Duckie LogoDuckie

Privacy Policy for Duckie

Last Updated: August 16, 2025

Welcome to Duckie! This Privacy Policy explains how Maximus Labs, Inc. ("we," "us," or "our") collects, uses, shares, and protects information in relation to our mobile application Duckie (the "App"). Please read this policy carefully to understand our practices regarding your information and how we will treat it.

By downloading, accessing, or using the App, you agree to the terms of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, do not download, access, or use the App.

1. Information We Collect

We may collect and process the following types of information:

a. Information You Provide Directly:

  • Account Information: When you create an account, we collect your email address and a user identifier. You may also choose to provide other profile information.
  • Child Profile Information: To provide personalized recommendations and age-appropriate guidance, you may choose to provide information about your child(ren), including names, birth dates, and other relevant details you wish to share.
  • Product Information: While you can scan and search products without an account, features like saving "Favorites" or viewing "Scan History" require an account and will associate this information with your user ID.
  • AI Chat Conversations: When you use our AI chat feature (premium), we collect and store your questions, our AI's responses, and conversation history. This information is associated with your account to provide personalized assistance and to maintain conversation context.
  • Communications: If you contact us directly (e.g., for customer support), we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

b. Information Collected Automatically When You Use the App:

  • Barcode Scan Data: When you scan a product barcode using your device's camera, we collect the barcode information (UPC/EAN) to retrieve product details and safety scores. We require camera permission solely for this purpose.
  • Search Queries: We collect the search terms you use to find products within the App (e.g., product name, brand, or category).
  • AI Interaction Data: We collect information about your interactions with the AI chat feature, including frequency of use, types of questions asked (in aggregated form), and feature usage patterns to improve our AI services.
  • Usage Information: We collect information about your interaction with the App, such as features used, products viewed, time spent in the App, and interactions with content and advertisements (including paywalls).
  • Device Information: We may collect certain information automatically from your mobile device, including but not limited to, your device type, operating system version, unique device identifiers (e.g., IDFA for iOS, Android Advertising ID), IP address, mobile network information, and crash data.
  • Subscription Information: If you subscribe to premium features, our third-party payment processors (Apple App Store, Google Play Store) and subscription management services (RevenueCat, Superwall) will process your payment and subscription details. We receive confirmation of your subscription status (e.g. is_premium) but do not directly collect or store your full payment card information.

2. How We Use Your Information

We use the information we collect for various purposes, including:

  • To provide, operate, and maintain the App, including our AI chat feature.
  • To process your barcode scans and search queries to provide product safety information.
  • To provide personalized AI-powered parenting guidance and product recommendations based on your child's profile and conversation history.
  • To maintain conversation context and history for your AI chat sessions.
  • To personalize your experience, such as saving your favorite products and scan history (if you have an account).
  • To manage your account and provide customer support.
  • To process and manage your subscriptions to premium features.
  • To improve the App and AI services, including analyzing usage trends, improving AI response quality, A/B testing features (with services like Superwall), and developing new products and services.
  • To train and improve our AI models using aggregated and anonymized conversation data.
  • To communicate with you, including sending service-related notices, updates, security alerts, and promotional messages (where permitted by law and with your consent, if required).
  • To monitor and prevent fraud, and enforce our terms and policies.
  • For compliance purposes, including enforcing our legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: We share information with third-party vendors, consultants, and other service providers who perform services on our behalf. This includes:
    • Supabase: Our backend provider for database hosting, user authentication, and storage (including AI chat conversation history).
    • AI Service Providers: Third-party AI and machine learning service providers that help power our AI chat feature.
    • RevenueCat: To manage in-app subscriptions and entitlements.
    • Superwall: To display paywalls, conduct A/B testing, and provide analytics related to subscription offers.
    • Expo: Our development platform, which provides APIs for functionalities like barcode scanning.
  • Payment Processors: For processing payments for subscriptions, your information will be shared directly with Apple (for iOS App Store purchases) or Google (for Google Play Store purchases) and our subscription management provider, RevenueCat. These providers have their own privacy policies.
  • AI Training and Improvement: We may use aggregated, anonymized conversation data to train and improve our AI models. This data cannot be used to identify you personally.
  • Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend our rights or property, (iii) prevent or investigate possible wrongdoing in connection with the App, (iv) protect the personal safety of users of the App or the public, or (v) protect against legal liability.
  • Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction as permitted by law and/or contract.
  • With Your Consent: We may share your information for other purposes with your consent.

4. Data Storage and Security

We use Supabase as our primary backend and data storage provider. Supabase employs security measures to protect your data, including your AI chat conversations. We implement and maintain reasonable administrative, physical, and technical security safeguards to help protect your information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. For instance, we use Supabase Row Level Security (RLS) for user data and store sensitive tokens in Expo SecureStore on your device.

Your AI chat conversations are encrypted in transit and at rest. We take additional security measures to protect sensitive conversation data and ensure it cannot be accessed by unauthorized parties.

However, please be aware that no security measures are perfect or impenetrable, and we cannot guarantee the absolute security of your information.

5. Your Rights and Choices

Depending on your location and applicable law, you may have certain rights regarding your personal information:

  • Access and Update: You can access and update some of your account information directly within the App's settings (if available) or by contacting us.
  • AI Chat Data: You can request access to your AI chat conversation history or request deletion of specific conversations by contacting us.
  • Account Deletion: You can request to delete your account by contacting us. This will also delete your AI chat conversation history. Please note that some information may remain in our records after your account is deleted, as required or permitted by law.
  • Child Profile Data: You can update or delete your child's profile information at any time through the App settings or by contacting us.
  • Camera Permission: You can enable or disable camera access for barcode scanning at any time through your device settings. If you disable camera access, the barcode scanning feature will not function.
  • Push Notifications: If we send push notifications, you can opt-out by changing the notification settings on your device.
  • Marketing Communications: If we send marketing emails, you can opt-out by following the unsubscribe link in those emails.
  • Tracking Technologies: You may be able to set your browser or device to refuse certain tracking technologies. However, if you do, some parts of the App may become inaccessible or not function properly.

To exercise any of these rights, please contact us at hi@duckieapp.com. We will respond to your request within a reasonable timeframe and in accordance with applicable laws.

6. Third-Party Services and Links

The App may integrate with or contain links to other third-party websites and services that are not owned or controlled by us (e.g., RevenueCat, Superwall, Supabase, AI service providers). We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services before providing any information to them.

7. Children's Privacy

The Duckie app is intended for use by parents and adult caregivers to evaluate baby products and receive parenting guidance. It is not directed to children under the age of 13 (or a higher age threshold if applicable in certain jurisdictions, such as 16 in the EEA/UK). We do not knowingly collect personal information from children under 13.

While parents may provide information about their children (such as names and birth dates) to receive personalized recommendations, this information is provided by and controlled by the parent or guardian. If we become aware that a child under 13 has provided us with personal information directly, we will take steps to delete such information from our files. If you are a parent or guardian and believe that your child has provided us with information without your consent, please contact us at hi@duckieapp.com.

8. Data Retention

We will retain your personal information, including AI chat conversation history, for as long as your account is active or as needed to provide you with the App's services. We may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

AI conversation data may be retained to maintain your chat history and improve our services. You can request deletion of specific conversations or your entire chat history at any time. Anonymized or aggregated data may be retained indefinitely for analytics, AI training, and product improvement purposes.

9. International Data Transfers

Your information, including personal data and AI chat conversations, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal data, to the United States (or other regions where our service providers' servers are located) and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the new Privacy Policy on this page and updating the "Last Updated" date. In some cases, we may provide additional notice (such as by adding a statement to our homepage or sending you a notification). You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the App after any modification to this Privacy Policy will constitute your acceptance of such modification.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at: hi@duckieapp.com or visit our website at: www.duckieapp.com.