Last updated: April 28, 2026
This policy explains what data our apps collect, how data is collected, how data is used, and when data is shared with third parties, including third-party AI services.
0. App-Specific Addendum (Quick Reference)
| App | Attribution / Ads Measurement Partners | Attribution Data Category | User Controls |
|---|---|---|---|
| Declutter | AppsFlyer (MMP) for mobile ads attribution, attribution analytics, and measurement, including postbacks to ad partners where configured. | Attribution and campaign performance measurement data, including post-install engagement and conversion measurement signals where applicable. | iOS ATT permission prompt; device tracking permission can be changed in iOS Settings. |
| Language Coach | Firebase analytics stack and RevenueCat subscription attribution. | Learning/session analytics, subscription lifecycle and entitlement events. | In-app AI consent controls and platform privacy controls. |
| HealthyCal | Firebase analytics stack and RevenueCat subscription attribution. | Meal/session analytics, subscription lifecycle and entitlement events. | In-app AI consent controls and platform privacy controls. |
| Rootsy | Firebase analytics stack and RevenueCat subscription attribution. | Plant scan/session analytics, subscription lifecycle and entitlement events. | In-app AI consent controls and platform privacy controls. |
| Halal Checker | No mobile ads measurement partners; Firebase App Check/Remote Config and RevenueCat support app integrity, feature configuration, and subscription handling. | Product check/session activity, app integrity tokens, and subscription lifecycle and entitlement events. | In-app AI consent controls and platform privacy controls. |
| Baby Proof | Firebase App Check for app/API integrity and RevenueCat subscription attribution, including Apple AdServices attribution token collection where available. | Room scan/session activity, app integrity tokens, and subscription lifecycle and entitlement events. | In-app AI consent controls, camera/photo permissions, and platform privacy controls. |
1. Data Collection and Use by App
| App | Data Collected | How Data Is Collected | Use of Data | Third-Party Sharing |
|---|---|---|---|---|
| Declutter | User-provided onboarding selections/preferences; generated decluttering project content; purchase and entitlement metadata (RevenueCat); attribution and campaign measurement identifiers/events (AppsFlyer, including ATT-dependent tracking status and non-IDFA attribution such as SKAN where available); app diagnostics and basic device/app metadata. | Direct user input in app; automatic SDK collection from AppsFlyer/Firebase/RevenueCat; app lifecycle events and paywall/purchase callbacks. | Deliver core app functionality and personalized outputs; measure campaign performance and post-install quality; optimize onboarding/paywall flows; manage subscriptions and entitlements; maintain reliability and security. | Shared with AppsFlyer (mobile attribution, attribution analytics, measurement, and partner postbacks). |
| Language Coach | User-provided lesson text and chat inputs; voice recordings when microphone features are used; transcriptions and generated responses; crash diagnostics and device/app metadata; app integrity token (Firebase App Check); analytics identifiers/events (including Firebase app instance ID on iOS); subscription and purchase metadata (RevenueCat customer/subscription status, attribution token); on-device learning preferences/progress and AI consent state. | Direct user input in app; microphone capture with permission; automatic SDK collection from Firebase/Crashlytics/RevenueCat; app API requests to FTW-Labs backend (Cloudflare Worker). | Deliver lessons, placement tests, learn sessions, speech-to-text, and text-to-speech; generate AI coaching responses; protect app/API integrity; improve reliability/performance; manage subscriptions and entitlements; personalize user experience and persist progress. | Shared with Firebase (Analytics, Remote Config, App Check, Crashlytics), RevenueCat, OpenAI (chat/STT/TTS processing paths), Google Gemini (LLM processing path), and Cloudflare (API/hosting infrastructure). |
| HealthyCal | User-provided meal text, follow-up prompts, and optional meal photo uploads; generated analysis outputs and recommendation summaries; crash diagnostics and device/app metadata; app integrity token (Firebase App Check); analytics identifiers/events (including Firebase app instance ID on iOS); subscription and purchase metadata (RevenueCat customer/subscription status, attribution token); on-device meal preferences/history and AI consent state. | Direct user input in app; optional photo capture/upload with permission; automatic SDK collection from Firebase/Crashlytics/RevenueCat; app API requests to FTW-Labs backend (Cloudflare Worker). | Deliver meal analysis, directional guidance, and follow-up recommendations; generate AI responses; protect app/API integrity; improve reliability/performance; manage subscriptions and entitlements; personalize user experience and persist progress. | Shared with Firebase (Analytics, Remote Config, App Check, Crashlytics), RevenueCat, OpenAI (meal text, follow-up prompts, and optional image analysis path), Google Gemini (LLM processing path), and Cloudflare (API/hosting infrastructure). |
| Rootsy | User-provided plant photos and optional saved care preferences; generated plant identification, issue detection, and care guidance outputs; crash diagnostics and device/app metadata; app integrity token (Firebase App Check); analytics identifiers/events (including Firebase app instance ID on iOS); subscription and purchase metadata (RevenueCat customer/subscription status, attribution token); on-device saved scans and AI consent state. | Direct user input in app; photo capture/upload with permission; automatic SDK collection from Firebase/Crashlytics/RevenueCat; app API requests to FTW-Labs backend (Cloudflare Worker). | Deliver plant identification, issue detection, and care guidance; protect app/API integrity; improve reliability/performance; manage subscriptions and entitlements; personalize the experience and persist saved scan history. | Shared with Firebase (Analytics, Remote Config, App Check, Crashlytics), RevenueCat, OpenAI (plant photo, optional saved care preferences, and scan context), and Cloudflare (API/hosting infrastructure). |
| Halal Checker | User-provided product barcodes, typed barcode entries, ingredient text, and optional ingredient photos; generated halal-status guidance and ingredient-level analysis outputs; app integrity token (Firebase App Check); subscription and purchase metadata (RevenueCat customer/subscription status); and on-device saved checks, AI consent state, and scan quota state. | Direct user input in app; barcode entry and ingredient-photo capture/upload with permission; automatic SDK collection from Firebase App Check/Remote Config and RevenueCat; app API requests to FTW-Labs backend (Cloudflare Worker). | Deliver barcode and ingredient analysis, flag likely halal/haram/doubtful ingredients, protect app/API integrity, manage subscriptions and entitlements, apply scan quota configuration, and persist saved checks for later review. | Shared with Firebase (App Check, Remote Config), RevenueCat, OpenAI, Google Gemini, and Cloudflare (API/hosting infrastructure). |
| Baby Proof | User-provided room photos from camera or photo library; selected room names/types and scan context; generated room hazard analysis, safety score, fix plan, supplies/shopping suggestions, and guidance outputs; app integrity token (Firebase App Check); subscription and purchase metadata (RevenueCat customer/subscription status and Apple AdServices attribution token where available); and on-device saved rooms, scan history, room photos, fix status, shopping-list items, onboarding selections, and AI consent state. | Direct user input in app; camera capture or photo-library selection with permission; automatic SDK collection from Firebase App Check and RevenueCat; app API requests to FTW-Labs backend (Cloudflare Worker). | Analyze room photos for possible baby-proofing hazards; generate safety guidance and fix plans; save scan history and shopping-list state on device; protect app/API integrity; manage subscriptions and entitlements; and improve reliability. | Shared with Firebase (App Check), RevenueCat, OpenAI, Google Gemini, and Cloudflare (API/hosting infrastructure). |
| Future apps | To be listed per app before launch or major data-flow changes. | To be listed per app. | To be listed per app. | To be listed per app. |
2. How We Collect Data
- Information you enter directly in the app (for example lesson responses).
- Audio you choose to record when using voice features.
- Photos you choose to capture or upload when using scan or analysis features.
- Automatic diagnostics and analytics from integrated SDKs.
- Server-side processing through FTW-Labs APIs hosted on Cloudflare.
3. Attribution, Analytics, and Advertising Measurement
We use third-party analytics and mobile attribution service providers, including AppsFlyer, to help us understand how users discover and use the app, measure the performance of our marketing campaigns, and improve the app and our services. These providers may process information such as app interactions and events, approximate location derived from IP address, device identifiers and other device information, and advertising/attribution data, where permitted by applicable law and platform permissions. We may use this information to measure campaign and product performance, including attribution-related in-app events, and to prevent fraud. On iOS, where required, we will request permission through Apple’s App Tracking Transparency framework before accessing data used for tracking across apps and websites owned by other companies. Even if permission is not granted, we may still use privacy-preserving measurement methods such as SKAdNetwork to measure campaign performance in an aggregated way. For more information about AppsFlyer’s privacy practices, please refer to AppsFlyer’s privacy documentation.
4. User Permission Before Third-Party AI Sharing
Before Language Coach, HealthyCal, Rootsy, Halal Checker, or Baby Proof sends personal data to third-party AI providers, the app asks for user permission through an AI consent prompt that explains the providers and data categories involved.
- If the user does not consent, AI-powered lessons, meal analysis, plant scans, halal product checks, and room scans are blocked.
- Users can manage or revoke this permission from in-app settings.
5. Third-Party AI Processing Details
Language Coach, HealthyCal, Rootsy, Halal Checker, and Baby Proof use third-party AI services for generation and analysis features. Data required for those features may be transmitted as follows:
| Provider | Data Sent | Purpose |
|---|---|---|
| OpenAI | Lesson and chat text, voice audio (for STT), audio transcripts, generated reply text (for TTS), selected language/level context needed to produce responses; meal text, follow-up prompts, and optional meal photos; plant photos and optional saved care preferences needed to identify likely issues and generate care guidance; and product barcodes, ingredient text, and ingredient photos used to determine likely halal status; and Baby Proof room photos, room context, and scan prompts used to identify possible baby-proofing hazards and generate fix plans. | Chat generation, speech-to-text transcription, text-to-speech audio generation, meal analysis, plant scan analysis, halal product analysis, and room hazard analysis. |
| Google Gemini | Lesson and chat text, transcripts, and selected learning context such as target/native language and level signals needed for AI responses; meal text, follow-up prompts, and optional meal photo analysis context; and product barcodes, ingredient text, and ingredient photos used to determine likely halal status; and Baby Proof room photos, room context, and scan prompts used to identify possible baby-proofing hazards and generate fix plans. | LLM response generation for lessons, learn sessions, placement flows, meal analysis, halal product analysis, and room hazard analysis. |
Processing by these providers is governed by their own terms and privacy policies.
6. Third-Party Services and Protection Standards
We share data only with providers that publish and maintain privacy and security protections that we assess as same or equivalent for the relevant processing purpose.
- AppsFlyer Services Privacy Policy
- Firebase Privacy & Security
- Firebase Crashlytics
- RevenueCat Privacy Policy
- OpenAI Privacy Policy
- Google Privacy Policy (Gemini)
- Cloudflare Privacy Policy
7. Data Retention
Some data is stored only on-device. Data sent to service providers may be retained according to each provider’s retention policies and our operational needs (for example diagnostics and subscription records).
8. Children’s Privacy
Our apps are intended for users age 8 and above. We do not knowingly collect personal information from children under 8. If you believe a child has provided data in violation of this policy, contact us.
9. Security
We use reasonable technical and organizational safeguards to protect data in transit and at rest, including provider-managed security controls.
10. Policy Changes
We may update this policy as apps and data practices evolve. Material updates are reflected by revising the “Last updated” date on this page.
11. Contact
For privacy questions, contact [email protected].