This is the privacy policy for Bambino, a pregnancy and baby companion app. Because Bambino tracks information about pregnancy, infant care, and bodily measurements, it processes what most privacy laws classify as health data (GDPR Art. 9 special-category data; CCPA/CPRA sensitive personal information; Washington Consumer Health Data under MHMDA). Where we describe purposes that involve your health data, those purposes are subject to explicit, separately-collected consent before they are activated for you. The Terms of Use and EULA also apply.
Who we are
Bambino is operated by Chai Magal, sole proprietor, Shani 4, Modiin, Israel — referred to as "chaimagal," "we," or "us." We are the data controller. For privacy questions, including health-data questions and consent withdrawal, write to support@chaimagal.com.
What we may collect
Whether a category actually applies depends on which features you use; this list reserves what the policy permits.
| Category | Includes |
|---|---|
| Account | Email, hashed password, sign-up time, sign-in tokens |
| Profiles | Name you give a pregnancy or baby, due/birth date, starting week, optional avatar |
| Tracker entries (health data) | Contractions, kicks, feeds, diapers, hydration, measurements, symptoms, milestones, medical events, medications, mood/energy notes |
| Images (may include health context) | Photos you attach to medical, size, symptom, milestone, or avatar entries |
| Communications | Support emails, in-app feedback, ratings |
| Usage | Feature interactions, session timing, errors, device/OS, language, time zone |
| Purchase status | Store receipt ID, product ID, subscription state |
| Inferred data | Pregnancy week, milestones reached, segments and propensities derived from the above |
Health and pregnancy data
Tracker entries about pregnancy progression, infant feeding, bodily measurements, symptoms, medications, and medical events are health data. We process health data only for the purposes you have explicitly consented to in the app or in this policy. Sensitive purposes — such as using health data for AI training, advertising targeting, sharing with non-essential third parties, or selling — require separate, granular, affirmative opt-in and can be revoked at any time in Settings. The strictly-necessary purpose of operating the tracker features you use does not require a separate opt-in beyond your use of the app.
Why we use it
We may process personal data for any of the following purposes (sensitive purposes applied to health data require separate explicit consent, as described in section 3):
- Operating the app and the tracker, milestone, and reminder features you use; cross-device sync.
- Detecting and preventing abuse, fraud, scraping, and security incidents.
- Customer support and product feedback.
- Marketing communications where you opt in or where we have a legitimate interest balanced against your rights.
- Personalization, recommendations, and contextual content (e.g. week-by-week guidance).
- Analytics, A/B testing, performance, error reporting, and user research.
- Building, training, fine-tuning, evaluating, and improving artificial-intelligence and machine-learning models — own and third-party — including via human review of representative samples (sensitive-purpose, requires explicit opt-in for health data).
- Serving, measuring, and personalizing advertising and marketing, including for cross-context behavioral advertising (sensitive-purpose for health data; requires explicit opt-in).
- Sharing with affiliates, present or future, and with successors in mergers, acquisitions, financing, asset sales, restructurings, or insolvency.
- Generating de-identified, aggregated, or anonymized data, which we may use, disclose, license, or sell for any purpose without further restriction.
- Compliance with law, including tax, accounting, regulator response, and breach notification.
- Any other purpose disclosed at the point of collection or to which you consent.
Under GDPR our legal bases include performance of a contract, compliance with legal obligation, your explicit consent (Art. 9(2)(a) for health data), and our legitimate interests in operating, improving, and protecting the app (for non-health data only).
AI and machine learning
Today, Bambino's AI features (the daily motivation sentence and on-device summary) are produced by Gemma 3 270M-IT, a small language model by Google that runs entirely on your phone. Nothing about the prompt or reply leaves the device for these features. The Gemma model is provided under Google's Gemma Terms of Use at ai.google.dev/gemma/terms.
We may add cloud-based AI features in the future, and we may use the content you provide — prompts, outputs, feedback, tracker entries — to train, fine-tune, evaluate, and improve our and third-party AI/ML models. This may include human review of representative samples by our personnel or contractors under confidentiality. Categories of AI providers we may engage are listed below; specific providers may change over time. Use of your health data for AI training is a sensitive purpose and requires explicit, separately-collected opt-in consent that you can revoke at any time.
Where your data lives
Today, account and tracker data live on Supabase (Ireland / EU) — Postgres database with row-level security keying every row to your user id, plus object storage for images. Images are compressed on your phone (target 100 KB, cap 1 MB) with EXIF stripped. TLS in transit and encryption at rest. We may add or change cloud providers; categories of recipients are listed below.
Who we may share with
We may disclose personal data, in the categories above, to:
- Cloud, hosting, content-delivery, storage, backup, email, customer-support, and similar infrastructure providers (today: Supabase).
- Apple and Google — app distribution and in-app purchase processing.
- Analytics, error-reporting, observability, and product-research providers.
- Artificial-intelligence and machine-learning model providers, prompt-evaluation services, and human-review contractors (health-data sharing requires explicit opt-in).
- Advertising networks, ad-measurement, attribution, retargeting, and marketing-automation providers, including for cross-context behavioral advertising (health-data sharing requires explicit opt-in).
- Marketing-list providers, customer-data platforms, and email-delivery services.
- Push-notification gateways and consent-management platforms.
- Professional advisors — lawyers, accountants, auditors, insurers, consultants.
- Authorities, regulators, courts, and law enforcement, where we are legally compelled or where, in good faith, we believe disclosure is necessary to comply with legal process or to protect rights, property, or safety.
- Affiliates, present or future, and successors in mergers, acquisitions, financing, asset sales, restructurings, or insolvency proceedings.
- Other recipients to whom you direct us to share or to whom you consent.
Subscriptions and payments
Bambino is free to install. Paid features may be offered as a one-time purchase or recurring subscription processed exclusively through the App Store or Google Play. We do not see or store card or bank details. Subscriptions auto-renew under the store's terms; you cancel in your Apple ID or Google account. Statutory withdrawal and cancellation rights (the EU 14-day right of withdrawal, the UK Consumer Contracts Regulations 2013, the Israeli Consumer Protection Law 5741-1981, California's Automatic Renewal Law, and Australian Consumer Law guarantees) are unaffected.
Advertising
Bambino may, now or in the future, display advertising. Where ads are enabled we may work with third-party ad networks, ad-measurement, attribution, retargeting, and marketing partners, including for cross-context behavioral advertising as defined under California privacy law. We do not permit ad partners to target ads to you based on sensitive categories (pregnancy, health, mental-health, religion, political views, sexual orientation, precise geolocation) derivable from Bambino. Use of health data for advertising requires explicit opt-in. Users in the EU, EEA, UK, and Brazil will see an in-app consent prompt before non-essential ad tracking. Users in California and similar US states have a "Do Not Sell or Share My Personal Information" control in Settings; we honor Global Privacy Control (GPC) signals.
International transfers
Account and tracker data are stored in the European Union. The European Commission has recognized Israel as providing an adequate level of data protection. Transfers outside the EU/EEA and Israel (for example, to a US-based AI provider) are covered by an adequacy decision where one applies, or by the European Commission's 2021 Standard Contractual Clauses, the UK International Data Transfer Addendum, and equivalent safeguards. Transfer Impact Assessments are documented for non-adequacy transfers.
Retention and deletion
Tracker entries live until you delete them. Delete your account in Settings and every profile, tracker entry, attached image, purchase receipt, and derived summary is removed within 30 days. Backups containing your data roll off on their own lifecycle (up to 35 days) and are never restored to active systems without the corresponding deletion event being re-applied. We may retain limited records as required for tax, accounting, fraud prevention, or defense of legal claims (typically up to seven years from last activity), and we may keep de-identified or aggregated data indefinitely.
Your rights
Subject to applicable law you have the right to access, rectify, delete, port, restrict, and object to processing of your personal data; to withdraw consent (without affecting processing already done); and to lodge a complaint with a supervisory authority. Most rights can be exercised in-app; for the rest, email support@chaimagal.com. We reply within 30 days under GDPR (extendable to 60 with notice); 45 days under CCPA (extendable once).
California rights and consumer health data
California residents have additional rights under CCPA/CPRA: the right to know, delete, correct, opt out of "sale" or "sharing," limit use of sensitive personal information (including health data), and non-discrimination. We honor Global Privacy Control (GPC) signals. To opt out by email, write to support@chaimagal.com with the subject "Do Not Sell or Share."
Washington residents (and others covered by My Health My Data Act) have rights to access, delete, withdraw consent for, and receive notice about our processing of consumer health data. Sales of consumer health data are not permitted without separate, signed valid authorization. We do not sell consumer health data.
Minors
Bambino is intended for users 13 and older. Where the age of digital consent in your jurisdiction is higher (e.g. 16 in Germany, Ireland, the Netherlands, Poland, and several other EU member states), users below that age need parental consent. In California, users between 13 and 15 must opt in to "sale" or "sharing" rather than opt out. We do not knowingly collect personal data from children under 13.
What we will not do
We will not:
- Sell raw, identifiable personal data — including consumer health data — to data brokers (we may sell de-identified or aggregated data).
- Share personal data with insurers, employers, or law enforcement absent valid legal process or your consent.
- Use personal data for political-advertising targeting.
Security and changes
TLS in transit, short-lived rotating tokens, row-level security at the database, encryption at rest. If we become aware of a breach likely to result in a risk to your rights and freedoms, we will notify the supervisory authority within 72 hours where required and notify you without undue delay.
We may update this policy. The "Updated" date at the top reflects the latest revision. For material changes — including changes to data categories, recipient categories, purposes, or paid-feature pricing — we will notify you in-app (banner or launch screen) and, where we hold a verified email, by email, before the change takes effect.