BrightKin
Download

Privacy Policy

This Privacy Policy explains how BrightKin handles information across the public website, support interactions, and the BrightKin iOS app.

Last updated: March 13, 2026

BrightKin is designed to help families keep vaccine records, reminders, and proof organized in a more private and practical way. This policy is written to support current App Store expectations, GDPR-style transparency, California and other U.S. state privacy rights, and similar global privacy principles. It is meant to be clear and specific, not vague marketing copy.

Who this policy applies to

This policy applies when you:

  • visit the BrightKin marketing website;
  • download or use the BrightKin iOS app;
  • contact us for support, privacy, billing, or legal questions; or
  • interact with App Store, iCloud, or subscription features connected to BrightKin.

When this policy says "BrightKin," "we," "us," or "our," it refers to the developer and operator of the BrightKin service. You can contact us at support@multum.io.

Important privacy summary

  • We do not require a separate BrightKin account just to use the app.
  • Family record data is intended to stay under your control on your device and, if enabled, in private iCloud sync.
  • We do not sell personal information or health-related data.
  • We do not use the health information you store in BrightKin for third-party advertising.
  • The website may use limited analytics and security logs so we can understand page performance, improve the site, and prevent abuse.
  • If you purchase premium features, Apple and our subscription service providers may process transaction and entitlement data needed to manage billing and restore purchases.

Information we process

1. Information you choose to store in the app

Depending on how you use BrightKin, this may include:

  • profile details such as first name, last name, date of birth, and country of origin;
  • family vaccination records such as vaccine name, date, provider, manufacturer, batch number, dose details, and notes;
  • reminders, reminder messages, schedule details, and local notification preferences;
  • images or document attachments you import or scan for your records;
  • travel planning details such as destination country codes and planned or visited travel dates; and
  • exported proof and PDF records generated from the information you enter.

2. Information related to device features you choose to use

If you enable certain features, the app may request access to:

  • your camera or photo library so you can scan or import record images;
  • notifications so reminders can be scheduled on your device; and
  • iCloud so data can sync privately across your Apple devices.

3. Website and technical information

When you browse the website, we may process limited technical and usage information such as:

  • pages viewed, referring pages, timestamps, approximate device or browser data, and link clicks;
  • security and server logs used to keep the website reliable and defend against misuse; and
  • analytics or measurement information from privacy-focused tools we configure for the site, including Cloudflare Web Analytics and similar page-performance or call-to-action event measurement tools.

4. Support, billing, and communications information

If you contact us or use premium features, we may process:

  • your email address and the contents of your support or privacy request;
  • device, app version, or troubleshooting information you send us;
  • limited purchase, subscription, or entitlement status information needed to handle billing support or restore access; and
  • records showing how we handled your request or dispute.

5. Information we do not intentionally collect for advertising

We do not intentionally collect the health data you store in the app in order to build advertising profiles, sell data, or run cross-context behavioral advertising.

How we use information

We use information only for legitimate product, support, and compliance purposes, including to:

  • provide the website and app features you ask us to provide;
  • store, sync, display, export, and secure records you choose to manage in BrightKin;
  • process subscription status, restore purchases, and support premium access;
  • respond to support, legal, privacy, and security questions;
  • monitor site performance, improve usability, and understand which pages or calls to action are effective;
  • detect abuse, fraud, bugs, and security incidents;
  • comply with legal obligations and enforce our terms; and
  • protect the rights, safety, and security of users, families, and our service.

Our legal bases for processing

If GDPR, UK GDPR, Swiss data protection law, or similar laws apply, we rely on one or more of the following legal bases:

  • performance of a contract or pre-contract steps when we provide the app, website, exports, support, or purchase-related features you request;
  • our legitimate interests in operating, securing, improving, and supporting BrightKin in a balanced and proportionate way;
  • your consent where the law requires consent, including where you choose to enable optional permissions or where special-category health data rules apply;
  • compliance with legal obligations; and
  • protection of vital interests or legal claims where applicable.

Where vaccine or family health information is treated as sensitive or special-category data under applicable law, we process that information because you choose to enter, import, sync, or export it in order to use the app, and we rely on your explicit consent or another legally valid basis where required.

How app storage and sync work

BrightKin is designed so much of your record data stays under your control. Data you enter is stored locally on your device and, if sync is enabled, may also be stored through Apple iCloud private sync associated with your Apple account. Apple processes iCloud, App Store, and Apple account information under Apple's own terms and privacy notices.

The app currently does not require a separate BrightKin username and password to create family records. If you use shared devices, device-level protections, app lock, and your own Apple account settings matter.

How purchases and subscription data work

If you buy or restore premium features, Apple processes payment information through the App Store. We may also receive limited subscription and entitlement information from Apple and our subscription service providers so the app can unlock premium features, verify status, and help with restore-purchase flows. We do not receive your full card number from Apple.

How we share information

We share information only when needed to run the service, comply with law, or protect rights and security.

Depending on how you use BrightKin, recipients may include:

  • Apple, for App Store distribution, iCloud sync, and device-level services you choose to use;
  • service providers that host website infrastructure, analytics, email, customer support, or subscription operations for us;
  • professional advisers, auditors, insurers, or authorities where necessary for legal compliance or claims; and
  • a buyer, investor, or successor if we are involved in a merger, acquisition, financing, or asset sale, subject to appropriate protections.

We do not sell personal information. We do not sell or share health-related data for targeted advertising.

International transfers

BrightKin and some of our providers may process information in countries other than your own. When applicable privacy laws restrict international transfers, we use recognized safeguards such as contractual protections, adequacy decisions, or equivalent lawful transfer mechanisms.

How long we keep information

We keep information only for as long as reasonably needed for the purpose it was collected or as required by law.

  • Website logs and analytics are kept for the period needed for security, troubleshooting, trend analysis, and service improvement.
  • Support and privacy request records are kept for as long as needed to respond, document our handling, and comply with legal obligations.
  • Subscription, billing-support, and compliance records may be kept longer where tax, accounting, fraud-prevention, or legal obligations require it.
  • App content that you create is generally kept until you delete it, remove the app data from your device or iCloud storage, or otherwise stop using the feature that stores it, subject to Apple's sync and backup timing.

Security

We use administrative, technical, and organizational safeguards appropriate to the nature of the information we process. These measures are designed to support confidentiality, integrity, availability, least-privilege access, and secure transmission where applicable. No system can promise absolute security, so you should also use device passcodes, current operating system updates, and appropriate Apple account security settings.

If applicable law requires notice of a data breach affecting your information, we will provide notice consistent with that law.

Your privacy choices and rights

This section is intended to be usable both as a general privacy-rights notice and, if needed, as a public privacy-choices page for App Store disclosures.

Subject to your location and applicable law, you may have the right to:

  • know whether we process your personal information and receive access to it;
  • receive a copy of information in a portable format where required;
  • correct inaccurate information;
  • delete information we control, subject to lawful exceptions;
  • restrict or object to certain processing;
  • withdraw consent where we rely on consent;
  • opt out of sale, sharing, targeted advertising, or certain profiling where applicable; and
  • appeal a denial of your request where local law provides an appeal right.

To exercise these rights, email support@multum.io and tell us:

  • which right you want to exercise;
  • whether your request relates to website data, support data, or app data; and
  • enough information for us to verify your identity and authority, especially if you are acting for a child or family member.

Because much of BrightKin's record data is stored under your control on your device or in your private iCloud storage, some deletion or correction requests may be most effectively completed by editing or deleting records in the app itself and by managing your Apple device or iCloud settings.

We will respond within the timeframe required by law. In many cases that is up to 30 days for GDPR-style requests and up to 45 days for applicable U.S. state privacy requests, subject to extensions where permitted.

Additional notices for California and other U.S. states

If you live in California or another U.S. state with a consumer privacy law, you may have additional rights to know, access, delete, correct, or appeal. BrightKin does not sell personal information, and we do not use health information stored in the app for cross-context behavioral advertising. We also do not use sensitive personal information to infer characteristics about you for advertising purposes.

If you use an authorized agent where the law permits, we may ask for proof of the agent's authority and your identity before acting on the request.

Children and family information

BrightKin is designed for parents, guardians, and other caregivers managing family records. It is not intended as a social network or advertising-supported children's app. If you enter information about a child or another family member, you are responsible for making sure you are authorized to do so.

We do not intentionally require children to publish personal information publicly in order to use BrightKin. If you believe a child's information has been handled inappropriately, contact support@multum.io.

Third-party services and separate policies

Some features depend on third parties such as Apple App Store, Apple iCloud, or subscription service providers. Those parties may act as independent controllers for data they process under their own terms and privacy notices. This policy does not replace those third-party policies.

Changes to this policy

We may update this Privacy Policy as the product, website, vendors, or legal requirements evolve. When we make a material change, we will update the date at the top of this page and, where appropriate, provide additional notice in the app or on the site.

Contact and complaints

For privacy requests, support questions, or complaints, contact support@multum.io.

If you are in the EEA, UK, or Switzerland, you may also have the right to complain to your local data protection authority or supervisory authority.