Privacy Policy

Last Updated: November 6, 2025

Introduction

Welcome to Fampla! We believe your family's data belongs to you, not us.

Unlike traditional apps that collect and store your data on corporate servers, Fampla is a self-hosted family organization platform. This means you run Fampla on your own server, giving you complete control over your family's information.

What does this mean for your privacy?

• You own your data: All your family's information stays on your server
• No central collection: We (the Fampla developers) never see or store your data
• Complete control: You decide who has access, how long to keep data, and when to delete it
• No tracking: No third-party analytics, no behavioral tracking, no data mining

This privacy policy explains what data Fampla processes in your self-hosted instance and how you can manage it.

Our Privacy Philosophy

Traditional Apps vs. Fampla

Traditional SaaS Apps:

• Your data lives on their servers
• They decide security measures
• They can analyze your usage patterns
• Subject to their terms of service changes
• Vulnerable to company data breaches

Fampla (Self-Hosted):

• Your data lives on YOUR server
• You control security measures
• No usage tracking or analytics
• You control the rules
• Only you can access the data

Who This Policy Applies To

This policy describes how Fampla software processes data when you run it on your own infrastructure. Each Fampla instance is independent, and you (as the instance administrator) are responsible for your family's data.

Data Processed by Your Fampla Instance

When you run Fampla, the software processes and stores the following types of data in your local database:

1. User Account Data

What we process:

• Username (for login and sharing)
• Full name and display name
• Email address (optional)
• Birth date (optional)
• Avatar/profile picture (optional)
• Account creation date

Why it's needed:

• Authentication and access control
• Displaying user information to family members
• Personalizing the app experience

Who can see it:

• Family members in your instance (name, display name, avatar)
• Only you can see your full account details
• Instance administrator has technical access to all data

2. Authentication & Security Data

What we process:

• Password (stored as bcrypt hash - never plain text)
• JWT authentication tokens (temporary session tokens)
• Login timestamps
• Active session information

Why it's needed:

• Securing your account
• Maintaining logged-in sessions
• Preventing unauthorized access

Security measures:

• Passwords hashed with bcrypt (industry standard)
• JWT tokens expire automatically
• Passwords never stored in plain text
• Secure password reset mechanisms

3. Activity & Logging Data

What we process:

• IP addresses (anonymized)
• User agent strings (browser/device information)
• Activity logs (login attempts, content creation)
• Error logs (for troubleshooting)

Why it's needed:

• Security monitoring (detecting suspicious activity)
• Troubleshooting technical issues
• System performance optimization

Privacy protection:

• IP addresses are anonymized (last octet removed)
• Logs stored locally, never transmitted externally
• Automatic log rotation and cleanup

4. Family Organization Data

What we process:

• Family group memberships
• User roles (admin, member)
• Family invitations and join codes
• Family settings and preferences

Why it's needed:

• Managing family access and permissions
• Coordinating shared resources
• Controlling who sees what

Who can see it:

• All family members can see other members
• Only admins can manage family settings
• Each family's data is isolated from others

5. Content Data

What we process:

• Calendar Events: titles, dates, times, locations, descriptions, attendees
• Shopping Lists: items, categories, quantities, completion status
• Recipes: names, ingredients, instructions, images, nutrition info
• Notes: text content, attachments, sharing settings
• Todos: tasks, due dates, completion status, assignments

Why it's needed:

• Core functionality of family organization
• Collaboration and sharing within family
• Syncing across devices

Who can see it:

• Content visibility based on sharing settings
• Private content: only creator
• Family content: all family members
• Shared content: specified users only

6. File Uploads

What we process:

• Recipe images
• Avatar pictures
• Calendar attachments
• Shopping list photos

Why it's needed:

• Visual content organization
• Recipe management
• Enhanced calendar functionality

Storage:

• Files stored in your server's filesystem
• Access controlled by authentication
• No external CDN or cloud storage

How Your Data is Stored

Database Storage

All structured data (users, events, lists, etc.) is stored in a PostgreSQL database running on your server:

• Database files remain on your infrastructure
• Access protected by database credentials
• Connection encrypted with SSL (if configured)
• Regular backups are your responsibility

File Storage

Uploaded files (images, attachments) are stored in your server's filesystem:

• Located in the configured uploads directory
• Access controlled by the Fampla application
• Not publicly accessible without authentication
• Backups managed by you

Cache Storage

Temporary data is stored in Redis (if configured):

• Session data and tokens
• Rate limiting counters
• Temporary cache for performance
• Automatically expires based on TTL settings

Encryption

Data at Rest:

• Database encryption depends on your server configuration
• We recommend enabling PostgreSQL encryption
• File system encryption is your responsibility

Data in Transit:

• HTTPS/TLS encryption strongly recommended
• Configure SSL certificates for your domain
• Protects data between devices and server

Data Sharing & Access

Within Your Family

• Family Members: Can see shared calendars, shopping lists, and recipes
• Private Content: Only visible to the creator
• Permissions: Admins have additional management capabilities

Outside Your Instance

• No External Sharing: Fampla does not share data with external services
• No Analytics: No third-party tracking or analytics services
• No Cloud Sync: Data stays on your server only
• No Marketing: Your data is never used for marketing purposes

Third-Party Services

Fampla does not integrate with or share data with:

• Analytics platforms (Google Analytics, etc.)
• Advertising networks
• Social media platforms
• Cloud storage providers
• Any external APIs or services

The only external connections are:

• AltStore Distribution (optional): Only for app installation via AltStore
• Manual Imports/Exports: When you explicitly export data (iCal, CSV, JSON)

Your Rights & Control

Since you control the Fampla instance, you have complete rights over your data:

Access Your Data

• View all your data through the Fampla interface
• Export calendar events (iCal, CSV, JSON)
• Export shopping lists and recipes
• Direct database access (as administrator)

Modify Your Data

• Edit your profile and account information
• Update or delete content you created
• Change privacy settings on your content
• Modify family memberships

Delete Your Data

As a User:

• Delete your account through app settings
• Removes all your personal data
• Content you created may remain for family continuity

As an Administrator:

• Complete database deletion possible
• Can permanently remove all family data
• Can export before deletion for backup

Data Portability

• Export data in standard formats (iCal, CSV, JSON)
• Calendar events: iCalendar (.ics) format
• Shopping lists: CSV format
• Recipes: JSON format
• Database dumps available (administrator)

Security Measures

Application Security

• Password Hashing: Bcrypt with salt (never plain text)
• JWT Tokens: Secure, expiring session tokens
• Input Validation: Protection against injection attacks
• Rate Limiting: Prevents brute force attacks
• CORS Protection: Restricts cross-origin requests

Database Security

• Access Control: Database credentials not exposed
• Prepared Statements: Prevents SQL injection
• Connection Security: SSL/TLS encryption (if configured)
• Regular Updates: Keep PostgreSQL patched

Network Security

• HTTPS Recommended: Encrypt data in transit
• Firewall Configuration: Restrict database access
• Private Network: Consider VPN for remote access
• Regular Security Updates: Keep Docker images updated

Best Practices for Self-Hosting

To maximize security and privacy:

1. Use HTTPS: Configure SSL/TLS certificates (Let's Encrypt recommended)
2. Strong Passwords: Enforce strong password policies
3. Regular Backups: Backup database and files regularly
4. Update Regularly: Pull latest Docker images for security patches
5. Monitor Logs: Check logs for suspicious activity
6. Firewall Rules: Restrict access to necessary ports only
7. Private Network: Use VPN for access outside home network

Data Retention

Automatic Retention

• Active Data: Stored indefinitely until you delete it
• Session Tokens: Expire after 7 days of inactivity
• Activity Logs: Rotated and cleaned up automatically
• Cache Data: Expires based on TTL settings

Manual Cleanup

As the instance administrator, you control:

• When to delete old calendar events
• When to archive completed todos
• When to remove inactive users
• When to purge old activity logs

Account Deletion

When a user deletes their account:

• Personal information removed immediately
• Shared content may remain for family continuity
• Authentication data permanently deleted
• Can be configured for complete data removal

Self-Hosting Responsibilities

When you self-host Fampla, you become the data controller for your instance. This means:

Your Responsibilities

1. Server Security: Securing your server infrastructure
2. Data Backups: Regular backups of database and files
3. Access Control: Managing who can create accounts
4. Privacy Compliance: Following local data protection laws
5. Updates & Patches: Keeping Fampla software updated
6. User Support: Helping family members with issues

Our Responsibilities (Fampla Developers)

1. Secure Code: Writing secure, privacy-respecting software
2. Security Updates: Providing patches for vulnerabilities
3. Documentation: Clear setup and security guidelines
4. Transparency: Open source code for audit and review

Legal Compliance

Depending on your location and use case:

• GDPR (EU): If hosting for EU residents
• CCPA (California): If hosting for California residents
• Other Laws: Check your local data protection requirements

We provide the tools, but compliance is your responsibility as the instance operator.

Children's Privacy

Fampla is designed for family use, which may include children:

• Parental Control: Parents/admins manage children's accounts
• Age Verification: Not built-in (your responsibility)
• Content Moderation: Family admins can monitor activity
• Data Protection: Children's data follows same protections

If you allow children under 13 (or your local age of consent) to use your instance:

• Obtain proper parental consent
• Monitor their activity appropriately
• Limit their access to sensitive features
• Consider separate family groups for children

Changes to This Privacy Policy

How We Update

• Privacy policy versioned with "Last Updated" date
• Major changes announced in release notes
• Policy file included in GitHub repository
• You can review changes via Git history

Your Responsibility

When running a self-hosted instance:

• Review privacy policy updates
• Inform your family members of changes
• Update your instance privacy policy if you modify behavior
• Maintain your own privacy policy if required by law

No Forced Changes

Since Fampla is self-hosted:

• You choose when to update
• You can modify the code if needed
• You're not subject to sudden policy changes
• You control the deployment schedule

Open Source & Transparency

Fampla is open source software:

• Code Review: Anyone can audit our code
• GitHub: https://github.com/fampla/fampla
• Community: Report security issues responsibly
• Contributions: Privacy improvements welcome

Reporting Security Issues

If you discover a security vulnerability:

1. Do NOT open a public GitHub issue
2. Email security concerns to: [your-security-email@example.com]
3. Provide detailed description and reproduction steps
4. We'll respond within 72 hours
5. Coordinated disclosure after patch available

Contact Information

For Users of an Instance

• Contact your instance administrator
• They control your family's data
• They can answer specific privacy questions

For Instance Administrators

• GitHub Issues: https://github.com/fampla/fampla/issues (general questions)
• Security Issues: [your-security-email@example.com] (security only)
• Documentation: https://github.com/fampla/fampla/blob/main/README.md

For Privacy Inquiries

Since Fampla is self-hosted:

• We (developers) don't have access to your data
• Privacy questions should go to your instance admin
• General privacy policy questions: GitHub Discussions

Additional Resources

Technical Documentation

• Setup Guide: /README.md
• Security Best Practices: /SECURITY.md (if available)
• Database Schema: /backend/migrations/
• API Documentation: /backend/README.md

Privacy Tools

• Data Export: Built-in export features (iCal, CSV, JSON)
• Account Deletion: User settings > Delete Account
• Privacy Settings: Control content visibility per-item
• Activity Logs: View your own activity history

Community Support

• GitHub Discussions: Ask questions, share experiences
• Issue Tracker: Report bugs or privacy concerns
• Documentation: Comprehensive guides for self-hosting

Summary: Your Privacy, Your Control

With Fampla, you get:

✅ Complete Data Ownership - Your data, your server, your rules

✅ No Corporate Surveillance - No tracking, no analytics, no data mining

✅ Full Transparency - Open source code you can audit

✅ Strong Security - Industry-standard encryption and protection

✅ Data Portability - Export anytime in standard formats

✅ Family Privacy - Data never leaves your infrastructure

Self-hosting means:

⚠️ You're Responsible - Security, backups, and compliance are on you

⚠️ Technical Setup - Requires server administration knowledge

⚠️ Maintenance - Keep software and server updated

⚠️ Support - Community support, not corporate helpdesk

Questions?

"Can Fampla developers see my data?" No. Your data is only on your server. We never have access to it.

"What happens if I stop using Fampla?" Export your data, then delete the instance. Your data is gone forever (unless you kept backups).

"Can I modify this privacy policy?" Yes! Since you run the instance, you can modify anything. Be sure to inform your users.

"Is Fampla GDPR compliant?" Fampla provides privacy-respecting tools, but GDPR compliance is your responsibility as the instance operator.

"How do I delete all my data?" Users can delete accounts in settings. Admins can drop the entire database or delete the Docker containers.

"Can I run Fampla without the internet?" Yes! Fampla works entirely offline on your local network. Perfect for privacy-focused families.

Thank you for choosing Fampla and taking control of your family's digital privacy! 🐝

For the latest version of this privacy policy, visit: https://github.com/fampla/fampla/blob/main/PRIVACY.md