DropSentry

Privacy Policy

Last updated: November 26, 2025

1. Introduction

DropSentry (“we,” “our,” or “us”) is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our childcare check-in application and related services (collectively, the “Service”).

By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

We collect the following types of personal information:

  • Guardian Information: Name, email address, phone number, and profile information
  • Child Information: Name, date of birth, photo (optional), and any medical or allergy information provided by guardians
  • Facility Information: Facility name, address, contact details, and staff information
  • Check-in/Check-out Records: Timestamps, guardian identity, and session duration

2.2 Automatically Collected Information

  • Device Information: Device type, operating system, and unique device identifiers
  • Usage Data: How you interact with our Service, including check-in frequency and feature usage
  • Log Data: IP address, browser type, and access times

2.3 Camera Access

Our mobile application requests camera access solely for the purpose of scanning QR codes during the check-in process. We do not store, transmit, or analyze any images captured by your camera beyond reading the QR code data.

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide and maintain our Service
  • To process check-ins and check-outs at childcare facilities
  • To send notifications about your child’s status
  • To verify guardian identity and authorization
  • To maintain attendance records as required by facilities
  • To improve and personalize our Service
  • To communicate with you about updates or changes to our Service
  • To comply with legal obligations

4. Data Storage and Security

Your data is stored securely using industry-standard encryption and security practices. We use:

  • Database: PostgreSQL database hosted on Supabase with encryption at rest
  • Authentication: Clerk, a third-party authentication provider, handles user credentials securely
  • Transmission: All data is transmitted over HTTPS using TLS encryption

While we implement safeguards designed to protect your information, no security system is impenetrable. We cannot guarantee the security of our databases or that information you supply will not be intercepted while being transmitted over the Internet.

5. Data Sharing and Disclosure

We may share your information in the following circumstances:

  • With Childcare Facilities: Information necessary for facilities to manage check-ins and ensure child safety
  • With Authorized Guardians: Other guardians you have authorized to pick up your child
  • Service Providers: Third-party companies that help us operate our Service (e.g., Clerk for authentication, Supabase for data storage)
  • Legal Requirements: When required by law, subpoena, or other legal process
  • Safety: When necessary to protect the safety of a child or prevent harm

We do not sell your personal information to third parties.

6. Children’s Privacy (COPPA Compliance)

Our Service collects information about children under 13 years of age as part of providing childcare management services to facilities and guardians. We are committed to complying with the Children’s Online Privacy Protection Act (COPPA).

  • We only collect children’s information with verifiable parental/guardian consent
  • Parents/guardians can review, update, or delete their child’s information at any time
  • We collect only the minimum information necessary to provide our Service
  • Children’s information is never used for marketing purposes

7. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Withdraw Consent: Withdraw consent for data processing where applicable

To exercise these rights, please contact us at hello@dropsentry.com.

8. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • The right to know what personal information is collected, used, shared, or sold
  • The right to delete personal information held by businesses
  • The right to opt-out of sale of personal information
  • The right to non-discrimination for exercising CCPA rights

9. Cookies and Tracking

We use essential cookies necessary for the operation of our Service, including:

  • Authentication cookies to keep you signed in
  • Session cookies to maintain your session state

We do not use advertising or tracking cookies.

10. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our Service. Check-in records are retained for the period required by applicable childcare regulations (typically 2-7 years depending on jurisdiction).

You may request deletion of your account and associated data at any time by contacting us.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We take appropriate safeguards to ensure your information remains protected in accordance with this Privacy Policy.

12. Third-Party Services

Our Service integrates with the following third-party services:

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date. We encourage you to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: