Privacy Policy

Last updated: June 9, 2026

Family Pocket (“we”, “us”, or “our”) operates the Family Pocket mobile application (the “App”). This Privacy Policy explains how we collect, use, store, and protect information when you use our App and related services.

1. Information We Collect

Account Information

When you create an account or are registered by your school, we collect your full name, email address, phone number, and national ID number. For students, we collect name, admission number, grade, and class information as provided by the school.

Location Data

The App may request foreground location access to display nearby bus stops and route information on a map. The App does not collect or broadcast your location in the background. Real-time bus positions displayed to parents are provided by the separate Family Pocket Kiosk application used by bus drivers.

NFC Scan Data

The App supports Near Field Communication (NFC) for tag assignment, provisioning student ID tags for use in the school attendance system. NFC tag data includes the tag identifier and the student it is assigned to.

Device Information

We collect a device identifier (Android device ID or iOS vendor ID) for push notification delivery and security audit purposes. This is not an advertising identifier and is not used to track you across other apps.

Crash & Diagnostic Data

To keep the App stable, we collect crash reports and basic diagnostic information (error messages, device model, operating system version, and app version) when the App encounters a problem. This helps us find and fix bugs. It is processed by our error-monitoring provider, Sentry, and is not used to identify or track you.

Biometric Data

If you enable biometric login (fingerprint or Face ID), your biometric data is processed entirely on your device by the operating system. We never receive, transmit, or store your fingerprint or facial data. We only store a flag indicating that biometric login is enabled.

Photos

If you upload a profile photo, the image is stored on our servers. We do not access your camera or photo library without your explicit action.

Payment Information

If your school uses Family Pocket for fee payments, the App lets you pay school fees via M-Pesa. When you start a payment, we collect your M-Pesa phone number and the payment amount and pass them to Safaricom to process the transaction (usually via an STK push prompt on your phone). We store a record of each transaction — amount, date, status, and the M-Pesa confirmation reference — so you and your school can see your payment history. We never see, collect, or store your M-Pesa PIN; it is entered only on Safaricom's secure prompt.

2. How We Use Your Information

  • Bus tracking: Location data enables parents to see real-time bus positions and receive proximity and arrival alerts.
  • Attendance: NFC scan data records student boarding, alighting, and gate check-in/out for safety and accountability.
  • Notifications: Device identifiers and push tokens deliver trip updates, boarding confirmations, and emergency alerts.
  • Authentication: Account details verify your identity and determine your role (parent, student, teacher, driver, or gate staff).
  • Safety & audit: Timestamped location and scan records provide a verifiable chain of custody for students during transport.
  • Fee payments: Your M-Pesa phone number and payment amount are used to process school fee payments through Safaricom and to maintain your payment history.

3. Data Storage and Security

Your data is stored on secured PostgreSQL databases hosted on DigitalOcean and Neon. Each school (tenant) has an isolated database. Your school's data is never mixed with another school's data.

Sensitive data on your device (tokens, credentials, API keys) is stored using your platform's secure storage (Android Keystore / iOS Keychain), encrypted and inaccessible to other apps.

When offline, the Apps buffer location updates and NFC scans in a local SQLite database on your device. This data is synced to the server when connectivity is restored and is not shared with any third party.

4. Third-Party Services

We use the following third-party services:

  • Google Maps Platform: Map rendering, route display, distance/ETA calculation, and geocoding. Location coordinates are sent to Google for these features. See Google's Privacy Policy.
  • Firebase Cloud Messaging: Delivers push notifications to your device. Your device push token is shared with Firebase. See Firebase Privacy.
  • Firebase Analytics: Collects anonymized app usage data (screen views, events) to help us improve the app. No personally identifiable information is shared with Firebase Analytics.
  • Expo Application Services: Used for app updates and push notification relay. See Expo's Privacy Policy.
  • Safaricom M-Pesa: Processes school fee payments. When you make a payment, your phone number and the payment amount are shared with Safaricom to complete the M-Pesa transaction. Your M-Pesa PIN is entered on Safaricom's prompt and is never shared with us. See Safaricom's Data Privacy Statement.
  • Sentry: Collects crash reports and performance diagnostics (error details, device model, OS and app version) so we can detect and fix problems. See Sentry's Privacy Policy.

We do not sell, rent, or share your personal data with advertisers or data brokers.

5. Data by Role

RoleData CollectedPurpose
ParentAccount info, device ID, push tokenView child location, receive alerts
Transport ManagerAccount info, device ID, push tokenManage routes/trips, view trip status
Teacher / Subject TeacherAccount info, class roster, device ID, push tokenAttendance visibility, class management
Tag AssignmentAccount info, NFC tag dataProvision NFC student ID tags
Vote ManagerAccount info, device IDSchool election management

6. Children's Privacy

Family Pocket is designed for use in schools and involves data about minors (students). Student records are created by the school, not by the children themselves. Student data is accessible only to their registered parents/guardians and assigned school staff.

We do not knowingly collect personal information directly from children under 13. All student data is managed by the school and the child's parent or guardian.

7. Data Retention

We retain your data for as long as your school maintains an active subscription with Family Pocket. Trip and attendance records are retained for the duration of the school's subscription for audit and safety purposes.

Offline data cached on your device (location buffers, NFC scan buffers) is automatically cleared after it is synced to the server. You can also clear local data by clearing the app's storage in your device settings.

8. Your Rights

  • Access: You can request a copy of the personal data we hold about you.
  • Correction: You can request correction of inaccurate data through your school administrator.
  • Deletion: You can request deletion of your account and associated data by contacting us. School-mandated records may be retained as required by the institution.
  • Withdraw consent: You can revoke location or notification permissions at any time through your device settings. This may limit app functionality.

9. Data Security Measures

  • All data in transit is encrypted via HTTPS/TLS and secure WebSocket (WSS).
  • Passwords are hashed using bcrypt. We never store plaintext passwords.
  • Authentication tokens are stored in platform-level encrypted storage (Keychain/Keystore).
  • Each school's data is isolated in a separate database (multi-tenant isolation).
  • SQL queries are parameterized to prevent injection attacks.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app or via email. The “Last updated” date at the top of this page reflects the most recent revision.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: