Nappie Baby LogoNappie Baby
    Back to Home

    GDPR Information

    Your European Privacy Rights

    European Data Protection

    The General Data Protection Regulation (GDPR) gives residents of the European Union enhanced rights over their personal data. Nappie Baby is committed to respecting these rights and providing transparent information about how we handle your family's data.

    GDPR Overview

    What is GDPR?

    The General Data Protection Regulation (GDPR) is a European Union law that came into effect on May 25, 2018. It governs how organizations collect, use, store, and protect personal data of EU residents, regardless of where the organization is located.

    Your Rights Under GDPR

    As an EU resident, GDPR provides you with comprehensive rights over your personal data. These rights apply to all the information you provide to Nappie Baby about yourself and your baby.

    Nappie Baby's Commitment

    We respect and honor your GDPR rights. Our privacy-first approach means we already implement many protections that go beyond GDPR requirements, ensuring your family's data is handled with the highest level of care and transparency.

    Legal Basis for Data Processing

    Under GDPR, we must have a legal basis for processing your personal data. Here are the legal bases we rely on:

    Contract Performance

    Processing necessary to provide the Nappie Baby service you requested, including:

    • • Creating and maintaining your account
    • • Storing and organizing your baby tracking data
    • • Providing pattern analysis and insights
    • • Enabling family sharing features

    Legitimate Interest

    Processing necessary for our legitimate business interests, balanced against your rights:

    • • Improving app functionality and user experience
    • • Ensuring security and preventing fraud
    • • Analyzing anonymized usage patterns
    • • Providing customer support

    Consent

    For optional features that require your explicit consent:

    • • Optional analytics and improvement programs
    • • Marketing communications (if you opt-in)
    • • Sharing data with third-party integrations you choose

    Your GDPR Rights in Detail

    Right to Access (Article 15)

    What it means: You can request information about what personal data we have about you.

    What you get:

    • • Confirmation that we process your data
    • • Copy of your personal data
    • • Information about how we use your data
    • • Who we share it with (if anyone)
    • • How long we keep it

    How to exercise: Use the data export feature in your Nappie Baby account settings, or contact [email protected]

    Right to Rectification (Article 16)

    What it means: You can correct inaccurate or incomplete personal data.

    Examples:

    • • Update your email address or contact information
    • • Correct your baby's birth date or other details
    • • Add missing information to your profile

    How to exercise: Edit information directly in the Nappie Baby app, or contact us for assistance

    Right to Erasure "Right to be Forgotten" (Article 17)

    What it means: You can request deletion of your personal data in certain circumstances.

    When it applies:

    • • The data is no longer necessary for the original purpose
    • • You withdraw consent (for consent-based processing)
    • • You object to processing based on legitimate interests
    • • The data was unlawfully processed

    How to exercise: Use the account deletion feature in app settings, or contact [email protected]

    Timeline: Account deletion is processed immediately

    Right to Data Portability (Article 20)

    What it means: You can receive your data in a structured, machine-readable format and transfer it to another service.

    What's included:

    • • All your baby tracking data (feeding, sleep, etc.)
    • • Photos and notes you've added
    • • Account information and preferences
    • • Export in common formats (JSON, CSV, PDF)

    How to exercise: Use the "Export Data" feature in Nappie Baby settings

    Right to Object (Article 21)

    What it means: You can object to processing of your data for certain purposes.

    Applies to:

    • • Processing based on legitimate interests
    • • Direct marketing (we don't do this currently)
    • • Profiling for marketing purposes

    How to exercise: Contact [email protected] with your specific objection

    Right to Restrict Processing (Article 18)

    What it means: You can limit how we use your data in certain situations.

    When available:

    • • While we verify accuracy of disputed data
    • • When processing is unlawful but you don't want deletion
    • • When we no longer need the data but you need it for legal claims
    • • While we verify grounds for processing after your objection

    How to exercise: Contact [email protected] with your specific request

    How to Exercise Your Rights

    In the Nappie Baby App

    • Account Settings: Access, update, and delete your information
    • Data Export: Download all your data in multiple formats
    • Privacy Settings: Control analytics and optional data processing
    • Account Deletion: Permanently delete your account and all data

    Contact Us Directly

    Email: [email protected]

    Subject: GDPR Rights Request

    Include:

    • • Your registered email address
    • • Specific right you want to exercise
    • • Clear description of your request
    • • Proof of identity (if requested)

    Response Time: We respond within 30 days (or 60 days for complex requests)

    No Cost

    Exercising your GDPR rights is free of charge. We will only charge a fee in exceptional circumstances where requests are clearly unfounded, excessive, or repetitive.

    International Data Transfers

    Where Your Data is Processed

    Nappie Baby primarily operates from the United States. When you use our service as an EU resident, your personal data may be transferred to and processed in the United States.

    Safeguards for Data Transfers

    • Adequate Protection: We ensure appropriate safeguards are in place for international transfers
    • EU Standards: Data protection measures equivalent to EU standards
    • Contractual Protections: Standard contractual clauses with our service providers
    • Security Measures: Encryption and secure transmission protocols

    Your Rights Apply

    Regardless of where your data is processed, your GDPR rights remain in full effect. We ensure that all data processing meets EU data protection standards.

    Data Protection Contact

    Privacy Team

    While Nappie Baby is not required to appoint a formal Data Protection Officer (DPO), our Privacy Team serves as your primary contact for all GDPR-related matters.

    Privacy Team Contact: [email protected]

    GDPR Specialist: Available for complex rights requests

    Languages: English (other languages upon request)

    Response Time: 72 hours for initial response, 30 days for resolution

    Complaints and Recourse

    Contact Us First

    If you have concerns about how we handle your personal data, please contact us first at [email protected]. We're committed to resolving privacy concerns quickly and transparently.

    Supervisory Authority

    Under GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU country where you live, work, or where you believe a violation occurred.

    Find Your Local Authority: You can find contact information for EU data protection authorities at edpb.europa.eu

    No Retaliation

    You can exercise your GDPR rights and file complaints without fear of retaliation. Your use of Nappie Baby will not be affected by exercising your privacy rights.

    GDPR Contact Information

    For all GDPR-related inquiries, rights requests, and privacy questions, please contact us at:

    [email protected]

    This page supplements our main Privacy Policy. In case of conflicts, GDPR requirements take precedence for EU residents.