Data & Security

1. Our Promise to You

At Maxie, we treat your family's information like it's our own: safe, private, and handled with care.

We build security into every part of Maxie so you can focus on family life, not worry about data leaks.

🔍 2. How We Process Data

We collect and process personal data only for purposes that keep Maxie running smoothly:

• Managing family events, tasks, and reminders
• Syncing with connected calendars (like Google Calendar)
• Sending you notifications and updates

Our legal basis under UK GDPR:

• Contract – for the data we need to deliver Maxie's core features
• Consent – for optional features like birthdays or connected calendar data
• Legitimate Interests – for things like security monitoring and app performance improvements

🤝 3. Our Trusted Service Providers (Subprocessors)

We work with a small set of vetted providers, bound by contracts to handle data securely and only for Maxie's purposes:

🛡 4. Security Measures

We follow a "security by design" approach:

• Encryption – Data is encrypted at rest and in transit
• Row-Level Security (RLS) – Ensures only your family members see your data
• Access Controls – Strict limits on who can access what, with audit logs
• Private File Storage – Files are stored in secure buckets with signed URLs for temporary access
• No Public Exposure – Child-related information is never public by default

🌍 5. Data Transfers Outside the UK/EU

When we work with providers outside the UK/EU (like OpenAI or Resend), we use Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office to make sure your data gets the same legal protection it would here.

📬 6. Contact Us

Questions about our security or data handling?

Email privacy@maxie.family — we're happy to explain how we keep your data safe.