Privacy Policy

Last updated: April 2026

1. Introduction

Seedflow Limited ("原粒躍動有限公司", "we", "us", or "our") operates the BabyBerry mobile application and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and handling your data with transparency and care, particularly given the sensitive nature of pregnancy and health-related information. Please read this policy carefully. By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect several types of information to provide and improve our Service:

2.1 Personal Information You Provide

• Account registration details (name, email address, password)
• Profile information (age, due date, pregnancy stage)
• Health and pregnancy data you enter (weight, blood pressure, fetal movement counts, contraction timing, symptoms, medical history)
• Content you create (notes, journal entries, community posts)
• Communications with us (support requests, feedback)

2.2 Information Collected Automatically

• Device information (device type, operating system, unique device identifiers)
• Usage data (features accessed, pages viewed, session duration, interaction patterns)
• Log data (IP address, browser type, access times, referring URLs)
• Crash reports and performance diagnostics

2.3 Information from Third Parties

• If you sign in via third-party services (e.g. Apple Sign-In, Google Sign-In), we may receive your name and email address as permitted by those services
• Analytics data from integrated services (see Section 8)

3. Health and Pregnancy Data

We recognise that pregnancy and health data is highly sensitive. We apply additional safeguards to this category of data:

• Health data is collected only when you voluntarily enter it into the app
• Health data is encrypted both in transit (TLS 1.2+) and at rest (AES-256)
• We do not sell your health data to any third party under any circumstances
• Health data is not used for advertising or marketing purposes
• Access to health data within our organisation is strictly limited to personnel who require it for service operation
• You may export or delete your health data at any time through the app settings

4. AI Data Processing

BabyBerry uses artificial intelligence to provide personalised pregnancy guidance and health insights. Here is how your data is handled in connection with our AI features:

• Questions you ask the AI Health Assistant and the context needed to answer them (such as your pregnancy week) may be sent to our AI processing providers
• AI interactions are not used to train third-party AI models. We contractually prohibit our AI providers from using your data for model training
• We may use anonymised and aggregated interaction data to improve the quality and accuracy of our AI features
• AI-generated content is for informational purposes only and does not constitute medical advice. Always consult a qualified healthcare provider for medical decisions
• You can delete your AI conversation history at any time from within the app

5. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve our Service, including personalised pregnancy tracking and AI-powered health guidance
• To create and manage your account
• To process subscriptions and payments through the App Store or Google Play
• To send you important service-related notifications (e.g. weekly pregnancy updates, appointment reminders)
• To respond to your enquiries and provide customer support
• To analyse usage patterns and improve user experience
• To detect, prevent, and address technical issues and security threats
• To comply with legal obligations

6. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and the United Kingdom, we process your personal data on the following legal bases:

• Consent: You have given explicit consent for the processing of your personal data, including health data, for specific purposes. You may withdraw consent at any time.
• Contract Performance: Processing is necessary for the performance of a contract with you (i.e. providing the Service you signed up for).
• Legitimate Interests: Processing is necessary for our legitimate interests (e.g. improving the Service, ensuring security), provided these interests do not override your fundamental rights.
• Legal Obligation: Processing is necessary to comply with a legal obligation to which we are subject.

7. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following limited circumstances:

• Service Providers: We engage trusted third-party companies to perform services on our behalf (e.g. cloud hosting, analytics, AI processing, customer support). These providers are contractually obligated to protect your data and may only use it to perform services for us.
• Legal Requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request.
• Safety: We may disclose information when we believe in good faith that disclosure is necessary to protect the rights, safety, or property of our users or the public.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before your data becomes subject to a different privacy policy.
• With Your Consent: We may share information for any other purpose with your explicit consent.

8. Third-Party Services

Our Service integrates with or relies upon the following categories of third-party services:

• Cloud Infrastructure: Database hosting, user authentication, and file storage (e.g. Supabase)
• AI Services: Natural language processing providers for our AI Health Assistant feature
• Error Monitoring: Crash reporting and performance monitoring services (e.g. Sentry)
• Payment Processing: Subscription payments are processed through Apple App Store and Google Play Store. We do not directly store your payment card details.
• Authentication: Sign-in providers (Apple Sign-In, Google Sign-In)

Each third-party service has its own privacy policy governing the use of your information. We encourage you to review their policies. We are not responsible for the privacy practices of third-party services.

9. Cookies and Tracking Technologies

Our website and Service may use cookies and similar tracking technologies to enhance your experience:

• Essential Cookies: Required for the Service to function properly (e.g. session management, authentication).
• Analytics Cookies: Help us understand how users interact with the Service so we can improve it.
• Preference Cookies: Remember your settings and preferences (e.g. language selection).

Our mobile application does not use browser cookies. You can control cookies on our website through your browser settings. Disabling certain cookies may limit your ability to use some features.

10. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy, unless a longer retention period is required or permitted by law.

• Account Data: Retained for the duration of your account and up to 30 days after account deletion.
• Health Data: Deleted within 30 days of your request or account deletion. Anonymised aggregates may be retained for research and service improvement.
• Usage and Analytics Data: Retained in identifiable form for up to 24 months, after which it is anonymised or deleted.
• AI Conversation Logs: Retained for up to 12 months to improve service quality, unless you delete them sooner.

11. Data Security

We implement industry-standard security measures to protect your personal data:

• All data is transmitted over encrypted connections (TLS 1.2 or higher)
• Sensitive data is encrypted at rest using AES-256 encryption
• Access controls and authentication mechanisms limit data access to authorised personnel
• Regular security audits and vulnerability assessments are conducted
• Secure coding practices and code review processes are followed throughout development
• Incident response procedures are in place for potential data breaches

While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

12. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal data.
• Right to Erasure: Request deletion of your personal data, subject to certain legal exceptions.
• Right to Restriction: Request restriction of processing of your personal data in certain circumstances.
• Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format.
• Right to Object: Object to processing of your personal data for certain purposes, including direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where we rely on consent as the legal basis for processing.

To exercise any of these rights, please contact us at contact@seedflowhk.com. We will respond to your request within 30 days.

13. Children's Privacy

Our Service is intended for adults (expectant and new parents) and is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at contact@seedflowhk.com.

14. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including Hong Kong, where our servers and offices are located. These countries may have data protection laws that differ from those in your jurisdiction.

Where we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or other legally recognised transfer mechanisms.

15. Apple App Store Disclosures

In accordance with Apple's App Store requirements, we disclose the following:

• Data Used to Track You: We do not use your data to track you across apps and websites owned by other companies.
• Data Linked to You: Account information (name, email), health and fitness data (pregnancy tracking data), usage data, and diagnostics may be linked to your identity.
• Data Not Linked to You: Crash data and performance analytics are collected in anonymised form and are not linked to your identity.

BabyBerry complies with Apple's App Tracking Transparency framework. We will request your permission before tracking your activity across other companies' apps and websites.

16. Google Play Store Disclosures

In accordance with Google Play's Data Safety requirements:

• We collect personal information (name, email), health data, and app usage data as described in Section 2
• Data is encrypted in transit
• You can request that your data be deleted by contacting us or through the in-app account deletion feature
• We do not share your data with third parties for advertising purposes

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this policy
• Notify you via in-app notification or email
• Where required by law, obtain your consent before applying significant changes

We encourage you to review this policy periodically to stay informed about how we protect your information.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Seedflow Limited (原粒躍動有限公司)
RM 102, 1/F The Cloud, 111 Tung Chau St, Tai Kok Tsui, Hong Kong
Email: contact@seedflowhk.com

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction, such as the Office of the Privacy Commissioner for Personal Data in Hong Kong.