Skip to main content
Privacy Policy | The Coparent App

Privacy Policy

Last updated: 3 May 2026

Support email: info@thecoparent.app

Controller details: Pittance LTD, 16 Brander Street, Burghead, IV30 5XD, company number SC887446.

Privacy contact: info@thecoparent.app

This Privacy Policy explains how Pittance LTD, trading as The Coparent App, collects, uses, shares, stores and protects personal data when you use our website, mobile applications and related services.

Scope

This Privacy Policy applies to our website, our iOS and Android apps, customer support interactions, and any related online services we provide.

The personal data we collect

Depending on how you use the Service, we may collect:

  • account data, such as your name, email address, login credentials, role, and profile information;
  • family-organisation data, such as calendars, notes, records, messages, documents, attachments and other information you choose to add;
  • contact and support data, including messages you send to us and complaint correspondence;
  • transaction data, such as subscription status, billing history, order references, and payment-related records. Payment card details are normally handled by our payment providers, not stored directly by us;
  • device, log and technical data, such as IP address, device type, app version, authentication logs, security events, and server logs;
  • app analytics and performance data, such as feature usage, app interactions, crash logs, diagnostics and other technical performance information, where enabled;
  • notification data, including push-notification tokens and preferences; and
  • website usage data collected through cookies or similar technologies, where applicable.

Children’s data and sensitive data

The Service is intended for adult users. However, content uploaded by adult users may include information about children, family members or other third parties.

Some content may include special-category data, for example health information, or, in some cases, allegations, safeguarding concerns, police involvement, court-related information or records relating to criminal matters. We ask users not to upload this type of information unless it is reasonably necessary for the intended purpose of the Service and they are lawfully entitled to provide it.

If we routinely process special-category or criminal-offence data, we will document the relevant legal conditions and, where required, maintain an appropriate policy document.

How we use personal data and our lawful bases

Purpose Typical data Lawful basis
Create and manage your account Account and login data Contract; legitimate interests in administering the Service
Provide app features, storage, messaging, records and synchronisation Family-organisation data; technical data Contract
Customer support, complaints and service communications Support correspondence; account data Contract; legitimate interests in supporting users and resolving issues
Billing, subscription administration and fraud prevention Transaction, account and security data Contract; legal obligation; legitimate interests in preventing misuse and fraud
Security, abuse prevention, moderation and enforcement Logs, reports, User Content, device data Legitimate interests; legal obligation where applicable
Safeguarding, child protection, serious-harm prevention and user safety Relevant account data, User Content, reports, messages, files, device data, logs and support correspondence Legal obligation where applicable; legitimate interests; vital interests where someone may be at risk of serious harm; substantial public interest or legal claims conditions where applicable
Law-enforcement, police, regulator, court or authority requests and reports Relevant account data, User Content, messages, files, logs, technical data, security records and support correspondence Legal obligation where applicable; legitimate interests; prevention or detection of crime; establishment, exercise or defence of legal claims; vital interests or substantial public interest conditions where applicable
Analytics, product improvement and diagnostics Usage data, crash logs, diagnostics Legitimate interests; consent where required by law or platform rules
Push notifications and feature alerts Notification tokens and preferences Contract for essential service messages; consent where required for optional notifications
Legal compliance, safeguarding and legal claims Relevant account, content and log data Legal obligation; legitimate interests; establishment, exercise or defence of legal claims; other applicable special-category conditions where relevant

Special-category and criminal-offence data bases

Where we process special-category or criminal-offence data, we rely on one or more additional conditions permitted by law depending on the context, which may include explicit consent, reasons of substantial public interest, vital interests, safeguarding, prevention or detection of unlawful acts, or the establishment, exercise or defence of legal claims.

Important: this section should be reviewed before launch to reflect the exact product design and your data protection impact assessment conclusions.

How we collect personal data

We collect personal data directly from you, automatically from your use of the website or app, from payment or app-store providers, and sometimes from other users where they add information about shared family arrangements or related records.

Sharing personal data

We currently use the following key service providers to operate The Coparent App:

  • Amazon Web Services (AWS) – hosting, database, authentication, file storage, serverless functions, security and infrastructure.
  • Apple App Store – app distribution, subscriptions, payments and platform account services for iOS users.
  • Google Play – app distribution, subscriptions, payments and platform account services for Android users.
  • WordPress / website hosting providers – website hosting, website forms and website administration.
  • Email and support providers – support emails, service communications and customer assistance.

We may update this list from time to time as our suppliers change. We require service providers who process personal data for us to protect it and only use it for the purposes we authorise.

We may also share personal data with:

  • professional advisers, insurers, auditors and legal representatives where reasonably necessary;
  • courts, regulators, law enforcement, the police, safeguarding authorities, child protection bodies or other appropriate authorities where required by law, where we receive a valid request, or where disclosure is otherwise legally justified;
  • emergency services, safeguarding bodies or relevant authorities where we reasonably believe disclosure is necessary to protect a child, user or other person from serious harm;
  • law enforcement, the police, regulators, courts, legal advisers or other appropriate bodies where we reasonably believe content, communications, account activity or use of the Service may involve unlawful activity, threats, harassment, abuse, stalking, fraud, impersonation, child protection concerns, safeguarding risks, prohibited material or other serious misuse; and
  • buyers, investors or group companies in connection with a corporate transaction, subject to appropriate safeguards.

Legal, safety, safeguarding and law-enforcement disclosures

We may preserve, access, review, disclose or share personal data where we reasonably believe this is necessary to comply with law, respond to legal process, protect our rights, enforce our Terms and policies, investigate misuse, prevent fraud, deal with safeguarding concerns, protect users or others from harm, or respond to courts, regulators, law enforcement, the police or other authorities.

If we reasonably believe that content, communications, account activity or use of the Service may involve unlawful activity, threats, abuse, harassment, stalking, fraud, impersonation, child protection concerns, safeguarding risks, serious harm, prohibited material or other serious misuse, we may report the matter and disclose relevant information to law enforcement, the police, safeguarding bodies, regulators, courts, legal advisers or other appropriate authorities where required or permitted by law.

Where we disclose personal data to authorities, we will aim to assess the disclosure on a case-by-case basis and limit the information shared to what we reasonably consider necessary and proportionate in the circumstances.

We may preserve relevant information while a report, investigation, legal request, safeguarding concern, complaint, dispute or potential claim is being assessed or handled.

We may not notify you before making a disclosure or preserving information where notification would be unlawful, could prejudice an investigation, could place a child or other person at risk, could compromise security, or could interfere with our ability to prevent or respond to misuse.

We are not responsible for actively monitoring every message, file, record or interaction. However, we may investigate reports or suspected breaches and may take action where appropriate.

International transfers

Some of our service providers may be located outside the UK. Where we make restricted transfers, we use lawful transfer mechanisms and appropriate safeguards, such as adequacy regulations, the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses, together with any required transfer risk assessment.

Retention

We keep personal data only for as long as reasonably necessary for the purposes explained above, including to provide the Service, resolve disputes, enforce our agreements, maintain security, investigate misuse, respond to safeguarding concerns, respond to lawful authority requests, preserve evidence where legally justified, and meet legal obligations.

  • Account data: during the life of the account and for a reasonable period afterwards where needed for security, complaints, safeguarding, fraud prevention, law enforcement, legal claims or legal compliance.
  • User Content: until you delete it, your account is deleted, or it is removed under our policies, subject to any lawful retention needs, safeguarding needs, dispute handling, legal claims, authority requests and backup cycles.
  • Support records: for a reasonable period after resolution, and longer where needed for complaints, safeguarding, legal claims, misuse investigations or legal compliance.
  • Billing and transaction records: for as long as needed for tax, accounting, anti-fraud and legal compliance.
  • Security and audit logs: for as long as reasonably necessary for security, abuse prevention, investigations, legal claims, lawful authority requests and safeguarding purposes.
  • Preserved records: where we reasonably believe information may be relevant to unlawful activity, safeguarding, serious harm, fraud, misuse, legal claims, police requests, court orders, regulator requests or other lawful authority requests, we may preserve relevant records for as long as reasonably necessary and legally permitted.

Important: this section should be replaced with your final retention schedule once confirmed internally.

Deletion and account closure

You can request deletion of your account and associated data by contacting us at info@thecoparent.app or using any in-app or web deletion pathway we provide.

Where deletion is requested, we will delete or anonymise personal data unless we need to retain some of it for legitimate reasons such as security, fraud prevention, legal compliance, safeguarding, backup integrity, legal claims, dispute handling, enforcement of our Terms, law enforcement requests, court orders, regulator requests, authority reports or prevention of serious harm.

Deleting your account may not immediately delete data that has already been shared with another user, included in records, retained in backups, preserved for legal or safeguarding reasons, or disclosed to a court, regulator, law enforcement body, safeguarding body or other authority where legally justified.

Your rights

Subject to applicable law, you may have the right to request access, rectification, erasure, restriction, objection, portability, and not to be subject to qualifying solely automated decisions. You may also withdraw consent at any time where we rely on consent.

To exercise your rights, contact info@thecoparent.app.

Your rights may be subject to legal limits. For example, we may not be able to comply fully with a request where we need to retain or restrict information for legal compliance, safeguarding, fraud prevention, security, legal claims, court proceedings, law enforcement, police requests, regulator requests, authority requests or the rights and freedoms of another person.

If you are dissatisfied, you can complain to the UK Information Commissioner’s Office. If EU GDPR applies to your use, you may also complain to your local EEA supervisory authority.

Automated decision-making and AI

We may use automated tools, including analytics, fraud-detection, moderation support, or AI-assisted features, to help operate or improve the Service.

We do not intend to make solely automated decisions that produce legal or similarly significant effects on you unless we have a lawful basis for doing so and provide the safeguards required by law.

If you use an AI-assisted feature, prompts, inputs, outputs and related metadata may be processed to provide that feature, improve quality, maintain security, investigate misuse, support safeguarding, enforce our Terms, or prevent misuse, subject to our provider arrangements and this Privacy Policy.

App permissions, notifications, analytics and crash reporting

If you enable push notifications, we process your device push token and notification preferences in order to send service messages and alerts.

If we use analytics, crash-reporting or diagnostics tools, those tools may process app interactions, technical events, device identifiers, crash logs and performance data.

Where required, we will ask for consent or provide clear controls before using non-essential analytics or similar tracking technologies.

Cookies and similar technologies

Our website and some in-app webviews may use cookies or similar technologies. Please see our Cookie Policy for more information.

Security and incidents

We use technical and organisational measures that are appropriate to the risk, including access controls, authentication controls, logging, monitoring, and encryption in transit and, where appropriate, at rest.

If a personal-data breach occurs, we will assess it, record it, notify regulators where required, and inform affected individuals without undue delay where the law requires this.

If a security incident, misuse report or suspected breach involves unlawful activity, safeguarding concerns, serious harm, fraud, prohibited material or other serious misuse, we may also report the matter to law enforcement, the police, safeguarding bodies, regulators, courts, legal advisers or other appropriate authorities where required or permitted by law.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be posted on this page with the revised date.