Effective date: June 4, 2026 Last updated: July 8, 2026
247mom is a personal AI assistant for parents and caregivers, operated by BATOOM LLC (“we”, “us”, “247mom”). This policy explains what data we collect when you use the 247mom mobile app and web demo, why we collect it, how we use and share it, how long we keep it, and what choices you have.
Contact: arnav@247mom.ai
Mailing address:
BATOOM LLC 8 The Green, Suite B Dover, DE 19901
This policy covers your use of the 247mom mobile app (iOS, Android) and the 247mom web app. It does not cover third-party services you choose to connect (Google, your school’s Canvas/LMS, Instacart, your Crossmint wallet, and health/fitness sources you connect — Apple Health, Oura, WHOOP) — those services have their own privacy policies, which we link to under “Sub-processors” below.
We collect data from three sources: (1) what you tell us when you sign up and onboard, (2) what flows in from third-party services you choose to connect, and (3) what’s generated as you use the app. Each category is listed below with what it contains and where it comes from.
When you create a 247mom account we receive from Clerk: your email address, your name (from Google profile if you sign in with Google, or as you type it), your Clerk user ID, and authentication state (sign-in events, session tokens). We do not receive your Google password.
During onboarding and in Settings you can provide: your name, mailing/shipping address, household composition (spouse/partner name and food preferences if you choose to add a partner), and information about your children (names, ages, sizes, allergies, food preferences, school information). You provide this data on behalf of your household members; see “Children’s data” below.
If you connect Google in Settings, we request the following OAuth scopes. Each is requested only to power a specific user-facing feature:
| Scope | What we read/write | Feature this powers |
|---|---|---|
gmail.modify |
Read messages and bodies; create drafts; send replies you’ve approved; add/remove labels; archive — all on your own mailbox. We do not permanently delete mail. | Background email pipeline that extracts events, school notices, and reminders for the Today tab/Morning Brief; agent read, draft, approved-send, label, and archive in chat |
calendar.events |
Read, create, update, and delete events on your primary calendar | Today tab, Morning Brief, agent-created calendar events, school-extracted events |
userinfo.email |
Your connected Google account’s email address (and account identifier) | Show which Google account is connected in Settings |
We request a single Gmail scope, gmail.modify, which covers all of the above. We do not request full-mailbox access (https://mail.google.com/) or any scope that permanently deletes mail. We do not request access to Google Drive, Contacts, YouTube, Photos, Search history, or any other Google product, and we do not request the userinfo.profile scope (we never read your Google profile name, picture, or other profile fields).
If you connect Canvas or another supported LMS provider for a specific child, we receive: course list, assignment titles, due dates, and grades for that child. This is minor data — see “Children’s data” below.
As you use 247mom, we generate and store:
gmail_audit) or Google Calendar (calendar_audit)When you enable push notifications: your Expo push token and the timezone reported by your device (used to deliver the 7am Morning Brief in your local time).
When you make a purchase through 247mom we receive and store: the order details, the merchant (Crossmint, Instacart, etc.), the status, and a record of the transaction. Stablecoin payment records (USDC-on-blockchain transactions handled by Crossmint) include on-chain transaction identifiers. We do not receive or store your credit-card number, bank-account details, or wallet private keys.
If you connect a health or fitness source in Settings, we read the metrics you authorize — steps and activity, sleep, heart rate and heart-rate variability, and workouts. On iOS this uses Apple HealthKit and is read on-device only after you grant permission for each category in Apple’s system Health prompt; Oura and WHOOP data is read from their APIs using a token you authorize. We use this data solely to show your in-app health trends and to personalize your daily brief. We never use health or fitness data for advertising, and we never share it with third parties for marketing. You can disconnect any source at any time in Settings, and this data is deleted when you disconnect the source or delete your account.
We use your data only to provide and improve user-facing features that are prominent in the 247mom app. We do not sell your data. We do not use it for advertising. We do not transfer it to third parties for any purpose other than operating the service or as required by law.
| Category | Used for |
|---|---|
| Account data | Authentication, account management, communication about the service |
| Onboarding/household | Personalizing the agent’s responses; surfacing kid-relevant content |
| Google (Gmail/Calendar) | Email triage, event extraction, reply drafting, calendar reads/writes — all visible features |
| Canvas/LMS | Showing upcoming assignments and grades to the parent |
| Chat & memory | Continuing prior conversations; recalling facts you’ve shared |
| Audit logs | Showing you what the agent did; debugging; security investigations |
| Usage events | Internal cost accounting (no external sharing) |
| Push token | Delivering Morning Brief and other notifications you’ve opted into |
| Financial | Order tracking, transaction history, refund/dispute handling |
| Health & fitness (Apple Health / Oura / WHOOP) | In-app health trends dashboard and personalizing your daily brief — never advertising, never shared for marketing |
| Content reports | Reviewing and acting on messages you flag as objectionable |
Our handling of data obtained from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements reproduced verbatim below:
Limited Use: Your use of data obtained via the product’s specified scopes must comply with the below requirements. These requirements apply to the raw data obtained from the scopes and data aggregated, anonymized, or derived from them.
- Limit your use of data to providing or improving user-facing features that are prominent in the requesting application’s user interface;
- Transfers of data are not allowed, except:
- To provide or improve your appropriate access or user-facing features that are visible and prominent in the requesting application’s user interface and only with the user’s consent;
- For security purposes (for example, investigating abuse);
- To comply with applicable laws; or,
- As part of a merger, acquisition, or sale of assets of the developer after obtaining explicit prior consent from the user.
- Don’t allow humans to read the data, unless:
- You first obtained the user’s affirmative agreement to view specific messages, files, or other data, with the limited exception of use cases approved by Google under additional terms applicable to the Nest Device Access program;
- It is necessary for security purposes (for example, investigating a bug or abuse);
- It is necessary to comply with applicable law; or
- The data (including derivations) is aggregated and used for internal operations in accordance with applicable privacy and other jurisdictional legal requirements.
All other transfers, uses, or sales of user data are prohibited, including:
- Transferring or selling user data to third parties like advertising platforms, data brokers, or any information resellers.
- Transferring, selling, or using user data for serving ads, including retargeting, personalized or interest-based advertising.
- Transferring, selling, or using user data to determine credit-worthiness or for lending purposes.
You must ensure that your employees, agents, contractors, and successors comply with this Google API Services User Data Policy.
We rely on the following sub-processors to operate the service. Each receives only the categories of data necessary for its function.
| Sub-processor | What it receives | Privacy policy |
|---|---|---|
| Clerk (authentication) | Email, name, sign-in events | https://clerk.com/legal/privacy |
| Supabase (database hosting, us-east-1 — North Virginia) | All non-secret app data (users, kids, messages, events, etc.) | https://supabase.com/privacy |
| Hostinger (application server hosting, Boston, United States) | Runs our API and all per-user OpenClaw containers. Receives encrypted data-at-rest within the server filesystem. | https://www.hostinger.com/privacy-policy |
| OpenClaw (per-user agent runtime) | Your in-app chat content, agent memory; runs in your dedicated container on our Hostinger VPS. | Self-hosted on our own infrastructure (covered by Hostinger above; no separate third party) |
| Anthropic (Claude LLM inference) | The text we send to the model: system prompt with relevant context (chat, email-extracted facts, etc.) + your latest message | https://www.anthropic.com/legal/privacy |
| Google (Gmail, Calendar, OAuth) | API requests authorized by your OAuth grant; outbound emails you’ve approved | https://policies.google.com/privacy |
| Canvas / LMS provider (educational data source) | Read-only API calls using the personal access token you provided | Varies by provider — refer to your school’s or LMS provider’s privacy policy |
| Instacart (grocery fulfillment) | We hand off a shopping list URL; you transact with Instacart directly via their WebView | https://www.instacart.com/help/section/360007902791 |
| Crossmint (stablecoin payment processing) | Wallet identifier and transaction parameters for purchases you approve | https://www.crossmint.com/privacy |
| Oura (health & fitness data source, if you connect it) | Sleep, heart-rate/HRV, and activity metrics via the Oura API, using the token you authorize | https://ouraring.com/privacy-policy |
| WHOOP (health & fitness data source, if you connect it) | Recovery, sleep, and activity metrics via the WHOOP API, using the token you authorize | https://www.whoop.com/privacy/ |
| Sentry (error monitoring) | Server-side error reports with PII scrubbed (email/token bodies, message contents) | https://sentry.io/privacy/ |
| Expo (push notifications, app distribution) | Your Expo push token; push payload contents at send time | https://expo.dev/privacy |
We keep different categories of data for different periods. The specific windows are being finalized; until then, this section lists the categories that will have a defined retention window in the published policy.
| Category | Retention |
|---|---|
| Account data | Until you delete your account |
| Chat messages | Retained until you delete your account |
| Email classifications and skip patterns | 90 days |
| Sender memory and sender trust | Until you delete your account |
| Email drafts | 7 days (auto-expired by expireDraftsJob; retention cron backstops at 90 days for stragglers) |
Gmail audit log (gmail_audit) |
Retained for 90 days |
Calendar audit log (calendar_audit) |
Retained for 90 days |
| Events, orders | Events retained until you delete your account, or 2 years past the event date — whichever comes first. Orders retained for 2 years. |
| Pantry inventory and shopping history | Until you delete your account |
| Morning briefs and proactive notes | 90 days |
| Health information you enter manually (children’s allergies, household dietary preferences) | Retained until you delete your account or remove the record |
| Connected health & fitness metrics (Apple Health / Oura / WHOOP) | Until you disconnect the source or delete your account |
| Content reports | Until you delete your account |
| Google, LMS, Oura, WHOOP access tokens | Until you disconnect or delete your account |
| Usage events (model/cost telemetry) | Retained for 12 months |
When you delete your account, all of the above categories are removed from our systems within the deletion cascade described under “Your rights” below.
Retention exception for data export requests: If you have requested a data export within the past 30 days, automated retention deletion is paused for your account until that window closes. This ensures the data we provide in your export matches what we held at the time of your request. Account deletion (which removes all your data immediately) is not affected by this exception.
You have the right to:
docs/p07-verification.md for the verified scope of deletion.When you sign up we record explicit, versioned grants for each of the following. The version is captured alongside the grant so that if the underlying document changes we will re-prompt you for a fresh acknowledgement of the updated version:
These records persist in user_consents while your account is active and are included in any data export you request.
The 247mom app is designed for and directed to adult parents and caregivers, not children. We do not knowingly collect personal information directly from children under 13. Information about children (names, ages, school data via LMS, schedules) is provided by the account-holding parent or caregiver, who represents that they have legal authority to provide this information. If we learn that we have collected personal information from a child under 13 without verifiable parental consent, we will delete that information. Parents can review, request deletion of, or refuse further collection of their children’s information at any time via the in-app account deletion flow or by contacting arnav@247mom.ai.
247mom collects health-related information from two sources, both only with your involvement: (1) information you enter yourself during onboarding or in Settings — your children’s allergies and your household’s dietary preferences — which we use to filter agent suggestions (meals, shopping lists, recipes) so they respect your family’s safety constraints; and (2) health and fitness metrics from a source you explicitly connect — Apple Health, Oura, or WHOOP — as described under “Connected health & fitness data” above (steps and activity, sleep, heart rate and heart-rate variability, and workouts), which we use to show your in-app health trends and personalize your daily brief.
247mom is not a medical device. Nothing the agent says about your or your family’s health constitutes a medical diagnosis or medical advice. We are not a HIPAA-covered entity; the health, fitness, dietary, and allergy data you choose to share with us is consumer health information, not Protected Health Information under HIPAA in this context. All of it is encrypted in transit (TLS) and at rest (Supabase managed storage), is never used for advertising and never shared with third parties for marketing, and is removed when you disconnect the source, delete the corresponding record (e.g., a child profile), or delete your account.
Your data is stored and processed in the United States. Our database is hosted on Supabase in the us-east-1 region (North Virginia). Our application servers are hosted on Hostinger in Boston, United States. At this time we do not transfer or process user data outside the United States. If we add infrastructure in other regions in the future, we will update this policy and notify users in advance.
California residents have additional rights including the right to know what personal information we collect, the right to delete, the right to correct, the right to opt out of sale or sharing (we do not sell or share personal information for cross-context behavioral advertising), and the right to non-discrimination. Exercise these rights via arnav@247mom.ai or the in-app account deletion flow.
The Apple Health, Oura, and WHOOP integrations described above are now available; you are asked to grant explicit consent (and, on iOS, per-category Apple Health permission) before any health or fitness data is collected from these sources. If we add further data integrations in the future, we will update this Privacy Policy with the applicable data categories, retention windows, and sub-processor handling before that integration ships.
We may update this policy from time to time. When we do, we will update the “Last updated” date at the top and, for material changes, notify you via the app and/or by email at the address on file. The current version of this policy is always available at https://batoom-legal.netlify.app/privacy-policy/. Prior versions are available on request at arnav@247mom.ai.
For privacy questions, data requests, or to report a concern:
arnav@247mom.ai
BATOOM LLC 8 The Green, Suite B Dover, DE 19901