⚠️ Not final legal guidance. This policy was drafted with AI assistance based on an internal audit of Kodo's own systems and code, and has not yet been reviewed by a licensed attorney. It is published in good faith to be accurate about what Kodo actually does today, but it should not be relied upon as a substitute for professional legal review — particularly the sections on children's data and location data.
K

Privacy Policy

Effective July 3, 2026 · Kodo — The Family Operating System

This policy explains what information Kodo collects, why, how it's used, who it's shared with, and how you can access, correct, or delete it. It's written to describe what Kodo's systems actually do, verified directly against the app and backend rather than boilerplate.

1. Account & Identity

Sign in with Apple. When you create a Kodo account, we receive your Apple account identifier and, on your first sign-in only, the email address associated with your Apple ID (Apple only shares this once per app). We verify this using Apple's own published signing keys — we never see or store your Apple password.

Apple may also offer to share your name during sign-in. Kodo does not forward or store that name — your display name comes from what you type into the app during setup instead.

2. Family & Household Information

When you set up your family, we collect: your family's name, household type (e.g. couple, family with kids, co-parenting), your general location (city/timezone, and optionally coordinates if you enable location-based features), and the names and roles of the adults in your household (e.g. "Mom," "Dad," "Co-Parent").

3. Children's Data — read this section carefully

Only a parent or guardian creates a child's profile in Kodo — children do not sign up or log in on their own, and Kodo does not knowingly collect information directly from a child. Everything below is entered by the parent/guardian on the child's behalf.

For each child profile, we store:

Kodo does not show advertising to children, does not sell children's information, and does not permit a child to invite outside contacts or communicate with anyone outside their own family through the Kids experience.

We have not yet completed a formal legal review (e.g. COPPA) of this section — treat the description above as a factual account of current behavior, not a compliance certification.

4. Calendar & Email Data (optional features you turn on)

Gmail

If you connect Gmail, Kodo requests read-only access to your inbox and calendar (gmail.readonly, calendar.readonly) — Kodo cannot send email as you, modify your inbox, or delete anything. We scan recent messages for things like event invitations, school notices, and appointments; an AI system extracts the relevant details (a title, date, and location), and only that extracted summary is kept — the full email body is not stored long-term once it's been processed.

Calendars

If you connect Google Calendar, your device's built-in calendars (iCloud, Outlook, etc. via Apple's EventKit), or a calendar link (ICS/webcal), Kodo reads event titles, times, and locations so they can appear in your family's shared calendar and be checked for conflicts.

5. Location

Kodo only ever asks for "While Using the App" location access — Kodo does not request or use "Always" background location tracking.

Kodo does not keep a continuous location history. When you arrive at a place you've labeled (like "Home" or "School"), Kodo records a single check-in event (the label, a timestamp, and who arrived) and updates a "last known location" field with that same label — it does not store a log of everywhere you've been or raw GPS coordinates over time.

6. Notifications

To send you push notifications, Kodo stores a device token issued by Apple's push notification service. This token identifies your device for delivering notifications — it does not, by itself, identify you personally to anyone outside Kodo and Apple.

7. Photos

Kodo stores photos you or your family choose to upload: an optional family photo, kids' quest-completion photos (see Section 3), and photos you submit for pantry scanning or receipt scanning. These are stored in our cloud storage (Amazon S3) and processed by AI/ML services described in Section 8.

8. Third Parties We Share Data With

Kodo is built on top of a small number of named service providers. We don't sell your data to data brokers or advertisers. Here's exactly who processes what:

ProviderWhat they receive / process
Amazon Web Services (AWS)Hosts all of Kodo's data and backend processing (databases, file storage, servers). Also provides Amazon Rekognition, which reads text off of receipt photos you scan.
AppleVerifies your identity for Sign in with Apple; delivers push notifications to your device (APNs).
GoogleProvides Gmail/Calendar API access, only for accounts you explicitly connect, and only the scopes described in Section 4.
Anthropic (Claude AI)Processes data to generate your daily briefing, detect calendar conflicts, rewrite co-parent messages for tone, classify scanned emails, and verify kids' quest photos.
Meta (WhatsApp Business API)Used only if you use Kodo's co-parent WhatsApp messaging feature, to deliver message templates.
Amazon SESSends the co-parent invite email to the address you provide when you invite a partner or co-parent to join your family.

9. Data Retention & Account Deletion

You can delete your account or leave a family at any time from Settings. Here is exactly what that does today, described accurately rather than in general terms:

10. Your Rights

You can ask us to access, correct, export, or delete your (or your family's) data at any time. Contact us at admin@kodo.family and we'll respond as quickly as we can.

11. Changes to This Policy

This is a living document. As Kodo's features change, we'll update this page to keep matching what the product actually does, and update the effective date above when we do.