Short summary: SofeaApp is a parental control application for parents. We collect your email address for login and receive child activity data from the SofeaKids or SofeaKids Plus application that you install on your child's device. Child data is owned and controlled by you as the parent.
1. Data Controller Identity
This application is managed by:
- Name: SofeaApp Developer
- Email: support@sofeaapp.my.id
- Website: sofeaapp.com/en
2. Data We Collect
2.1 Parent Account Data
| Data Type | Purpose |
|---|---|
| Email address | Login, account identification, and important notifications |
| Password, encrypted | Account authentication |
| Display name, optional | Personalizing the app display |
| Device token, FCM | Sending push notifications |
2.2 Child Data You Add
As a parent, you add a child profile to the application. You input and manage the following data:
- Child name or nickname
- Screen time schedule settings
- Allowed and blocked application lists
- Tasks assigned to the child
- Alarm settings, including volume and blocking while the alarm is active
2.3 Multi-Parent Access
You may invite another parent or guardian, such as a spouse, to monitor the same child through the Parent Members feature. The additional parent's email address is stored and linked to the child profile. Each invited parent has the same access to child data.
2.4 Child Activity Data from SofeaKids or SofeaKids Plus
The SofeaApp application receives activity data from the companion application installed on your child's device. This data includes:
- The child's latest GPS device location. We only store the current position per child, not a travel history.
- Applications used and usage duration.
- Icons and names of applications installed on the child's device.
- Browser URL history.
- Social media activity history, including opened platforms and duration.
- Media playback status, such as the currently playing song or video title.
2.5 Subscription and Payment Data
If you subscribe to a paid plan, we store subscription status, start and end dates, selected plan, price, and payment reference. We do not store card numbers or sensitive payment details. Payment details are handled by third-party payment providers.
3. How We Use Data
- To give you access to child activity information.
- To let you set schedules and device usage rules.
- To send notifications about child activity that may need attention.
- To improve service quality.
- To meet applicable legal obligations.
We will not sell your data or your child's data, use child data for advertising, or access child data for purposes other than presenting it to you.
4. Data Storage and Security
Data is stored on secure Supabase servers with encryption in transit through HTTPS / TLS, encryption at rest, access restrictions through Row Level Security, and regular backups.
5. Sharing Data with Third Parties
We only share data with services that are essential to application operations:
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Database storage and authentication | Account and activity data |
| Firebase Cloud Messaging | Push notifications to devices | Device token |
| Cloudflare R2 | Application icon object storage | Application icons only |
| Google Maps SDK | Displaying child location maps | GPS coordinates for map rendering |
| Payment provider | Processing subscription payments | Payment data handled directly by the provider |
We do not share data with ad networks, data brokers, third-party analytics providers, or other commercial parties.
6. Your Rights
You have the right to access your data and your child's data, correct inaccurate data, delete your account and related data, request a machine-readable export, and withdraw consent at any time.
To use these rights, contact support@sofeaapp.my.id. We will respond within 30 days.
7. Children
The SofeaApp parent application is intended only for parents or guardians who are at least 18 years old. Children are not allowed to create accounts in this application.
8. Data Storage and Retention
While an account is active, we run an automatic daily data rotation process to limit old data:
| Data Type | Retention Period |
|---|---|
| GPS location | Latest position only, one entry per child, overwritten on each update |
| Daily app usage | 180 days |
| Hourly app usage | 30 days |
| Browser history | 30 days |
| Social media history | 30 days |
| Completed task history | 30 days |
| Read notifications | 7 days |
| Unread notifications | 30 days |
| OTP verification | Until expired, rotated every 10 minutes |
| Account, child profile, FCM token, and subscription | While the account is active |
After you delete your account, all identifying data, including account data, child profiles, and activity history, is deleted within 7 days. Database backups managed by Supabase may contain remaining data and expire according to Supabase backup policies, generally within 7 to 30 days.
9. Policy Changes
We may update this policy from time to time. Significant changes will be announced by email or app notification at least 7 days before they take effect.
10. Contact
- Email: support@sofeaapp.my.id
- Website: sofeaapp.com/en