Data Policy

This Data Policy describes what Carakin stores, where it lives, and how to delete it. Read this before deleting a family.

What is stored

• Encrypted health entries (check-ins, metrics, medications, appointments, tasks). • Encrypted document files and profile photos. • Family metadata (names, roles, membership, invites). • Wrapped family encryption keys and optional recovery backups. • Push notification tokens for reminder delivery. • On-device caches (metric charts, family selection) that expire or clear on deletion.

What is not stored in readable form

Carakin does not store your family decryption key on our servers in plain text. Firebase operators and Carakin staff cannot read encrypted health payloads without a key from your device.

How to delete all family data

Only a family admin can delete a family. Go to Family settings → Danger zone → Start family deletion, then complete every step: 1. Review everything that will be removed. 2. Confirm you understand that all encrypted health data will be permanently deleted. 3. Type the exact family name. 4. Type DELETE to confirm. This removes Firestore family data, encrypted storage files, recovery wraps, invites, and join requests. Local encryption keys on your device are cleared.

After family deletion

Your OAuth sign-in account (Google, Apple, or Microsoft) is separate from family data. If you no longer want any Carakin account activity, sign out and delete your account with your identity provider, or contact support for account removal assistance.

Exports

Carakin does not yet offer a one-tap export of decrypted health history. Before deleting a family, ensure you no longer need the data. Deletion cannot be undone.

Crash and diagnostic data

When crash reporting is enabled, anonymized stack traces and app version metadata may be sent to Firebase Crashlytics to help fix bugs. These reports do not include decrypted health content.