BabyFoon Privacy Policy

Last updated: 5 June 2026

This is the privacy policy for BabyFoon, an audio-only baby monitor app that runs on two or more phones (iPhone and/or Android). It is operated by CB Engineering BV (Belgium). If you have questions about this policy, email support@cbengineering.be.

This policy is written in plain language because the app's whole point is to be honest about what happens to your baby's audio. If anything below is unclear, that's a bug, so let us know.

What we don't do

• We do not require an account, an email address, a phone number, or any other personally identifying information to use BabyFoon.
• We do not record, store, or have access to your baby's audio in any form we can decode. Audio is encrypted on your phone before it leaves the device, and the encryption key is never transmitted to our servers.
• We do not sell, rent, share, or otherwise transmit any of your data to advertisers, data brokers, or any third party for marketing purposes.
• We do not train any machine learning model on data from BabyFoon users.
• We do not use third-party tracking, advertising, or analytics SDKs.

What we do collect

Always

• A device-generated pairing code (6 digits) and the public keys of the devices that use it. These are stored in our backend for at most ~5 minutes during pairing, then deleted. Public keys do not allow anyone, including us, to decrypt the audio that flows through the resulting session.
• Encrypted audio clips, stored only when the local WiFi transport is unavailable and the app falls back to the cloud relay. Clips are encrypted with AES-256-GCM using a key derived locally on your devices. The bucket retention is 24 hours, after which clips are automatically deleted. We have no way to decrypt them while they exist.
• Anonymous, aggregate session summaries. When a monitoring session ends, the baby unit may write a single anonymous row describing the session in aggregate: how long it ran, the peak number of listeners, how many alerts fired, and which transport was used. This row contains no audio, no device names, no pairing codes, no baby names, and no identifier we can link back to you.

Live Listen (only when you start it)

A parent can tap Listen to hear live audio on demand. When active, audio streams in real time over the encrypted cloud channel, is played on the listener's phone in memory, and is immediately dropped. There is no buffer, no history, and nothing is stored on our servers. It is always explicitly started by you and is never on by default.

Device labels (these never reach our servers)

Anonymous device labels (e.g. "Bruno's phone") that you type into Settings are exchanged peer-to-peer between paired devices over the encrypted channel and are never sent to our backend.

Crash logs (stored on your phone; sent only if you choose)

If the app crashes, it keeps a short technical log on your device (last 7 days). Nothing is sent automatically. If you want to help us fix a problem, Settings → Diagnostics → "Send last crash log" opens your email app so you can email it to us. You decide whether to send. The log contains no audio and no pairing material.

Where the data lives

When BabyFoon needs a backend (cloud transport, pairing handshake, encrypted audio relay, anonymous session summaries), it talks to Supabase, hosted in the EU (Frankfurt). We don't operate any servers outside Supabase. You can read Supabase's own privacy practices at supabase.com/privacy.

Children's privacy

BabyFoon is designed for parents and caregivers, not for children. The app does not collect any data that identifies a child. The audio detected by the baby unit is encrypted before it leaves the device, so no recognizable audio of a child is ever stored on our infrastructure.

Deleting all of your data

The honest answer: there is nothing for us to delete, because we have nothing that is yours. On your phone, uninstalling BabyFoon removes everything: your session key, settings, alert history, and any crash logs. On our servers, we never store an account, a name, an email, or any identifier tied to you. The little that passes through deletes itself (pairing handshakes within ~5 minutes, encrypted audio clips within 24 hours).

Your rights

If you live in the EU/EEA, you have rights under the GDPR to access, correct, or delete personal data we hold about you. As above, we generally don't hold any data that identifies you. The lawful basis for the limited data we do process is the performance of the service at your request and our legitimate interest in keeping it working.

In-app purchases

BabyFoon is free to download. The baby unit (the phone hosting a monitoring session) requires a single one-time purchase (non-consumable, about €15) to unlock. Parent and watch listeners are always free. There is no subscription and no trial. The purchase is processed by Apple or Google under their own terms. We never see your payment details, only the store's signed receipt confirming your entitlement.

Changes to this policy

If we change this policy, we will update the date at the top and, for material changes, surface a notice in-app the next time you open BabyFoon.

Contact

CB Engineering BV
Belgium
support@cbengineering.be