Privacy Policy

Last updated: April 10, 2026

The Short Version

BRYKK does not operate any servers. Your data lives on your device and inside your iCloud account. BRYKK the company has no database, no admin panel, and no way to read your family's data. The only information we ever see is the anonymous, aggregate-only metrics Apple shows every iOS developer in App Store Connect: total downloads, country breakdown, device type, iOS version, and anonymous crash reports. None of it is tied to a person.

What BRYKK (the Company) Can See

We are committed to full transparency. Here is the complete list of everything BRYKK has visibility into. All of it comes from Apple's App Store Connect dashboard, the same one every iOS developer uses, and none of it is tied to an individual user, family, or location.

  • Total app downloads (a number, not who downloaded it)
  • Country breakdown (how many users in the US vs. UK vs. Germany, etc.)
  • Device type breakdown (how many iPhones, iPads, Apple Watches)
  • iOS version breakdown (which iOS versions our users are on)
  • App version adoption (how many users updated to the latest BRYKK)
  • Anonymous crash reports (stack traces only, no user identity)

That's it. No analytics tools, no user identifiers, no location data, no chat content, no family relationships. There is no dashboard, admin panel, or customer service portal that lets us look up an individual user, because there is no server to put one on.

Data Stored in Apple iCloud (CloudKit)

The following data is stored in Apple's CloudKit Public Database, accessible only to members of your family group via your shared family code. BRYKK has no access to this data.

  • Location data (latitude, longitude, speed, heading, altitude)
  • Family group membership, family code, family name, admin and supervised member lists
  • Chat messages within your family group
  • Saved places (both family-shared and personal)
  • Per-user place settings (your individual schedule, notifications, custom homecoming messages, audience preferences)
  • Custom homecoming messages you write for saved places
  • Trip metadata (destination, ETA, start time, route progress)
  • Avatar photos (stored as CloudKit assets, shared with family members only)
  • Battery level and dead-zone status
  • Weather cache (shared per family, refreshed hourly)
  • SOS and crash alert records (auto-expire after 10 minutes)
  • Calendar event titles and times for departure countdown alerts (events you choose to share)

Data Stored on Your Device

The following data is stored locally on your device in the iOS Keychain (encrypted at rest by iOS) and never transmitted to any server outside Apple iCloud:

  • Your name and avatar emoji
  • Family group code
  • Local copy of saved places and place settings
  • Local copy of trip history
  • App settings and notification preferences
  • Medical Card content (blood type, allergies, medications, conditions)
  • Admin PIN, stored as a SHA-256 hash with a per-install salt. The PIN itself is not stored anywhere and cannot be recovered, even by us
  • Authentication state for any optional integrations you set up

User-Generated Content (Custom Messages and Chat)

BRYKK allows you to write custom homecoming messages for your saved places, and to send chat messages to your family group. This is user-generated content, and you should know how it is handled:

  • BRYKK does not read or moderate this content. We have no technical ability to view your custom messages or chat in real time. They live in your family's CloudKit records.
  • You control the audience. Custom homecoming messages have a recipient picker so you can restrict who sees a particular message.
  • Receivers can opt out. Each device has a “Show Custom Messages” toggle. When off, the device shows the friendly default message instead of any custom text. This is the recommended setting for kids' devices.
  • You are responsible for what you write. Do not use custom messages or chat to harass, threaten, or share content harmful to other family members. See our Terms of Service for the full list of prohibited use.

Family-Shared vs Personal Places

BRYKK supports two kinds of saved places. Each has different privacy implications:

  • Family Places are shared with everyone in your family group. They are stored in a shared CloudKit record and visible to every family member. Use these for places like Home, Work, School, or Grandma's.
  • Personal Places are stored only on your devices and synced to your other devices via your iCloud account. Other family members cannot see them. Use these for spots you want to keep private, such as the gym or a therapist's office.
  • Both types support per-user settings (schedule, notifications, custom message). On family places, each member has their own settings overlay that does not affect other members.

Family Admin and PIN Protection

BRYKK includes a Family Admin Panel for managing family members. Admin access is protected by a PIN that you set on your own device:

  • Your PIN is stored as a SHA-256 hash with a per-install salt in iOS Keychain. The original PIN is never stored anywhere and cannot be reconstructed.
  • BRYKK cannot recover, reset, or look up your PIN. If you forget it, the only path to recover admin access is to remove yourself from the family and rejoin (your local data stays on your device).
  • Multiple family members can be promoted to admin. We strongly recommend at least two admins per family for resilience.
  • Admins can mark members as “supervised” (a parental control flag that prevents the supervised member from leaving the family without admin permission).

Children's Privacy and Supervised Mode

BRYKK is designed for family use, including children participating with parental consent. We do not knowingly collect personal information from children under 13 outside of family-managed setup by a parent or legal guardian. Parents and guardians retain full control over a child's use of BRYKK through the following mechanisms:

  • Supervised mode — admins can flag a child's device as supervised, which prevents the child from leaving the family on their own and signals to BRYKK that the device is under parental management.
  • Show Custom Messages toggle — parents should turn this OFF on a child's device so the child sees the family-friendly default message instead of any user-written custom content.
  • iCloud Family Sharing — parents managing children's iCloud accounts via Apple's Family Sharing retain Apple's built-in parental controls in addition to BRYKK's controls.
  • If you believe BRYKK has collected information from a child under 13 without parental consent, please email legal@brykk.app and we will work with you to address it.

Permissions We Request

  • Location (Always): Required for real-time family location sharing, geofence-based arrival and departure detection, and crash detection. Your location is shared only with your family group via CloudKit.
  • Motion & Fitness: Detects driving, walking, or stationary activity to optimize GPS usage and battery life. Activity data is not stored or shared.
  • Notifications: Used for arrival, departure, SOS, crash, chat, and other family safety alerts. SOS and crash alerts use Critical Alerts so they break through Do Not Disturb when enabled.
  • Calendar: Reads events locally to calculate departure-time alerts. Events are never uploaded to BRYKK servers (we have no servers).
  • HealthKit: Reads your Medical ID for the Emergency Card feature (read-only). BRYKK never writes to your health data.
  • Microphone & Speech Recognition: Used only for real-time translation. Audio is processed on-device by Apple's frameworks and immediately discarded. Nothing is recorded, stored, or transmitted.
  • Bluetooth: Used for accessory connectivity, CarPlay, and co-traveler proximity detection.
  • Wi-Fi network info: Detects connection to known saved-place networks to optimize GPS. Network names stay on your device.
  • Photos library: Optional. Used only when you choose to set or change your avatar photo.

Data We Do NOT Collect

  • No analytics or telemetry tools (no Mixpanel, Amplitude, Firebase, etc.)
  • No advertising identifiers or ad networks
  • No device fingerprinting
  • No browsing or in-app behavior tracking
  • No photos or media beyond the avatar you choose to upload
  • No contacts or address book
  • No audio or video recordings (translation processes audio on-device and discards it)
  • No biometric data (Face ID and Touch ID stay entirely within iOS)
  • No financial or payment information (handled by Apple App Store)

Third-Party Services

Apple iCloud (CloudKit): All family data is stored in Apple's CloudKit Public Database. Apple's privacy policy governs their infrastructure.

Apple WeatherKit: Weather data is fetched once per hour per family. Only coordinates are sent to WeatherKit.

Apple Translation Framework: All translation is processed on-device. No data leaves your phone.

Apple Maps: Used for the family map display, address search, and ETA calculation. Apple's privacy policy governs Maps usage.

Apple App Store and TestFlight: Used for app distribution. Apple shares aggregate App Store Connect metrics with us as described above.

No other third-party services are used. Zero analytics tools, zero ad networks, zero independent crash reporting services.

Data Retention

  • Location records: Overwritten on each update (only the latest position is stored per member)
  • SOS and crash alerts: Auto-expire after 10 minutes
  • Chat messages: Retained for 30 days, capped at 100 messages per family
  • Trip history: Retained for 60 days for free users, longer for premium users, capped at 100 trips per device
  • Weather cache: Refreshed hourly, only the latest snapshot retained
  • Custom homecoming messages: Retained as long as the saved place exists

Deleting Your Data

You have full control over your data:

  • Leave a family: Tap Settings → Family → Leave Family. Your location record is deleted from CloudKit immediately. Other family members will see you disappear from their maps within seconds.
  • Delete the app: Removes all local data stored in iOS Keychain on that device. Other devices on the same iCloud account retain their copies until you delete the app on each.
  • Request complete data removal: Email legal@brykk.app. Because BRYKK has no servers, the request will be a guided walkthrough of how to delete your CloudKit and Keychain data yourself.

Data Sales

We will never sell, share, rent, or monetize your personal data. Period. This is not a future plan that might change. It is a core principle of how BRYKK is built. We have no personal data to sell because we never have it. The aggregate App Store Connect metrics described above are not for sale either.

Changes to This Policy

We may update this policy from time to time as BRYKK evolves. Changes will be posted here with an updated date at the top of the page. Material changes that affect how your data is collected or shared will also be announced inside the app or via email if you have provided one.

Contact

Questions about privacy? Email legal@brykk.app