g. "Bruno's iPhone") that you type into Settings, used only to attribute snooze and handoff actions in the in-app cohort UI. These never reach our servers — they are exchanged peer-to-peer between paired devices over the encrypted channel.

When (and only when) you opt in

• Anonymous usage statistics and crash reports through PostHog Cloud EU. These help us understand which features people use and what crashes them. They do not include audio, identifying information, or device identifiers we can link back to you. You can opt out at any time in Settings → Privacy. Opt-out takes effect immediately and is honored on every future launch.

If you have not enabled this opt-in, we collect nothing in this category.

This website

This website (babyfoon.io) is a static marketing site. It does not set tracking cookies, run analytics scripts, or load third-party trackers. Your visit is logged only as part of standard server access logs by our hosting provider (Vercel) for the purpose of operating the site, and those logs are retained for a short period and not used for profiling.

Data your iPhone stores locally (we never see this)

• Your pairing session (the AES key derived from the ECDH handshake). This stays in your iPhone's secure storage and never leaves the device unencrypted.
• Your settings (sensitivity, alert sound, etc.) and the local sleep journal that powers the weekly recap.

If you uninstall the app, all of the above is removed by iOS along with the app's container.

Where the data lives

When BabyFoon does need to use a backend (cloud transport, pairing handshake, encrypted audio relay), it talks to Supabase, hosted in the EU (Frankfurt). We don't operate any servers outside Supabase. You can read Supabase's own privacy practices at supabase.com/privacy.

The marketing site you're reading is hosted by Vercel Inc. Vercel's privacy practices are at vercel.com/legal/privacy-policy.

Children's privacy

BabyFoon is designed for parents and caregivers, not for children. The app does not collect any data that identifies a child. The audio detected by the baby unit is encrypted before it leaves the device — no recognizable audio of a child is ever stored on our infrastructure.

Your rights

Because we don't have an account that links to you, there is generally nothing for us to delete or export — the data on our servers (pairing handshake rows, encrypted audio clips) is deleted automatically within 5 minutes (handshake) or 24 hours (audio clips). If you have a specific question about your data, email support@cbengineering.be and we'll figure it out together.

If you live in the EU/EEA, you have rights under the GDPR to access, correct, or delete personal data we hold about you. As above, we generally don't hold any. The lawful basis for the small amount we do process (pairing handshakes, encrypted relay clips, opt-in anonymous diagnostics) is your consent (Article 6(1)(a) GDPR), revocable at any time.

In-app purchases

BabyFoon offers a €4 / year subscription with a 1-day free trial through the Apple App Store. The subscription is processed by Apple under their own terms and privacy policy (apple.com/privacy). We never see your payment details — we only see Apple's signed receipt confirming that you have an entitlement.

Changes to this policy

If we change this policy, we will update the date at the top and, for material changes, surface a notice in-app the next time you open BabyFoon. We will not retroactively reduce your privacy without your explicit consent.

Contact

CB Engineering BV Belgium support@cbengineering.be