Data We Collect and How We Use It

SRI Home collects personal data from you and about you depending on how you interact with our Services. The categories of data we collect are described below.

Account Data

When you register for a family account, you provide us with your name, email address, password (authenticated via Supabase), billing information, and contact information for family members you invite. Family membership links individual user profiles to a shared family group. We use this data to:

• Provide you with the Services and monitor what Services you have purchased.
• Contact you for administrative purposes such as customer support.
• Reply to inquiries via customer support requests.
• Send communications, including updates on promotions and events, if you have provided consent and not withdrawn it.

Connected Calendar Data

You may connect your external calendar accounts to SRI Home to display events on your device. We currently support Google Calendar via OAuth (calendar.readonly scope), with Microsoft Outlook and Apple iCloud planned for future integration. When you connect a calendar:

• We sync event titles, dates, and times approximately every 5 minutes and store read-only server-side copies of those events.
• Synced event data is retained while it falls within your active sync window or until you disconnect the calendar integration, whichever comes first.
• Calendar data is displayed only to members of your own family group. Database-level row isolation ensures no other users can access your calendar data.
• We never modify, create, or write back to your external calendar. Our access is strictly read-only.
• OAuth refresh tokens used to maintain calendar connections are stored server-side, encrypted at rest, within our Supabase infrastructure.

You may disconnect your calendar integration at any time through the app settings. Upon disconnection, we will remove the stored copies of your synced calendar events.

Family Content

User-created content within the Services includes: family calendar events, family member profiles (first names, avatar colors, points), chore and reward assignments, and meal plans. Family profiles may include profiles representing children, which are created and managed entirely by parents or guardians — see the Children’s Privacy section below. All family content is visible only within your own family group.

Meal Planning Data

When you use the meal planning feature, dietary preferences and ingredient lists you provide are transmitted to Google Gemini, a third-party AI service, solely for the purpose of generating meal plan suggestions. This data is not used for advertising or shared for any other purpose. Please refer to Google’s privacy documentation for information on how Gemini processes data.

Device and Usage Data

Whenever you use our Services, we collect data and information made available on your device, such as your IP address, device name, operating system version, app configuration, time and date of your use, and other statistics. We use this data to:

• Understand and analyze usage trends and preferences of our users.
• Improve the Service and develop new products, services, features, and functionality.
• Investigate and take action with respect to any illegal activity such as unauthorized access or fraud.

What We Do Not Do

Protection of Your Photographs, Videos, and Content

We protect your photo, video, and personal content with industry-standard security measures:

• Photo and video content you provide is stored on servers with our secure cloud hosting provider.
• Photos and videos are sent to your SRI Home device using an encrypted protocol and are not accessible to any other party.
• We will never share your content unless you give us clear instructions through the Services to do so, such as when you select family members or others to receive content on their frames.

Service Processors

To provide the Services, we engage the following third-party processors who may receive or handle your personal data on our behalf. Each is bound by contractual obligations to use your data only to fulfill our service requirements.

We do not share your data with any other third parties except as described in the When We Disclose Data section below.

Third-Party Services

If you choose to use or link our Services with third-party services — such as syncing your online calendar accounts or using an Amazon Fire device with our SRI Home Digital app — we will use information we collect to authenticate you, provide the Services you request, and transmit data to and from the third-party service based on your selections.

Third parties whose services you use in connection with ours, or whose websites we link to from our websites, will have data practices that differ from ours. This Privacy Statement does not apply to the activities of third parties when they are collecting or using data for their own purposes. We encourage you to review their privacy policies to understand how they use your information.

Cookies and Analytics Information

We may use various technical mechanisms such as cookies, web beacons, and similar tracking technologies to monitor how users use our website and mobile apps in order to better understand customer behavior and improve our Services. Cookies are files with a small amount of data commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device’s internal memory.

You can delete and disable all cookies through settings in your internet browser; however, if you choose to do so, some components of our Services may not work properly if cookies necessary for operation are blocked.

When We Disclose Data

Except as described in this Privacy Statement, we will not disclose personal data that we collect on the Services to third parties without your consent. We never sell your personal data to any third party and we do not use your data for digital advertising.

We may disclose information to third parties in the following circumstances:

Third-Party Vendors

We use vendor companies (as listed in the Service Processors section above) to help us provide our Services. We enter into written agreements with these vendors requiring them to retain, share, store, or use personal data solely to fulfill your order and otherwise help us provide the Services to you.

Third-Party Services

If you choose to link our Services with a third-party service such as your online calendar, we will provide information to that third party based on your settings in our Services in order to interoperate with that service.

Legal Reasons

When required by law or necessary to avoid harm. We may share your information if we are required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, to protect our property, to prevent fraud, or in response to a court order, judicial or other government subpoena, or to otherwise cooperate with law enforcement or other governmental agencies. We may also share your information if we believe it is necessary to protect you or others from harm.

Corporate Events

If SRI Home (or our assets related to our business) is acquired by another company, whether by merger, acquisition, or otherwise, that company will receive all information gathered by SRI Home on the websites and Service. In this event, you will be notified via email and/or a prominent notice on our website of any change in ownership, uses of your personal data, and choices you may have regarding your personal data.

Security

We value your trust in providing us your personal data. We implement appropriate physical, technical, and organizational security measures to protect personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of use, in accordance with industry standards.

Despite our efforts, no method of transmission over the internet or method of electronic storage is 100% secure and reliable, and we cannot guarantee absolute security. It is important that you also take steps to protect your information, such as keeping your passwords secure.

We do our very best to ensure that our personnel and trusted hosting and other service providers who need the information to perform a specific job are granted access to personal data only on a need-to-know basis and are subject to stringent confidentiality requirements.

Children’s Privacy

Our Services are designed for use by adults and families, and our target audience does not include children as independent users. Children do not create accounts, do not log in, and do not interact with the Services directly. Family profiles representing children are created and managed entirely by a parent or guardian within the parent’s account. No personal data is collected directly from children.

Child profiles within a family account may include a first name and avatar, entered by the parent or guardian. This information is visible only within that family’s private group and is not used for any purpose beyond displaying the family’s shared content.

We do not knowingly collect personal information directly from children under the age of 13. If you are a parent or guardian and believe your child has independently provided us with personal information, please contact us at help@mySRIHome.com so we can take the necessary action.

Account Management and Deletion

You may update, correct, or delete your personal data and preferences at any time by contacting us at help@mySRIHome.com. In-app account deletion is available within the Settings section of the app, allowing you to permanently delete your account and associated data.

You may disconnect any connected calendar integration at any time through the app’s calendar settings. Upon disconnection, stored copies of your synced calendar events will be removed. Please note that while changes are reflected in active databases promptly, we may retain certain information as required to satisfy legal obligations or where we otherwise have a legitimate reason to do so.

Additional Information for California Residents

Your California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (“CCPA”) allows you to make certain requests about your personal information. Specifically, the CCPA allows you to request us to:

1. Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your personal information; and the categories of third parties with whom we share or disclose personal information.
2. Provide access to and/or a copy of certain personal information we hold about you.
3. Delete certain personal information we have about you.
4. Provide you with information about the financial incentives that we offer to you, if any.

The CCPA further provides you with the right not to be discriminated against (as provided for in applicable law) for exercising your rights under the statute. Certain information may be exempt from such requests under California law. We will take reasonable steps to verify your identity before responding to a request for security purposes. If you would like to exercise any of these rights, or if you are an authorized agent making a request on a California consumer’s behalf, please contact us at help@mySRIHome.com.

The CCPA provides certain rights if a company “sells” personal information as that term is defined under the CCPA. We do not engage in activities that would be considered “sales” of your personal information under the CCPA.

Shine the Light Disclosure

The California “Shine the Light” law gives residents of California the right under certain circumstances to request information regarding the manner in which we share certain categories of personal information with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes without your affirmative consent.

Browser “Do Not Track” Signals

Some web browsers may transmit “do-not-track” signals to a website. Because there currently is no industry standard concerning what a service should do when they receive such signals, we currently do not take action in response to these signals.

Changes to This Privacy Statement

We may update this Privacy Statement from time to time. If we do, we will post any changes on this page. These changes are effective immediately upon posting. If you continue to use our websites and Services after those changes are in effect, you agree to the new statement. If the changes are significant, we may provide more prominent notice or seek your consent, as required by law.

App Store and Play Store Compliance

This Privacy Statement is the single authoritative source governing data practices for all versions of the SRI Home Services, including the iOS app (Apple App Store), the Android app (Google Play Store), and our website. Apple App Privacy labels and Google Play Data Safety form disclosures are derived from this policy and reflect the same data types, processors (including Google Gemini), and purposes described herein. On Google Play, our target audience is general audiences; our app is not directed at children as independent users, as all child-related profiles are parent-managed.