myna — Privacy Policy
Last updated: 28 April 2026 · Effective: 28 April 2026
myna is a family-coordination appliance built by Herbert Chan (Singapore). This policy explains what we collect, why, how it's used, and your rights. We follow Singapore's Personal Data Protection Act (PDPA) and apply the same standard everywhere myna ships.
Who we are
- Operator: Herbert Chan (sole developer, Singapore).
- Contact: [email protected]
- App package:
com.herbertchan.familyhub(Android),com.herbertchan.familyhub(iOS).
What we collect
| Category | Examples | Why |
|---|---|---|
| Account & profile | Name, role (parent/kid/helper/relative), avatar, gender, language, household name, optional email, optional birthday, optional Apple/Google Sign-In ID | To let family members address each other correctly and personalise Aunty's voice narration. |
| Messages & tasks | Text, voice notes, photos, video notes, calendar events, task titles, completion state | The core messaging and household-coordination features. |
| Voice transcripts | Speech-to-text transcripts of voice messages and voice announcements | So Aunty can narrate the contents aloud and translate across languages. |
| Location | Approximate device location, on kid-phone devices only, when sharing is enabled | Family map ("where is Laura now?"). Disabled by default; user-toggleable. |
| Camera & microphone | Live camera and microphone audio during calls; image captures for avatars and message photos | Voice/video calls and message attachments. We never record calls server-side. |
| Calendar (iOS) | Read access to selected iCloud calendars; optional write access to a chosen calendar | Two-way sync between myna and your iPhone calendar. Disabled by default. |
| Push tokens | Firebase Cloud Messaging tokens; APNs VoIP tokens (iOS) | To deliver call rings, message banners, and Aunty audio to your devices. |
| Diagnostic logs | App version, device model, error reports the user explicitly chooses to send | To debug issues — opt-in only; not collected automatically. |
| Subscription state | Whether the household has an active subscription, billing status from Apple/Google | To gate paid features. We do not store credit-card data — Apple and Google handle payments. |
What we do NOT collect
- We don't sell or share data with advertisers.
- We don't track you across third-party apps or websites.
- We don't record voice or video calls server-side.
- We don't read your contacts or other apps' data.
- We don't fingerprint your device for marketing.
Third-party services we rely on
myna uses these processors strictly to deliver its features. Each is bound by their own privacy terms; we share data with them only as needed to operate the app.
- Firebase (Google) — authentication, Cloud Messaging push delivery, app-build tooling.
- Agora.io — real-time voice and video for in-app calls. Calls are end-to-end on the Agora network; not stored on our servers.
- Google Cloud Speech-to-Text — transcription of voice messages.
- Google Cloud Translate — text translation for households with a non-English helper.
- Google Vertex AI / Gemini — Aunty's text rewriting and text-to-speech narration.
- ElevenLabs — sound effects for the in-app sound library.
- Apple Sign in with Apple & Google Sign-In — optional parent identity bootstrapping.
- RevenueCat — subscription receipt validation (when a paid plan is launched).
- Cloudflare — TLS termination and DDoS protection on our backend tunnel.
Google Calendar & Google API Services — Limited Use
When a parent chooses to connect their Google Calendar, myna requests the https://www.googleapis.com/auth/calendar scope to provide two-way sync between the household calendar and the parent's Google Calendar. This connection is optional, off by default, and can be disconnected at any time in myna's settings — which immediately revokes our access and stops all sync.
myna's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, data accessed through Google Calendar is:
- used only to provide and improve the calendar-sync feature the parent turned on, prominently within the app;
- never sold, and never transferred to others except to provide that feature, to comply with applicable law, or in connection with a merger or acquisition (with notice to affected users);
- never used for advertising of any kind; and
- never read by humans, unless we have your explicit consent for specific items, it is necessary for security or to comply with the law, or the data has been aggregated and anonymized for internal operations.
How long we keep data
- Messages, announcements, calendar events: household-configurable retention (default 90 days). Auto-purged after retention window.
- Voice notes & their transcripts: same retention window as messages.
- Account & household profiles: kept while the household exists. Deleted when the owning parent removes the household.
- Diagnostic logs: 30 days.
- Subscription state: kept for tax + audit reasons (typically 7 years per Singapore law).
Children's data
myna serves households that include children. We collect only the minimum needed for the app to function (display name, optional avatar, parent-administered task list, opt-in location). Children's accounts are administered by parents through the in-app Family settings. We do not show ads, do not enable behavioural profiling, and do not allow children to interact with users outside their household.
Your rights
You can:
- See or export your household's data — email [email protected] from your registered account.
- Delete the household and all associated data — same channel.
- Withdraw permissions (location, microphone, camera, calendar) any time via your device's Settings → Apps → myna → Permissions.
- Lodge a PDPA complaint with Singapore's Personal Data Protection Commission.
Security
- All network traffic uses TLS 1.2 or above (HTTPS).
- Push notification audio is signed with a short-TTL HMAC URL — only your device can fetch it.
- The myna server runs on a residential 4/5G router behind Cloudflare Tunnel; no inbound ports are exposed.
- Database is local-disk SQLite, backed up daily.
Changes to this policy
We'll update this page when we add or change data practices, and bump the "Last updated" date at the top. Material changes will be surfaced in-app the next time you open myna.
Contact
Questions, requests, complaints — email [email protected]. We aim to respond within 7 business days.