Privacy Policy

Effective Date: May 16, 2026

CMO ("Chief Mom Officer", "we", "us", or "our") is a family management mobile application operated by Chief Mom Officer LLC, an Oklahoma limited liability company. This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

We collect the following types of information when you use CMO:

• Account Information: Email address and password when you create an account.
• Family Profile Data: Family member names, roles, children's names and birthdays, pet information, and family invite codes.
• App Content: Calendar events, to-do lists, meal plans, recipes, grocery lists, and related notes you create within the app.
• Location Data: Approximate location (GPS coordinates) used solely to provide local weather information. We do not store, log, or track your location history.
• Device Information: Device type and operating system for app compatibility and biometric authentication preferences (Face ID / fingerprint). We do not store biometric data — authentication is handled entirely by your device's secure enclave.
• Email Data (Optional — Package Tracking, Outlook only): If you choose to connect your Microsoft Outlook account for automatic package tracking, we access only shipping confirmation and delivery notification emails. We extract tracking numbers, carrier names, store names, and expected delivery dates from these emails. We do not read, store, access, or process any personal, private, or non-shipping-related emails. Email access is read-only, and you can disconnect your email account at any time. Note: Gmail accounts are used for calendar sync only — CMO does not request or use Gmail mailbox access.

2. How We Use Your Information

We use the information we collect to:

• Provide and maintain the CMO app and its features
• Sync your family data across devices and family members
• Display local weather information based on your location
• Enable calendar synchronization with your device calendar (with your permission)
• Automatically detect and track incoming packages from your shipping confirmation emails (with your explicit permission)
• Send you reminders and notifications you have opted into
• Improve and develop the app

3. Data Sharing

We do not sell, rent, trade, or share your personal information with third parties for marketing or advertising purposes. Your data is shared only in the following limited circumstances:

• Within Your Family: Data you create (events, meals, tasks, grocery lists) is shared with other members of your family group who join using your invite code.
• Service Providers: We use trusted infrastructure providers to host and operate the app. These providers are contractually obligated to protect your data.
• Legal Requirements: We may disclose information if required to do so by law or in response to valid legal process.

4. Data Storage and Security

Your data is stored on secure servers. We use industry-standard security measures including encrypted connections (HTTPS/TLS) and secure password hashing to protect your information. While no system is 100% secure, we take reasonable steps to protect your data from unauthorized access, alteration, or destruction.

5. Your Rights and Choices

You have the following rights regarding your data:

• Access and Portability: You can view all your data within the app at any time.
• Correction: You can edit your profile, family information, and all app content directly.
• Deletion: You can delete your account and all associated data directly in the app at any time: open CMO → Settings → Account → Delete Account. The deletion is processed immediately. If you cannot access the app for any reason, you can also email us at support@chiefmomofficer.app and we will process the deletion request within 30 days. If you are the family owner, deleting your account also deletes the family and all family-shared data. If you are a non-owner family member, your private data is deleted and you are removed from the family; shared family content the rest of the family contributed to is preserved.
• Notifications: You can enable or disable notifications in the app Settings at any time.
• Location: You can revoke location access at any time through your device settings. The app will continue to work without weather features.
• Email Disconnection: You can disconnect any connected Outlook or Google account at any time from the Connect Email screen. Disconnecting an Outlook account immediately stops all email scanning. Disconnecting a Google account immediately stops calendar syncing.
• Synced Package Data Deletion: You can delete all package data that was automatically detected from your emails at any time from the Connect Email screen. This permanently removes all synced shipping and delivery records.

6. Children's Privacy

CMO is intended for use by parents and guardians to manage family information. The app is not directed at children under 13. Children's information (names, birthdays, milestones) is entered and managed by the parent or guardian account holder. We do not knowingly collect information directly from children.

7. Third-Party Services

CMO may interact with the following services with your explicit permission:

• Device Calendar: To sync events with your phone's calendar app.
• Device Biometrics: For optional Face ID or fingerprint login. Biometric data never leaves your device.
• Email Delivery: All email CMO sends to you — transactional family-activity notifications, optional weekly digest, and account/security mail (password resets, family invites you send) — is delivered via a third-party email service provider (Resend). The email service receives your email address and the message content in order to deliver mail to you, and is contractually bound to use this information only for that purpose. See Section 9 for the full email categories and how to opt out.
• Google (Calendar Sync Only): If you connect your Google account, CMO uses Google's OAuth 2.0 to request read-only access to your Google Calendar and basic profile information (email address, name). CMO does NOT request, receive, or use access to your Gmail mailbox, contacts, drafts, sent mail, or any other Google service data. You can revoke access at any time from within the app or from your Google Account permissions page (https://myaccount.google.com/permissions).
• Microsoft Outlook: If you connect your Microsoft account, CMO uses Microsoft's OAuth 2.0 to request the following scopes from you during initial authorization: (a) `Mail.Read` — read-only access to your Outlook inbox, used solely to detect shipping confirmation and delivery notification emails (the same shipping-only scanning policy described above applies; no other emails are read or stored); (b) `Calendars.Read` — read-only access to your Outlook calendar, used to show your work or personal calendar events alongside your family calendar; (c) `User.Read` plus the standard OpenID Connect scopes (`openid`, `profile`, `email`) — used at connection time to retrieve your Microsoft account's name and email address so CMO can label the connected account in your settings and confirm which mailbox is connected. CMO does not write to, send, or modify any data in your Microsoft account. You can revoke access at any time from within the app or from your Microsoft Account permissions page (https://account.live.com/consent/Manage).

We do not integrate with any third-party analytics, advertising, or tracking services.

8. AI-Powered Features

CMO uses OpenAI (via Replit's AI Integrations proxy) to power features including recipe parsing, recipe-from-photo import, grocery list parsing, task parsing, and meal suggestions. When you use one of these features, the text or image you provide is sent to OpenAI's API. This may include names of family members (for example, if you type "remind Sarah to buy milk" into the task parser), photos of printed recipes you choose to import, and any free text you type into an AI-powered field. Per OpenAI's API data usage policy, API submissions are not used to train OpenAI's generally available models, and are retained by OpenAI only briefly for abuse-monitoring purposes. CMO never sends your password, payment information, location, calendar events, or full email body content to OpenAI. You can avoid sending any data to OpenAI by not using AI-powered features.

9. Email Communications

CMO sends three categories of email: (a) Transactional family activity — notifications such as task assignments and meal approvals; on by default and controllable from Settings → Notifications via the "Email me about family activity" toggle. (b) Weekly digest — an optional Sunday summary of your family's upcoming week; off by default and controllable from Settings → Notifications via the "Weekly Email Summary" toggle. Every weekly digest includes a one-click unsubscribe link. (c) Account and security — password resets, family invites you explicitly send, and similar emails triggered by your own action in the app. These are always sent because they're required to operate your account, and there is no opt-out.

10. Google User Data

CMO's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, with respect to data accessed through Google APIs (your Google Calendar events and basic Google profile information):

• No advertising use. We do not use Google user data for advertising purposes, and we do not allow third parties to do so.
• No AI/ML training. We do not use Google user data to develop, improve, or train generalized or non-personalized artificial intelligence or machine learning models. Google user data is used only to provide and improve the calendar sync feature you have explicitly enabled within CMO.
• No human access. Humans at Chief Mom Officer LLC do not read your Google user data, except (a) with your explicit consent — for example, to troubleshoot a support request you have raised, (b) for security purposes such as investigating abuse, or (c) where required by applicable law.
• No transfer or sale. We do not sell, rent, or transfer your Google user data to any third party. It is used solely to deliver the calendar synchronization feature within CMO.
• Minimal scope. We request only the `https://www.googleapis.com/auth/calendar.readonly` scope (read-only Calendar access) and basic profile information (email address and name). We do not request access to Gmail, Drive, Contacts, or any other Google service.

You may revoke CMO's access to your Google data at any time from within the CMO app's Connect Email screen, or from your Google Account permissions page.

11. Data Retention

We retain your data for as long as your account is active. If you delete your account through the in-app Delete Account option (Settings → Account → Delete Account), your data is removed from our servers immediately. If you submit a deletion request by email, we process it within 30 days. In either case, some data may be temporarily retained in our database service provider's automated backups, which roll over on the provider's standard schedule.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or via email. Your continued use of CMO after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or your data, please contact us at:

Chief Mom Officer LLC
1103 W. 86th Pl. S.
Tulsa, OK 74132
United States

Email: support@chiefmomofficer.app