Mabebe is a private journal for tracking maternal and child health. We built it so that you, not us, hold your family's records. This policy explains what data the app handles, where it lives, and what your rights are.
1. Who we are
This app is published by:
kk-studio ("Mabebe", "we", "us", "our")
Switzerland
Contact: welcome@kk-studio.ch
If you have any question about this policy or your data, write to us at the email above.
2. The short version
- Your data stays on your device by default. We don't have an account system. We don't see what you write down.
- iCloud sync is opt-in. When you turn it on, your data syncs through Apple's private iCloud database for your Apple ID. We can't read it, and neither can Apple outside of standard iCloud encryption.
- No advertising. No selling. No tracking. Mabebe contains no ads, no analytics SDKs, no third-party trackers.
- Anonymous crash reports are opt-in. Off by default. When on, only stack traces, device model, iOS version, and an anonymous per-install ID are sent — never your notes, photos, profile names, or health values.
- Integrations are write-only. Apple Health and Apple Calendar receive what you log but Mabebe never reads them.
If those defaults match what you expected, the rest of this document is the long version of the same answer.
3. What data Mabebe handles
3.1 Data you enter
You create profiles for yourself and your family, then log information against them:
- Profile information. Name, sex, due date, birth date, profile photo, an accent colour, conception method.
- Logs. Feeds, diapers, sleep, weight, temperature, mood, blood pressure, BBT, ovulation, cycle, intercourse, pumping, kick counts, contractions, solids, medications you take, symptoms, milestones — depending on stage.
- Notes. Free-text journal entries with optional photos.
- Growth measurements. Weight, length, head circumference.
- Milestones. Checked items with optional photos or short videos.
- Vaccines. Name, dose, date, notes, optional photo.
- Medications. Name, dose, schedule, dates, notes, optional photo.
- Allergies, conditions, family history. Name, severity, last reaction, notes.
- Birth log. Times, method, measurements at birth, who was present, notes, photos from the day.
- Year-by-year photos. One photo per birthday from year 0 onward.
- Appointments. Title, date, notes, reminder preferences.
All of the above is Special Category Data under EU/UK GDPR Article 9 (data concerning health) and Sensitive Personal Information under California and similar laws.
3.2 Data we collect automatically
We collect none of this automatically:
- No advertising IDs or device identifiers
- No analytics events
- No location
- No microphone, camera (you pick photos via Apple's photo picker, which doesn't share your library with us)
- No contacts
The only automatic data is the anonymous crash reports described in §6 — and only if you opt in.
4. Where your data lives
| Storage | When | Who can read it |
|---|---|---|
| On your iPhone or iPad | Always, by default | You only |
| Your private iCloud | If you turn on iCloud sync | You, on devices signed into your Apple ID. Encrypted in transit and at rest by Apple. Mabebe cannot read it. |
| Apple CloudKit Sharing | If you invite a co-parent and they accept | You and the co-parent. Same Apple encryption. |
| Apple Health | If you enable the Apple Health integration | You (write-only from Mabebe; Apple Health controls who else sees it) |
| Apple Calendar | If you enable the Apple Calendar integration | You (write-only) |
| Sentry crash-report servers | If you opt in to anonymous crash reports | Mabebe support engineers — see §6 |
We do not operate servers that hold your tracked data. We never receive a copy of what you write in the app, except for any crash payloads you've opted in to send.
5. Why we process your data (legal bases)
Under EU/UK GDPR Article 6 and Article 9 we rely on the following grounds:
| Processing | Legal basis |
|---|---|
| Storing and showing your data on your device | Necessary to provide the service you asked for (GDPR Art. 6(1)(b)) |
| Special category (health) processing on-device | Your explicit consent at onboarding (GDPR Art. 9(2)(a)) and processing for the protection of your vital interests where applicable (Art. 9(2)(c)) |
| Optional iCloud sync | Your explicit consent when you turn the toggle on |
| Optional co-parent sharing via CKShare | Your explicit consent when you invite |
| Optional Apple Health / Calendar / Notifications | Your explicit consent at each system prompt |
| Optional anonymous crash reports | Your explicit consent in Settings |
Under the Swiss Federal Act on Data Protection (FADP) we rely on consent and necessity for contract performance. Under California law (CCPA/CPRA) we process Sensitive Personal Information only with your express affirmative authorization.
6. Anonymous crash reports
If — and only if — you turn on Settings → Diagnostics → Anonymous crash reports, Mabebe sends crash data through our crash-reporting provider, Sentry.
What we send:
- The stack trace and exception type that caused the crash or hang
- iOS version, device model, app version + build
- An anonymous UUID generated on your device, stored in UserDefaults
- The locale/language of your device
What we do not send:
- Names, emails, profile content, log details, notes, photos, videos
- Health values, growth measurements, mood entries
- Screenshots or view-hierarchy snapshots
- URLs, network activity, or your IP beyond what's used to deliver the report
- Any data correlatable to your iCloud account
The anonymous ID is regenerated when you run "Delete all my data" — there is no persistent identifier across resets.
Sentry is operated by Functional Software, Inc. (United States) and acts as our data processor. Their privacy notice: https://sentry.io/privacy/. They process the above data on our behalf solely to help us diagnose and fix problems. They do not sell this data and do not use it for advertising.
You can turn this off at any time. Turning it off stops new reports immediately; we cannot retroactively delete reports already received (they're truncated to 30 days).
7. Sharing with third parties
We do not sell or rent your data. We do not share your tracked data with anyone except the recipients you explicitly authorize:
- Co-parents you invite via CKShare. Apple manages the share; you can revoke at any time from the Edit profile screen.
- PDF reports. When you export a PDF, you control where it goes — share sheet, email, print, AirDrop. We don't see it.
- JSON data export. Same as PDFs. You control the destination.
Other recipients (only the categories listed apply, only when you've enabled them):
- Apple — as the platform provider of iCloud sync, CKShare, HealthKit, EventKit, WidgetKit, PhotosPicker, and PushKit. Apple processes this under its iOS Software License Agreement and Apple's privacy policy.
- Sentry — only for anonymous crash data described in §6.
We do not engage advertising networks, marketing analytics providers, data brokers, or social-media SDKs.
8. International transfers
Your tracked data does not leave your device or your iCloud account, so no international transfer happens for it.
Anonymous crash reports (§6), if you opt in, are sent to Sentry servers in the United States. We rely on the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, and the EU–U.S. Data Privacy Framework (where applicable) to legitimise this transfer. Sentry's transfer mechanisms are described at https://sentry.io/legal/dpa/.
9. Retention
Your tracked data is retained on your device, and any iCloud account you've synced to, until you delete it.
You can delete data three ways:
- Single item — swipe-to-delete inside any list.
- All data on this device — Settings → Danger zone → Delete all my data.
- All iCloud data — Settings → iCloud → Manage Account Storage → Mabebe.
Anonymous crash reports are retained by Sentry for 30 days, then deleted.
10. Your rights
Under EU/UK GDPR, Swiss FADP, California CCPA/CPRA, and similar laws, you have the right to:
| Right | How to exercise it |
|---|---|
| Access your data | Settings → Your data → Export everything as JSON |
| Rectify (correct) your data | Edit it directly in the app |
| Erase your data | Settings → Danger zone → Delete all my data |
| Portability | Same JSON export — a machine-readable format |
| Restrict or object to processing | Turn off the relevant toggle (iCloud, Apple Health, Calendar, Notifications, Crash reports) |
| Withdraw consent | Same as above — toggles are reversible |
| Lodge a complaint | Your national data-protection authority (EU/UK) or the Swiss FDPIC |
Because we don't hold your tracked data on our servers, requests for access, deletion or portability are fulfilled inside the app itself. If you want our help, write to us at welcome@kk-studio.ch and we'll guide you through it.
California residents have the additional right to know what categories of personal information have been collected and to direct us not to "sell" or "share" the information. We do not sell or share personal information for cross-context behavioural advertising.
11. Children's data
Mabebe is intended for adults (parents and caregivers) to track health information about themselves and their dependents, including infants and children. We don't allow children under 13 to create their own accounts or use the app independently.
When a parent records data about a minor:
- The parent is the data subject from our perspective and is responsible for the data.
- The minor's information is treated with the same protections as any adult's, plus applicable additional protections under COPPA (US), GDPR Article 8 (EU), and similar children's privacy laws.
- Photos and videos of minors are stored only on-device or in the family's own iCloud, never on our servers.
If you believe a child's data has been collected outside the intended use, please contact us and we will help.
12. Security
- All data on the device is protected by iOS sandboxing and, where you've enabled it, by Face ID / Touch ID / passcode (Settings → Lock).
- iCloud sync uses Apple's end-to-end encryption for supported data types.
- Crash report transport uses TLS 1.2 or higher.
- Photos and videos use SwiftData external storage, which keeps blobs as encrypted files in the app sandbox rather than in the main database.
No system is perfectly secure. Use Face ID / Touch ID app lock for sensitive personal records, and keep your iOS device updated.
13. Changes to this policy
We may update this policy when the app changes, our processors change, or applicable law requires it. When we make a material change, we will:
- Bump the "Effective date" at the top
- Show you a notice in the app the next time you open it after the change
- Ask you to re-accept if the change materially affects what we do with your data
The current version is always available on this page.
14. Contact
For privacy questions, data subject requests, or anything else:
Email: welcome@kk-studio.ch
Postal: kk-studio, Switzerland
If you are in the EU and want to lodge a complaint about how we handle your data, you can contact your national data-protection authority. The Swiss FDPIC can be reached at https://www.edoeb.admin.ch.