Privacy
Privacy policy.
Operator: Cybernated · Kuala Lumpur, Malaysia · [email protected]
Effective date: 8 February 2026 · Last updated: 17 May 2026
TinyBeacon is a child safety app designed for parents and legal guardians. This policy explains what we collect, how we use it, and how you can control or delete it. We are operated by Cybernated in Kuala Lumpur, Malaysia, and our data practices are built to the standards of Malaysia’s Personal Data Protection Act 2010 (PDPA).
1. What we collect
1.1 Account information (parent)
- Email address (authentication only)
- Display name
- Account role (parent or child)
1.2 Child monitoring data (requires parental consent)
No data is collected from a child’s device until a parent has explicitly granted monitoring consent. When consent is active:
| Data type | Purpose | Encryption |
|---|---|---|
| Location (GPS) | Safety and geofencing alerts | AES-256 at rest |
| App usage metadata | Screen-time monitoring | AES-256 at rest |
| Screenshot metadata & analysis | Content safety analysis | AES-256 at rest |
| Emergency incidents | Emergency alerts | AES-256 at rest |
1.3 What we do not collect
- Advertising identifiers (IDFA)
- Contact lists or call logs
- Browser history or search queries
- Messages or communication content
- Biometric data
- Audio or video recordings
2. How we use it
- Authentication: to sign in and manage accounts
- Safety monitoring: to provide location, geofencing, and screen-time data to parents
- Alerts: to notify parents of geofence exits, emergency incidents, and flagged content
- App improvement: anonymised, aggregated analytics only — no child PII
- Error tracking: crash reports with all personally identifiable information stripped before transmission
We do not sell, rent, or share personal information with advertisers or data brokers.
3. The analysis pipeline
When a screenshot is captured and sent for analysis, it is transmitted in plain text to a Supabase Edge Function where Claude’s vision model reads and summarises it. This is unavoidable if a vision model is to understand the frame. We do not log plaintext, we do not persist it, and we do not train any model on your child’s screens.
If nothing concerning is found, the screenshot is discarded immediately — no copy is saved. If something is flagged, the image is encrypted (AES-256) and retained for a maximum of 30 days. You see the model’s plain-English explanation of what it saw. On day 31, the flagged content is deleted unless you have explicitly saved it.
4. Encryption & security
4.1 Encryption at rest
- Screenshots captured for content analysis are encrypted with AES-256-GCM
- The signed-in session stored on the device is encrypted with AES-256-CTR
- Encryption keys are generated on the device, held in the device secure enclave (iOS Keychain), and wiped on sign-out
- Data in our database is encrypted at rest by our infrastructure provider (Supabase)
4.2 Encryption in transit
- TLS 1.2 or higher for all network communications
4.3 Access controls
- Row Level Security (RLS) on all database tables — parents access only their own children’s data
- Role-based access: parent vs. child accounts
- Encryption keys wiped on sign-out
5. Data retention & deletion
- Configurable retention: parents set a retention window of 7 to 90 days for location and screen-time data. Flagged screenshot content follows the fixed 30-day window described in section 3.
- Automatic deletion: data older than the chosen window is deleted automatically
- Consent revocation: revoke consent and all child data is purged within 24 hours
- Account deletion: deleting an account permanently removes all associated data
6. Third-party services
| Service | Purpose | Data shared | Privacy measures |
|---|---|---|---|
| Supabase | Backend & database | Encrypted monitoring data, auth tokens | RLS policies, data isolation, encrypted at rest |
| PostHog | Product analytics | Anonymised usage events (no PII) | Privacy mode enabled; no child PII stored |
| Sentry | Error tracking | Crash reports (PII stripped) | All PII removed before transmission |
| Expo | Push notifications, OTA updates | Push tokens, device identifiers | Parent-facing notifications only |
| Plausible | Website analytics (tiny-beacon.com) | Aggregate page views — no cookies, no personal data | Privacy-first analytics; nothing that identifies a visitor |
| Cloudflare | Website DNS, CDN & security | IP address and request metadata for tiny-beacon.com | Website traffic only; no child monitoring data |
7. Your rights
Under Malaysia’s Personal Data Protection Act 2010, you have the right to access, correct, and withdraw consent for the processing of personal data. In practice:
- Review all data collected about your child via the parent dashboard
- Limit the monitoring types enabled (location, screen time, screenshots)
- Delete any monitoring data via the Settings screen at any time
- Revoke consent in one tap — stops data collection immediately and triggers deletion
- Delete your account entirely, removing all associated data permanently
- Request a data export by emailing [email protected]
8. Data storage location
Data is stored on Supabase-managed infrastructure. All data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Database backups are encrypted and access-controlled.
9. Changes to this policy
Material changes will be communicated through:
- In-app notification to all parent accounts
- Updated “Last updated” date at the top of this page
- Re-consent required for any change that materially affects how children’s data is handled
10. Contact
Questions about this policy, or to exercise your rights:
© 2026 Cybernated. TinyBeacon is committed to protecting children’s privacy. Built in Kuala Lumpur, Malaysia.