Famodular

Famodular

Shopping Cart

đŸ›’

Your cart is empty

Add some items to get started!

Privacy Policy

Last updated: February 15, 2026

1. Introduction

Famodular ("we," "us," or "our") operates the Famodular platform (the "Service"), a modular community center platform for groups of any kind. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service.

By using Famodular, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password (stored as a bcrypt hash), phone number, and profile picture.
  • Group Information: Group names, descriptions, and member lists that you create or join.
  • Content: Calendar events, check-ins, goals, notes, tasks, and other content you create within the platform.
  • Financial Data: When you use the Finance module, we connect to your financial institutions through Plaid, Inc. to access account balances and transaction data. Plaid access tokens are encrypted at-rest using AES-256-GCM encryption.
  • Calendar Data: If you connect Apple Calendar, we store encrypted CalDAV credentials to enable sync.

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, and interactions with the Service.
  • Device Information: Browser type, IP address, and device identifiers.
  • Security Logs: Authentication events, MFA verification attempts, and access patterns for security monitoring.

2.3 Third-Party Data

  • Plaid: Financial account data including balances, transactions, and institution information. See Plaid's Privacy Policy.
  • Google Books API: Book metadata for the reading list feature.
  • TMDB: Movie and TV show metadata for the watching list feature.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Authenticate your identity and manage your account
  • Sync your calendar events with connected services
  • Display financial data from your connected accounts
  • Enable group features like check-ins, shared calendars, and collaborative tools
  • Send transactional emails (invitations, account notifications)
  • Monitor and prevent security threats
  • Comply with legal obligations

4. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in Transit: All data is transmitted over TLS 1.2 or higher (HTTPS).
  • Encryption at Rest: Sensitive data including financial access tokens and calendar credentials are encrypted using AES-256-GCM before database storage.
  • Password Security: Passwords are hashed using bcrypt with salt rounds.
  • Multi-Factor Authentication: Optional TOTP-based MFA is available for all user accounts.
  • Access Controls: Row-Level Security (RLS) policies ensure users can only access their own data.
  • Session Security: JWT-based sessions with httpOnly, secure cookies.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

  • Service Providers: Plaid (financial data), Supabase (database hosting), Cloudinary (image hosting), SendGrid (email), and Vercel (hosting).
  • Group Members: Information you explicitly share within groups (shared accounts, events, check-ins).
  • Legal Requirements: When required by law, court order, or governmental authority.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account Data: Retained until you delete your account.
  • Financial Data: Transaction data is retained for up to 24 months. Plaid connections can be removed at any time, which deletes associated tokens.
  • Security Logs: Retained for 90 days for security monitoring.
  • Deleted Content: Permanently deleted within 30 days of user-initiated deletion.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of your personal data.
  • Correction: Update or correct inaccurate data via your settings page.
  • Deletion: Request deletion of your account and associated data.
  • Portability: Request your data in a machine-readable format.
  • Withdraw Consent: Disconnect third-party services (Plaid, Apple Calendar) at any time.
  • Opt-Out: Disable location sharing, notifications, and specific modules.

To exercise these rights, contact us at gabrieljosevalerio1@gmail.com.

8. Children's Privacy

Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you learn that a child has provided us with personal information, please contact us so we can take appropriate action.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy, please contact us: