Privacy Policy

Effective Date: 8 August 2025

Famnest is owned and operated by Stair Path AB (org.nr: 559393-4887), registered at Trappstigen 21, 13337 Saltsjöbaden, Sweden (“we,” “us,” “our”).

We are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Swedish data protection laws.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the Famnest mobile application, web platform, and related services (collectively, the “Platform”).

1. Data Controller

For the purposes of GDPR, Stair Path AB is the data controller for all personal data processed via Famnest, unless stated otherwise.

Contact Details:

2. What Data We Collect

We may collect the following types of personal data when you use Famnest:

a) Account Information

  • Name, email address, phone number, and password
  • Payment details (if using paid services)

b) Family & Child-Related Information

  • Medical information (e.g., allergies, prescriptions)
  • Custody schedules
  • Emergency contact details
  • Dietary requirements

c) Platform Usage Data

  • Calendar entries, notes, messages
  • Shared documents and files
  • Activity logs and settings

d) Technical Data

  • Device type, operating system, browser type
  • IP address and log data for security purposes

3. Special Category Data

Because Famnest is designed to manage family-related information, you may choose to store special category data (such as health information). Under GDPR, we will only process this data with your explicit consent and solely for the purposes of providing our services.

You are responsible for ensuring you have legal authority to share this information (e.g., as a parent or guardian for children’s data).

4. How We Use Your Data

We process your data for the following purposes:

  • To provide and maintain the Platform
  • To store and manage shared family information
  • To facilitate communication between approved users
  • To process payments and manage subscriptions
  • To ensure Platform security and prevent fraud
  • To comply with legal obligations

We do not sell, rent, or trade your data to third parties.

5. Lawful Basis for Processing

We process personal data under GDPR on the following lawful bases:

  • Consent: For storing and processing health or child-related data
  • Contract: To provide services you have requested
  • Legal Obligation: To comply with applicable laws
  • Legitimate Interest: To maintain and improve our services

6. Data Storage and Security

  • All data is stored on secure servers located within the EU.
  • We use end-to-end encryption for data in transit and strong encryption for data at rest.
  • Internal access to data is strictly controlled under a least privilege policy.
  • We maintain technical and organisational measures to prevent data breaches. In the event of a breach, we will notify affected users and authorities within 72 hours, as required by GDPR.

7. Data Sharing

We may share data with:

  • Approved Users: Other family members or guardians you grant access to
  • Service Providers: GDPR-compliant third parties that host or process data on our behalf (under strict Data Processing Agreements)
  • Legal Authorities: Where required by law, court order, or to protect vital interests

We do not allow partners or third parties to use your data for AI training or marketing without your consent.

8. Children’s Privacy

  • Children cannot create standalone accounts.
  • All child-related data must be added and managed by a parent or legal guardian.
  • We will not knowingly collect data from children without guardian involvement.

9. Data Retention

We keep your personal data only as long as necessary:

  • Active accounts: for the duration of your subscription
  • After account closure: up to 6 months to allow recovery if requested
  • Certain legal or financial records may be retained longer if required by law

You may request deletion of your account and all associated data at any time.

10. Your GDPR Rights

You have the right to:

  • Access your data
  • Rectify inaccurate data
  • Request erasure (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

To exercise these rights, contact us at hello@famnest.com.

11. International Transfers

Famnest operates entirely on EU-based servers. We do not transfer personal data outside the European Economic Area (EEA) unless adequate safeguards are in place.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any material changes will be communicated via the Platform or email. Continued use after changes indicates acceptance.

13. Contact Us

If you have questions about this Privacy Policy or your data rights:

Stair Path AB
Org.nr: 559393-4887
Trappstigen 21, 13337 Saltsjöbaden, Sweden
Email: hello@famnest.com

hello@getfamnest.com

Privacy Policy
Terms & Conditions
© All rights reserved.