Draft — pending counsel
This page is a placeholder. Final copy will be provided by NestDesk's counsel before public launch.
Privacy Policy
Last updated: April 2026
Information we collect
We collect account information you provide (name, email, business details), shift log data you create, and content from baby onboarding forms completed by your client families.
Information about infants
Baby profile data — including medical notes, allergies, feeding plans, and pediatrician information — is app-layer encrypted, never used to train AI models, and only accessible by the NCS who created the profile and the authenticated family (when that feature ships).
COPPA and infant data
Families provide written consent during the baby onboarding form before any infant data is submitted. We record the consent timestamp and IP address on the baby profile. Parents may request deletion of infant data at any time by emailing hello@nestdesk.app.
Third parties we rely on
Supabase (database, auth), Stripe (billing), Resend (transactional email), Anthropic via Vercel AI Gateway (AI-generated morning reports — with zero data retention), Sentry (error monitoring), and PostHog (product analytics).
Your rights
You can export, correct, or delete your data at any time from your account settings. We honor GDPR and CCPA rights on request, even from users not in those jurisdictions.
Data retention
We retain shift and report history for the lifetime of your subscription so your professional record stays searchable. If you cancel, your data stays read-only on the free Starter tier — we never auto-delete your history.
Contact
Questions? Email hello@nestdesk.app and a real person will answer — especially during the first year.