Mabebe is a private journal for tracking maternal and child health. We built it so that you, not us, hold your family's records. This policy explains what data the app handles, where it lives, and what your rights are.

1. Who we are

This app is published by:

kk-studio ("Mabebe", "we", "us", "our")
Switzerland
Contact: welcome@kk-studio.ch

If you have any question about this policy or your data, write to us at the email above.

2. The short version

If those defaults match what you expected, the rest of this document is the long version of the same answer.

3. What data Mabebe handles

3.1 Data you enter

You create profiles for yourself and your family, then log information against them:

All of the above is Special Category Data under EU/UK GDPR Article 9 (data concerning health) and Sensitive Personal Information under California and similar laws.

3.2 Data we collect automatically

We collect none of this automatically:

The only automatic data is the anonymous crash reports described in §6 — and only if you opt in.

4. Where your data lives

StorageWhenWho can read it
On your iPhone or iPadAlways, by defaultYou only
Your private iCloudIf you turn on iCloud syncYou, on devices signed into your Apple ID. Encrypted in transit and at rest by Apple. Mabebe cannot read it.
Apple CloudKit SharingIf you invite a co-parent and they acceptYou and the co-parent. Same Apple encryption.
Apple HealthIf you enable the Apple Health integrationYou (write-only from Mabebe; Apple Health controls who else sees it)
Apple CalendarIf you enable the Apple Calendar integrationYou (write-only)
Sentry crash-report serversIf you opt in to anonymous crash reportsMabebe support engineers — see §6

We do not operate servers that hold your tracked data. We never receive a copy of what you write in the app, except for any crash payloads you've opted in to send.

5. Why we process your data (legal bases)

Under EU/UK GDPR Article 6 and Article 9 we rely on the following grounds:

ProcessingLegal basis
Storing and showing your data on your deviceNecessary to provide the service you asked for (GDPR Art. 6(1)(b))
Special category (health) processing on-deviceYour explicit consent at onboarding (GDPR Art. 9(2)(a)) and processing for the protection of your vital interests where applicable (Art. 9(2)(c))
Optional iCloud syncYour explicit consent when you turn the toggle on
Optional co-parent sharing via CKShareYour explicit consent when you invite
Optional Apple Health / Calendar / NotificationsYour explicit consent at each system prompt
Optional anonymous crash reportsYour explicit consent in Settings

Under the Swiss Federal Act on Data Protection (FADP) we rely on consent and necessity for contract performance. Under California law (CCPA/CPRA) we process Sensitive Personal Information only with your express affirmative authorization.

6. Anonymous crash reports

If — and only if — you turn on Settings → Diagnostics → Anonymous crash reports, Mabebe sends crash data through our crash-reporting provider, Sentry.

What we send:

What we do not send:

The anonymous ID is regenerated when you run "Delete all my data" — there is no persistent identifier across resets.

Sentry is operated by Functional Software, Inc. (United States) and acts as our data processor. Their privacy notice: https://sentry.io/privacy/. They process the above data on our behalf solely to help us diagnose and fix problems. They do not sell this data and do not use it for advertising.

You can turn this off at any time. Turning it off stops new reports immediately; we cannot retroactively delete reports already received (they're truncated to 30 days).

7. Sharing with third parties

We do not sell or rent your data. We do not share your tracked data with anyone except the recipients you explicitly authorize:

Other recipients (only the categories listed apply, only when you've enabled them):

We do not engage advertising networks, marketing analytics providers, data brokers, or social-media SDKs.

8. International transfers

Your tracked data does not leave your device or your iCloud account, so no international transfer happens for it.

Anonymous crash reports (§6), if you opt in, are sent to Sentry servers in the United States. We rely on the EU Standard Contractual Clauses, the UK International Data Transfer Addendum, and the EU–U.S. Data Privacy Framework (where applicable) to legitimise this transfer. Sentry's transfer mechanisms are described at https://sentry.io/legal/dpa/.

9. Retention

Your tracked data is retained on your device, and any iCloud account you've synced to, until you delete it.

You can delete data three ways:

Anonymous crash reports are retained by Sentry for 30 days, then deleted.

10. Your rights

Under EU/UK GDPR, Swiss FADP, California CCPA/CPRA, and similar laws, you have the right to:

RightHow to exercise it
Access your dataSettings → Your data → Export everything as JSON
Rectify (correct) your dataEdit it directly in the app
Erase your dataSettings → Danger zone → Delete all my data
PortabilitySame JSON export — a machine-readable format
Restrict or object to processingTurn off the relevant toggle (iCloud, Apple Health, Calendar, Notifications, Crash reports)
Withdraw consentSame as above — toggles are reversible
Lodge a complaintYour national data-protection authority (EU/UK) or the Swiss FDPIC

Because we don't hold your tracked data on our servers, requests for access, deletion or portability are fulfilled inside the app itself. If you want our help, write to us at welcome@kk-studio.ch and we'll guide you through it.

California residents have the additional right to know what categories of personal information have been collected and to direct us not to "sell" or "share" the information. We do not sell or share personal information for cross-context behavioural advertising.

11. Children's data

Mabebe is intended for adults (parents and caregivers) to track health information about themselves and their dependents, including infants and children. We don't allow children under 13 to create their own accounts or use the app independently.

When a parent records data about a minor:

If you believe a child's data has been collected outside the intended use, please contact us and we will help.

12. Security

No system is perfectly secure. Use Face ID / Touch ID app lock for sensitive personal records, and keep your iOS device updated.

13. Changes to this policy

We may update this policy when the app changes, our processors change, or applicable law requires it. When we make a material change, we will:

The current version is always available on this page.

14. Contact

For privacy questions, data subject requests, or anything else:

Email: welcome@kk-studio.ch
Postal: kk-studio, Switzerland

If you are in the EU and want to lodge a complaint about how we handle your data, you can contact your national data-protection authority. The Swiss FDPIC can be reached at https://www.edoeb.admin.ch.