Back to home

Privacy Policy

Last updated: April 28, 2026

Nook (“we,” “our,” or “us”) operates the nook.bond website and mobile application. This Privacy Policy describes how we collect, use, and protect your personal information when you use our service.

Information We Collect

Information you provide

  • Account information: email address, display name, and optionally a phone number in E.164 format for SMS check-ins.
  • Check-in data: daily check-in confirmations, optional notes, timestamps, and whether the check-in was via the app or SMS.
  • Circle data: relationships between family members, watcher/watched designations, and circle approval status.
  • Waitlist information: email address, optional phone number, and role preference when you join our waitlist.

Information collected automatically

  • Usage analytics: page views, feature interactions, and session data — collected via our own analytics system (no third-party trackers).
  • Device information: browser type, operating system, and push notification subscription data for Web Push delivery.
  • Log data: IP addresses (for rate limiting only, not stored long-term), request timestamps, and error logs.

How We Use Your Information

  • To deliver daily check-in reminders via push notification and SMS.
  • To process and display check-in status to your designated care circle.
  • To operate the escalation alert chain when check-ins are missed.
  • To send waitlist updates and product announcements.
  • To improve our service through aggregated, anonymized analytics.
  • To prevent abuse via rate limiting and fraud detection.

Tracking Technologies

We use limited tracking technologies to measure the effectiveness of our advertising and improve our service:

  • Meta (Facebook) Pixel: We use the Meta Pixel on our website to measure ad performance, optimize ad delivery, and build audiences for future advertising. The pixel may place cookies on your browser and collect information such as your IP address, browser type, pages visited, and actions taken (e.g., joining our waitlist). This data is shared with Meta Platforms, Inc. and processed in accordance with Meta's Privacy Policy.

You can opt out of Meta tracking by adjusting your Facebook ad preferences or by using your browser's cookie settings.

How We Share Your Information

We do not sell your personal information. We share data only with the following service providers, solely to operate Nook:

  • Telnyx — SMS delivery for check-in reminders and escalation alerts. Telnyx receives phone numbers and message content.
  • Vercel — Application hosting and edge delivery. Vercel processes requests and may temporarily log IP addresses.
  • Supabase — Database hosting and authentication. Supabase stores your account data, check-in records, and analytics with row-level security.
  • Meta Platforms — Advertising measurement. The Meta Pixel collects browsing activity to measure ad performance. See the Tracking Technologies section above.

We may also disclose information if required by law or to protect the rights, safety, or property of Nook, our users, or the public.

Data Retention

  • Account data: retained while your account is active and for 30 days after deletion request.
  • Check-in history: retained for 1 year, then aggregated and anonymized.
  • Escalation records: retained for 90 days after resolution.
  • Analytics events: raw events retained for 90 days; aggregated daily summaries retained for 2 years.
  • Waitlist data: retained until you convert to a full account or request removal.
  • IP addresses: used transiently for rate limiting; not stored in any permanent log.

Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data and account.
  • Export your data in a portable format.
  • Opt out of non-essential communications.

California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and how it is used, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, contact us at privacy@nook.bond.

Children's Privacy

Nook is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.

Security

We take the security of your data seriously and implement industry-standard protections:

  • All data in transit is encrypted with TLS 1.3.
  • Data at rest is encrypted with AES-256.
  • Row-level security (RLS) policies enforce that users can only access data within their own family circle.
  • Authentication tokens and secrets are never exposed to client-side code.
  • API endpoints are rate-limited to prevent abuse.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the app. Your continued use of Nook after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or your data, contact us at privacy@nook.bond.