Privacy Policy

Who I am

Kinwatch is built and maintained by Michael Raab, an individual developer. Throughout this document, "I", "me", "my", and "Kinwatch" refer to me as the developer, or to the iOS application named Kinwatch.

For privacy questions, data deletion requests, or anything related to this policy, contact [email protected].

What this policy covers

This Privacy Policy applies to:

• The Kinwatch iOS application (iPhone, iPad, and Mac via iPad App support), distributed through the Apple App Store
• The kinwatch.net website

It does not cover Apple's services (iCloud, the App Store, Apple Pay, payment processing). Those are governed by Apple's own privacy policy, available at apple.com/legal/privacy.

The data Kinwatch handles

3.1 What the app stores

When you use Kinwatch, you enter information about yourself or the person you care for. The app stores the following categories of information, all of which you enter yourself:

• Care recipient details: name, date of birth, pronouns, blood type, optional photo, organ donor status, DNR status, power of attorney information
• Medications: name, dosage, schedule, purpose, prescription numbers, refill dates, prescribing provider
• Care providers: doctors, specialists, pharmacies, hospitals. Name, practice, specialty, phone, address, notes
• Allergies: name, severity, reactions, notes
• Medical conditions: name, diagnosis date, diagnosing provider, notes
• Medical history: surgeries, hospitalizations, emergency-room visits, major events
• Insurance policies: provider, policy number, group number, claims phone, member name, plan type
• Emergency contacts: name, relationship, phone, notes
• Notes: timestamped observations you add
• Documents: photos, scans, or PDFs you capture or import (prescription labels, insurance cards, discharge summaries, etc.)
• Daily care checklist: tasks you define, when each was completed, by whom
• Appointments: title, date, time, location, notes

Kinwatch does not import medical records from external systems. Every entry is information you choose to add.

3.2 What the app does not collect

Kinwatch does not collect, store, or transmit:

• Your location
• Your contacts, unless you explicitly import one as a care provider or emergency contact (and only the name and phone number are copied)
• Your browsing history or web activity
• Usage analytics, behavioural data, or device identifiers for tracking
• Crash reports that include personal data
• Any data for advertising or marketing purposes

3.3 App Store analytics and subscription data provided by Apple

Apple provides me, as the developer, with two kinds of App-related information that I do not collect directly:

Aggregated App Store analytics. Through App Store Connect, Apple shares aggregated and anonymised statistics about the App: download counts, subscription retention rates, crash reports, session counts, and trends by country, device, and iOS version. This data contains no identifiable user information. You can control whether your device contributes to it in iOS Settings → Privacy & Security → Analytics & Improvements → "Share With App Developers".

Subscription transaction data. When you subscribe, renew, cancel, or refund, Apple provides the App with a transaction receipt so it knows whether you have active access. The receipt contains a transaction identifier and status (active, expired, in grace period, refunded) but not your name, email address, or payment details.

Neither of these data flows touches the health data you enter into the App. Apple's handling of this data is governed by its own privacy policy at apple.com/legal/privacy.

3.4 Lawful basis and your consent

Under UK GDPR and similar laws in Kinwatch's launch markets, I process your personal data on the basis of your explicit consent. This is UK GDPR Article 6(1)(a) for personal data and Article 9(2)(a) for health information specifically.

When you first launch Kinwatch, the App shows a consent screen describing what is collected, where it lives, and how it is used. The exact text of that screen, the date you accepted it, and the App version are logged on your device and in your iCloud account. You can withdraw consent at any time by deleting your Kinwatch data and uninstalling the App.

Where your data lives

4.1 In your iCloud account

Everything you enter into Kinwatch is stored in your own iCloud account, in a private CloudKit database created by the app. The data does not pass through any server I operate. I do not have a server.

4.2 Encryption

Health information you enter is stored in CloudKit's encryptedValues field. This means Kinwatch encrypts the data on your device, using keys Apple does not have access to, before the data is uploaded to iCloud. This is end-to-end encryption. Apple stores only the encrypted form and cannot decrypt it.

This includes the display name of whichever family member last edited a record. Apple cannot see who in your family changed which entry, only that something changed and when.

Only you, and the family members you have invited to share a care recipient's information, can see the decrypted data, on your own devices.

4.3 What is stored unencrypted

For the app to function, some structural metadata is stored unencrypted alongside the encrypted content. This metadata includes:

• Whether an item is archived or active
• Sort order (numeric values used to arrange lists)
• References (ID values only, with no content) that link records — for example, a medication knowing which care provider prescribed it
• File sizes and file types (PDF, JPEG, etc.) for attachments
• System timestamps (when a record was created or last changed)

This metadata contains no names, health details, addresses, or phone numbers. It carries no personal information on its own.

Who can see your data

5.1 I cannot

I cannot see any of your data. I do not operate a server that receives it. The end-to-end encryption described in Section 4 means the health fields are unreadable to anyone but you and the family members you invite. I have no way to read, decrypt, or recover your data.

5.2 Apple

Apple stores the encrypted data in iCloud on your behalf. Apple cannot decrypt the encrypted fields. Apple may access the unencrypted structural metadata described in Section 4.3. Apple's handling of this data is governed by its own privacy policy at apple.com/legal/privacy.

5.3 Family members you invite

You can invite up to 5 family members to share a care recipient's information. Invited members see the same data you see, on their own devices. You can remove a family member at any time, and they will lose access immediately.

5.4 No one else

Kinwatch does not share your data with advertisers, analytics companies, data brokers, insurers, employers, or any other third party. There are no such parties involved in Kinwatch.

The kinwatch.net website

6.1 Launch notification signup

If you sign up on kinwatch.net to be notified when Kinwatch launches, your email address is sent to Resend (a transactional email provider) and stored there for the sole purpose of sending you one email at launch. Your email is not shared, sold, or used for any other purpose. After the launch email is sent, the list will be deleted.

Resend's handling of the email is governed by its own privacy policy, available at resend.com/legal/privacy-policy.

6.2 Website analytics (Plausible)

kinwatch.net uses Plausible Analytics to understand basic visitor patterns: page views, where visitors come from, how far they scroll on each page, and how long they stay. This helps shape the website over time.

Plausible is privacy-first. It does not set cookies, does not store IP addresses, does not track visitors across websites, and does not sell or share data. No personal information is collected. Data is stored on EU servers and is governed by Plausible's privacy policy at plausible.io/privacy.

The website is hosted on Cloudflare Pages. Cloudflare logs basic request data (IP addresses, user agents) at the network level for security and abuse prevention, governed by Cloudflare's privacy policy.

This section applies only to the kinwatch.net website. The Kinwatch iOS app contains no analytics, tracking, or telemetry.

6.3 Fonts

The site loads Newsreader from Google Fonts. When your browser requests the font files, Google may log your IP address. This is governed by Google's privacy policy.

Retention and deletion

7.1 How long your data is kept

Your data stays in your iCloud account for as long as you keep it there. There is no retention schedule on my side because I do not hold your data.

7.2 Deleting individual items

You can delete any medication, care provider, note, document, or other entry at any time from within the app. Deleted items are removed from your iCloud and from the devices of all invited family members.

7.3 Deleting a care recipient

You can delete a care recipient entirely from within the app. This removes all associated data from iCloud. Invited family members lose access immediately.

7.4 Deleting all Kinwatch data

The app's Settings screen offers a "Delete all Kinwatch data" option. Choosing this will:

• Remove all Kinwatch records from your iCloud account
• Revoke access for every family member you have invited
• Clear on-device caches

7.5 Uninstalling the app

Removing the Kinwatch app from your device does not automatically delete your iCloud data. If you reinstall, your data will still be there. To fully delete, use the in-app "Delete all Kinwatch data" option (7.4) before uninstalling, or manually remove the Kinwatch data from your iCloud Settings.

7.6 If your subscription lapses

Your data remains in your iCloud account even if your Kinwatch subscription expires. You can resume your subscription at any time and access your data again. I do not withhold or delete your data for lapsed subscriptions.

Children

Kinwatch is intended to be used by adults who are caregivers. Children do not use Kinwatch directly. If you record health information for a child you care for — for example, a child with a chronic condition or disability — the adult caregiver is the user of the app on that child's behalf.

If you are in Australia, the Children Online Privacy Code (under the Privacy Act 1988 as amended in 2024) applies additional protections to anyone under 18. Kinwatch's processing model — your data encrypted in your private iCloud, no servers operated by Kinwatch, no advertising, no profiling, no automated decision-making — meets the spirit of these protections regardless of the care recipient's age.

If you believe a child has independently entered data into Kinwatch without an adult caregiver's involvement, please contact me at [email protected]. Because I cannot see your data, you will need to perform the deletion yourself within the app; I will help you locate the option.

Your rights

Because Kinwatch does not hold your data on any server I control, most data-access requests are satisfied by the app itself.

Where I am required to respond to a request from you under any applicable privacy law, I will do so within 45 days of receiving the request. If more time is needed, I will let you know within that window.

9.1 Access

You have full access to all your Kinwatch data within the app at any time. You can also export a copy using the Print & Share feature, which generates a PDF of your complete care summary.

9.2 Correction

You can edit any information you have entered, at any time, directly in the app.

9.3 Deletion

See Section 7. You can delete any portion of your data, or all of it, at any time.

9.4 Portability

Exported PDFs from Print & Share are portable and human-readable. For structured data export (for example, a machine-readable file for migration to another tool), contact me at [email protected]. I cannot export your data on your behalf because I cannot access it; I can help you perform the export yourself.

9.5 UK, Australia, and New Zealand

If you are in the United Kingdom (UK GDPR), Australia (Privacy Act 1988 as amended in 2024), New Zealand (Privacy Act 2020), or another jurisdiction with a similar framework, you have the rights listed above: access, correction, deletion, and data portability. You also have the right to lodge a complaint with your local privacy regulator — the Information Commissioner's Office (ICO) in the United Kingdom, the Office of the Australian Information Commissioner (OAIC) in Australia, or the Office of the Privacy Commissioner in New Zealand. Kinwatch does not engage in profiling, automated decision-making, advertising, or any processing that would trigger a right to object.

9.6 California (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act. I do not sell or share personal information as those terms are defined by the CCPA. The rights to access and deletion are satisfied by the app itself, as described above. You will not be discriminated against for exercising any of these rights.

9.7 Availability

Kinwatch is not distributed in the European Union. Kinwatch is also not distributed in Canada at v1; this may change post-launch and this policy will be updated accordingly. If Apple lists Kinwatch in any other new region in future, this policy will be updated as needed.

Data security

• All health data is encrypted on your device before leaving your device
• Your iCloud account is protected by Apple's security. Two-factor authentication on your Apple ID is strongly recommended
• You can enable Face ID or Touch ID lock in Kinwatch's Settings. This adds a second layer of protection to the app on your device
• I do not operate a password database, a login system, or any credential store

International data transfers

Apple's iCloud stores data in data centres around the world. The specific location depends on your Apple ID region and Apple's infrastructure choices. Any international transfers are handled by Apple under its own policies, available at apple.com/legal/privacy.

Kinwatch is not medical advice

Kinwatch is a tool for organising health information you already have. It does not diagnose conditions, recommend treatments, calculate dosages, or provide medical advice of any kind. Always consult a qualified healthcare professional for medical decisions.

The accuracy of the information in Kinwatch depends on what you enter. Please verify medications, dosages, allergies, and other critical information with your healthcare provider.

Changes to this policy

If this policy changes in a material way, I will:

• Update the "Last updated" date at the top of this page
• Post a notice on kinwatch.net
• Notify you inside the app at next launch, if the change is significant

Minor edits (clarifications, typo fixes) will update the date only.

Contact

Privacy Officer: Michael Raab. For privacy questions, data deletion requests, withdrawals of consent, or to lodge a complaint with Kinwatch, email [email protected].

For general support or anything else related to this policy, email the same address.

Kinwatch is operated by Michael Raab, an individual developer. A postal address is available on written request to the email above if required for legal or regulatory purposes.

Effective 29 April 2026. Last updated 9 May 2026.