Honey Bun

Privacy Policy

Last updated: May 13, 2026

Honey Bun is a baby-care tracker that helps caregivers log feedings, diaper changes, and medicine doses. We built it to be useful at 3 AM with one hand free, and we treat your data the same way we'd want ours treated. This policy explains exactly what we collect, why, where it lives, and how to get rid of it.

What we collect

  • Account information. When you sign in with Apple or Google, we receive your email address and a unique user identifier from that provider. We do not receive your password.
  • Baby details you enter. Your baby's name and feeding-window preferences you configure in Settings.
  • Care logs you create. Feeding sessions (bottle volumes, nursing durations), diaper changes, and medicine doses, with timestamps.
  • Conversations with the AI assistant. The text and voice messages you exchange with the in-app assistant, plus a summary of your recent care logs that the assistant uses to answer questions.
  • Device push tokens. An anonymous identifier provided by Apple Push Notification Service so we can send you feeding reminders and missed-window alerts. We do not see your phone number.
  • Alexa linking metadata. If you choose to link Honey Bun with Amazon Alexa, a short-lived pairing code and your linked status are stored.

We do not collect: your location, your contacts, your photos, advertising identifiers, analytics tracking across other apps, or any data we don't actively need for the features above.

How we use it

  • To show you your own care logs and the history view.
  • To sync your data across the devices signed into your account (your phone, your partner's phone) in real time.
  • To send reminders, missed-feeding alerts, and Live Activity updates on your Lock Screen.
  • To answer questions you ask the AI assistant, grounded in your real care logs.
  • To process voice utterances if you use Alexa to log entries.

We do not use your data for advertising. We do not sell, rent, or share your data with marketers. We do not train AI models on your data.

Where it's stored

All of your data lives in Google Firebase (Firestore database, Firebase Authentication, Firebase Cloud Messaging) on servers operated by Google Cloud in the United States. Access is scoped to your authenticated account — other Honey Bun users cannot see your data, and our database security rules enforce this server-side.

Third parties we share with

Honey Bun relies on a small number of service providers to function. We only share the minimum data each needs:

  • Google Firebase — hosts your account, your care logs, and the messages that deliver notifications. Firebase privacy.
  • Google Sign-In and Apple Sign In — used to authenticate you. Only the email and user ID returned by these providers is stored on our side.
  • OpenAI — when you use the AI assistant or voice features, your message text (or a transcript of your voice) and a summary of your recent care logs are sent to OpenAI to generate a response. OpenAI does not train on this data per our API agreement. OpenAI privacy.
  • Amazon Alexa — if you link Alexa, basic pairing metadata is exchanged with Amazon's Alexa platform so voice commands can reach your account. Amazon Alexa privacy.

Your rights and choices

  • Access. Everything we store about you appears in the app. Open Settings or History to see your logs and preferences.
  • Correction. Edit any care log, baby name, or preference from inside the app.
  • Deletion. Open the app → Settings → Delete Account. This permanently removes your account, every care log, your preferences, your device tokens, and your AI conversation history. The action is immediate and cannot be undone. You may also email us at the address below to request manual deletion.
  • Export. Request a copy of your data by emailing us at the address below; we will provide a JSON export within 30 days.

Children

Honey Bun is designed to be used by adults (parents and caregivers) to record information about a child. The app is not directed at children, and children are not the users. We do not knowingly collect information directly from anyone under 13. If you believe a child has signed up for an account, contact us and we will delete it.

Data retention

We keep your data for as long as your account is active. Deleting your account through the in-app flow removes all associated data immediately. Server backups roll off within 30 days.

Security

Data is transmitted over HTTPS and stored encrypted at rest by Google Cloud. Access is gated by your account credentials and verified server-side on every request. We do not store passwords ourselves; authentication is handled by Apple, Google, and Firebase Authentication.

Changes to this policy

If we change anything material about how Honey Bun handles your data, we will update this page and adjust the "Last updated" date at the top. For significant changes, we will also notify you in the app the next time you open it.

Contact

Questions, deletion requests, or anything else: tplisk@gmail.com.