Privacy Policy

Effective date: March 31, 2026 (updated from March 5, 2026)

Summary of update: Added free trial status and eligibility to Section 3D (billing data). Previous update added share link view logging (Phase 11).

1. Who We Are and How to Contact Us

SitterSheet ("SitterSheet," "we," "us," "our") provides a care-sheet and caregiver coordination service that helps users create and share care instructions, schedules, and related information for pets, children, and adults/elderly (the "Service").

If you have questions about privacy or want to exercise your rights, contact us at:

support@sittersheet.com

2. Scope and Definitions

Scope

This Privacy Policy applies to personal information we collect and process through:

  • www.sittersheet.com and related web pages (the "Site")
  • the SitterSheet web application and related services (the "App")
  • public share links you create (a "Share Link")

Definitions

  • "User" means the person who creates an account and uses the Service.
  • "Care Recipient" means a person or pet for whom a User creates a profile, schedule, care sheet, or related records.
  • "Caregiver" means a person whose information is added to the Service by a User, including people invited or referenced for care coordination.

Important note about third-party information

The Service allows Users to enter information about other individuals (for example, a child, an elderly adult, an emergency contact, or a caregiver). If you provide information about someone else, you represent that you have the authority and necessary permissions to provide that information and to allow us to process it as described in this Privacy Policy.

3. Data We Collect

We collect the following categories of personal information.

A) Account and profile information

  • Email address and authentication information (through our authentication provider).
  • Profile details you provide, such as your display name and profile photo.
  • Account settings and preferences.

B) Care Recipient information (User-provided)

Depending on how you use the Service, Care Recipient data may include:

  • Profile details (for example, name and category such as child, adult, or pet).
  • Care instructions, routines, schedules, and notes.
  • Health-related information you choose to store (for example, medications, allergies, restrictions, mobility notes, and other care details).
  • Location information you provide (for example, a care location name and address).
  • Photos you upload.

C) Caregiver and contact information (User-provided)

  • Caregiver details you add (for example, name, email address, phone number, notes, and photo).
  • Emergency contact details and medical provider details you add (for example, names, relationship, phone, email, clinic name, address, and notes).

D) Schedules, tasks, and logs

  • Schedule items, tasks, and instructions you create.
  • Session records and completion information you record, which may include notes.

E) Subscription information

If you subscribe to a paid plan, we collect and store subscription-related metadata, such as:

  • Plan tier and subscription status
  • Free trial status and eligibility (whether your account has used a free trial)
  • Payment processor customer ID and subscription ID

We do not store your credit card number. Card and payment details are handled by our payment processor.

F) Technical and usage information

We and our service providers may collect:

  • IP address and device/browser information (for example, browser type, operating system, and timestamps).
  • Basic logs of how the Service is accessed and used, primarily for security, reliability, and performance.

F2) Share link view logs (Premium feature)

If you enable “Log link views” on a care recipient profile, we record the following each time your share link is opened:

  • Date and time of the view
  • Browser family (e.g., “Chrome”, “Safari”) — the full user agent string is never stored
  • A one-way SHA-256 hash of the visitor’s IP address — the raw IP address is never stored or retained

This data is visible only to the account holder who enabled logging. It is not sold, shared with third parties, or used for advertising. You can disable logging at any time from the recipient’s Settings tab.

G) Anti-bot and security signals

When you sign up or log in, we use an anti-bot service that evaluates signals (for example, IP address and browser/device characteristics) to help detect abuse and protect the Service.

H) Communications

If you contact us, we collect the content of your message and related contact information.

4. How We Use Data

We use personal information for these purposes:

  • Provide and operate the Service (including creating accounts, storing and displaying care information you choose to enter, and delivering features you request).
  • Enable sharing features you control (including Share Links and caregiver coordination).
  • Prevent fraud and abuse, protect accounts, and maintain Service security.
  • Process subscriptions, manage billing status, and provide customer support.
  • Debug, maintain, and improve the Service.
  • Comply with law and enforce our Terms of Service.

5. Legal Bases (EEA/UK) and Sensitive Data

This section applies if you are in the European Economic Area (EEA), the United Kingdom, or another region that requires a legal basis for processing.

A) Legal bases

We process personal information under one or more of the following bases:

  • Contract: processing is necessary to provide the Service and fulfill our agreement with you.
  • Legitimate interests: processing is necessary for security, fraud prevention, service improvement, and reliability, except where your interests or fundamental rights override those interests.
  • Consent: processing is based on your consent where required (for example, if we introduce non-essential cookies, or where explicit consent is required for certain sensitive data).
  • Legal obligation: processing is necessary to comply with legal requirements.

B) Sensitive data and your explicit choice to store it

The Service is designed so that you can store information that may be considered sensitive in some jurisdictions, including health-related information (for example medications and allergies).

By choosing to enter sensitive information into the Service, you are explicitly requesting that we process it to provide the features you request and to make it available to you and to people you authorize (for example, through a Share Link you enable).

You can remove sensitive information at any time by deleting or editing it in the Service.

6. How Sharing Works (Share Links)

A Share Link allows access to a care profile or schedule for anyone who has the link while sharing is enabled.

Key points

  • A Share Link is meant to be hard to guess, but it is still a link. Treat it like a password.
  • Anyone who receives the link can potentially forward it.
  • We take steps intended to reduce indexing and caching of Share Link pages, but no technical control can eliminate the risk of onward sharing, screenshots, or copying by recipients.

Your controls

  • You can disable sharing or regenerate a Share Link from within the Service. Doing so is intended to deactivate a previously shared link.

Your responsibility

You are responsible for deciding what to share and with whom. Do not post Share Links publicly if the shared page contains personal information.

7. Disclosures, Third Parties, and No Sale/No Sharing for Advertising

A) We do not sell personal information

We do not sell personal information for money.

B) We do not share personal information for cross-context behavioral advertising

We do not share personal information with third parties for cross-context behavioral advertising (also called targeted advertising) and we do not disclose personal information to third parties for their own independent marketing purposes.

C) Service providers (processors)

To operate the Service, we use service providers that process information on our behalf and under our instructions, such as:

  • Supabase (authentication, database, and storage)
  • Stripe (subscription payments)
  • Cloudflare Turnstile (bot detection)

These providers use your information to provide services to us, not for their own unrelated purposes (subject to their terms).

D) People you authorize

We disclose information when you choose to share it, including:

  • when you create and distribute a Share Link
  • when you enter caregiver details and use coordination features

E) Legal, safety, and enforcement

We may disclose information if we believe disclosure is reasonably necessary to:

  • comply with law or legal process
  • protect the rights, property, and safety of SitterSheet, our users, or others
  • investigate or enforce our Terms of Service
  • prevent fraud or address security issues

F) Business transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be disclosed as part of that transaction, subject to appropriate confidentiality protections.

8. Cookies, Session Storage, and Anti-Bot

A) Authentication and essential cookies

We use cookies or similar technologies that are necessary to keep you signed in and to provide core Service functionality.

B) Anti-bot

We use Cloudflare Turnstile on signup and login to help prevent automated abuse. Turnstile may process technical information and security signals to evaluate whether a request is likely legitimate.

C) No targeted advertising tracking

We do not use personal information for targeted advertising, and we do not use the Service to deliver cross-context behavioral advertising based on your activity across other companies' websites.

D) Font delivery (self-hosted)

The Service uses the Plus Jakarta Sans typeface, which is licensed under the SIL Open Font License. All font files are hosted on our own servers and served directly from our infrastructure. No requests are made to Google Fonts or any other external font delivery network when you use the Service. Your IP address and browsing data are not transmitted to any third party for font loading purposes.

9. Data Retention

We keep personal information only as long as reasonably necessary for the purposes described in this Privacy Policy.

A) Data you store in the Service

We retain the information you store in the Service (including care profiles and schedules) for as long as you keep your account and do not delete that content.

B) Deletion

You can delete content in the Service. You can also delete your account through the in-app account deletion flow if available. When you delete your account, we delete or de-identify your Service data within a commercially reasonable period, subject to limited retention described below.

C) Limited analytics and operational logs (maximum 90 days)

We retain only limited analytics and operational fields for up to 90 days. These are intended not to include the sensitive care content you enter (for example, they may include timestamps, feature usage counts, and similar operational metrics).

D) Backups (maximum 90 days)

Backups and related system recovery copies are retained for up to 90 days. After a backup cycle expires, the backup copy is deleted or overwritten.

10. Data Exports and Downloads

Certain subscription tiers (currently Business and Enterprise organization plans) allow authorized account holders to export data from their workspace as downloadable files (for example, spreadsheet exports of session records). This section governs how such exports work and your responsibilities when you use them.

A) What exports contain

A data export may include personal information about the individuals in your workspace, including but not limited to:

  • Names and identifiers of Care Recipients and Caregivers
  • Session records including dates, durations, service types, and caregiver-written notes
  • Other information you or your team entered into the Service

Exported data may constitute sensitive personal data under applicable law, including health-related information, depending on what your team has recorded.

B) Your role as data controller for exported data

When you download a data export, SitterSheet's role as a data processor with respect to that copy of the data ends at the point of download. You become the sole data controller responsible for the exported file and all personal information it contains. From that point, your obligations under applicable privacy law (including but not limited to GDPR, CCPA/CPRA, and similar state and national laws) attach to you directly with respect to the exported copy.

C) Required acknowledgment before download

To download a data export, you must affirmatively acknowledge, at the time of each download, that:

  • You understand the export may contain sensitive personal information about individuals in your care.
  • You will handle, store, and use the exported file securely, consistent with applicable law and this Privacy Policy.
  • You will delete the file when it is no longer needed for its intended purpose.

This acknowledgment constitutes your explicit, informed consent under applicable law to receive and process the exported data in the manner described, and is a condition of the export feature.

D) Permitted use of exported data

You may use an exported file only for internal care coordination and management purposes directly related to your use of the Service. You may not:

  • Share the export with unauthorized third parties or use it for purposes unrelated to direct care services
  • Use the exported data to build a competing product or service
  • Re-upload or integrate the data into any third-party system without ensuring that system meets equivalent privacy and security standards and that you have authority to transfer the data
  • Use the data in any way that violates applicable privacy law or the rights of the individuals whose information is included

E) Security obligations for exported files

You are responsible for applying appropriate technical and organizational security measures to any exported file. At a minimum, we recommend:

  • Encrypting or password-protecting files containing sensitive personal information before storing or transmitting them
  • Limiting access to the exported file to individuals with a legitimate need
  • Deleting the file securely when it is no longer needed

F) Audit and access logs

SitterSheet may record that a data export was initiated (including a timestamp and the account that initiated it) for security and compliance purposes. This log does not include the content of the exported file.

G) No SitterSheet liability for exported data

SitterSheet's privacy obligations and liability with respect to personal data end when data is downloaded. SitterSheet is not responsible for how you handle, store, transmit, or use the exported file after download. You indemnify SitterSheet for any claims arising from your mishandling of exported data. See Section 13 of our Terms of Service.

10B. Share Link View Logging

Premium household users may enable “Log link views” on individual care recipient profiles. This feature passively records when a share link is opened, to give account holders an audit trail of caregiver access.

What is logged

  • Timestamp of the view
  • Browser family only (e.g., Chrome, Safari) — full user agent string is discarded immediately
  • A one-way SHA-256 hash of the visitor IP address — the raw IP is never written to any database

Visitor notice

A notice is displayed in the footer of every share page that has logging enabled: “This link owner may be notified when this page is viewed.” Visitors can prevent logging by accessing the link through a privacy-preserving browser or VPN, which will result in a different IP hash and may bypass the per-IP rate limit.

Retention and deletion

View logs are retained for as long as the care recipient profile exists. When a care recipient is deleted, all associated view logs are permanently deleted via cascade. You can disable logging at any time without deleting existing log entries, or delete the care recipient to remove all associated logs.

Rate limiting

To prevent log inflation, a maximum of one view is recorded per IP hash per share link per hour.

11. Security Safeguards

We implement technical and organizational measures designed to protect personal information.

Confirmed technical safeguards in the current implementation include:

  • Bot protection on login/signup using Cloudflare Turnstile with server-side verification.
  • Authenticated-route gating using middleware and server-side session handling.
  • Share Link protections intended to reduce indexing and caching of shared pages (noindex signals, no-store behavior, and restrictive headers).
  • Tokenized share links designed to be hard to guess, with user controls to disable or rotate a link.
  • Stripe webhook signature verification before processing billing events.

Organizational measures

We also use organizational safeguards appropriate to our size and operations, such as access controls and least-privilege practices. We do not claim compliance with a particular certification or standard unless explicitly stated.

No system can be guaranteed 100 percent secure. You are responsible for maintaining the confidentiality of your account credentials and controlling how you share care information.

12. International Transfers

We may process and store information in countries other than where you live, depending on where we and our service providers operate.

If you are in the EEA/UK/Switzerland, when a transfer outside your region requires a legal mechanism, we use an appropriate transfer mechanism such as Standard Contractual Clauses (SCCs), where applicable.

13. Your Rights and Choices (By Region)

A) EEA/UK (GDPR)

Subject to applicable law, you may have the right to:

  • access your personal data
  • correct inaccurate or incomplete data
  • delete your data
  • restrict processing
  • object to processing
  • data portability
  • withdraw consent where processing is based on consent
  • lodge a complaint with a supervisory authority

B) United States (state privacy laws)

Depending on your state and whether a state privacy law applies to us, you may have rights to:

  • access or confirm processing
  • delete
  • correct
  • obtain a portable copy of certain data
  • opt out of certain processing (for example targeted advertising, sale, or certain profiling) where applicable

Important note

We do not sell personal information and we do not share personal information for cross-context behavioral advertising. If a right is framed as an opt-out of sale or targeted advertising, in many cases there will be nothing to opt out of.

C) Canada

Subject to applicable law, you may have rights to:

  • access information about our processing
  • request corrections
  • withdraw consent (subject to legal or contractual restrictions and reasonable notice)
  • challenge our compliance and file a complaint with the appropriate privacy regulator

How to submit a request (all regions)

Email support@sittersheet.com with the subject line "Privacy Rights Request."

To protect privacy, we may need to verify your identity and, where relevant, your authority to act (especially when data relates to a Care Recipient or Caregiver).

14. Children and Minors

The Service is not directed to children and is intended for adult Users only. We do not knowingly collect personal information from children for the purpose of account registration.

  • You must be at least 18 years old (or the age of majority in your jurisdiction) to create an account. During registration, you are required to confirm that you meet this age requirement.
  • Users may store information about minors (for example, a child's care schedule, medical information, or dietary needs). If you store information about a minor, you represent that you are the parent, legal guardian, or otherwise have legal authority and appropriate permission to provide that information and to authorize us to process it.
  • We do not use information stored about minors for marketing, advertising, or any purpose unrelated to the care coordination functions of the Service.

If we learn that we have collected personal information directly from a child under 13 (under the U.S. Children's Online Privacy Protection Act), under 16 (under the EU General Data Protection Regulation, or lower where a member state has set a lower threshold), or under any applicable age threshold in another jurisdiction, we will take appropriate steps to delete the information and terminate the associated account.

If you believe that a child has created an account or provided personal information through the Service without appropriate parental or guardian consent, please contact us at support@sittersheet.com so we can investigate and take appropriate action.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will update the Effective date above. If changes are material, we will provide additional notice as required by law.

16. Contact

For privacy questions, complaints, or requests, contact:

support@sittersheet.com