Privacy Policy

Nestly ("we", "us", "our") is a child support system operated by Nestly Ltd, based in the United Kingdom. Our platform is accessible at mynestly.org. We are committed to protecting the privacy of every user, and especially the privacy of children and families who rely on our service.

If you have any questions about this policy, please contact us at [email protected].

We collect information you provide directly when you create an account or use our platform:

Account information: your name and email address, provided via our authentication provider.
Family profile data: family name, optional bio, and location — entered voluntarily.
Activity and milestone records: titles, descriptions, categories, dates, and notes you create within the platform.
Waitlist and contact submissions: email addresses submitted via our early access form, and name/email/message submitted via our contact form.
Usage data: standard server logs including IP address, browser type, and pages visited, retained for security and performance purposes.

We do not collect sensitive personal data such as health records, financial information, or government identifiers.

We use the information we collect to:

Provide, operate, and improve the Nestly platform.
Authenticate your identity and maintain your session securely.
Store and display the family profiles, activities, and milestones you create.
Respond to enquiries submitted via the contact form.
Notify you about product updates and early access availability (waitlist only — you may unsubscribe at any time).
Detect and prevent fraud, abuse, or security incidents.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

We process your personal data on the following legal bases:

Contract performance: processing necessary to provide the service you have signed up for.
Legitimate interests: security monitoring, fraud prevention, and platform improvement, where these do not override your rights.
Consent: where you have explicitly opted in, such as joining the early access waitlist.

You may withdraw consent at any time by contacting us at [email protected].

Who this app is designed for

Nestly is designed exclusively for use by adults — specifically parents, legal guardians, and authorised carers aged 18 and over. The app is not directed at children, and children should not create accounts or use the platform directly.

Age rating declaration (App Store / Google Play)

Nestly is rated 4+ (Apple App Store) and rated for Everyone (Google Play). This rating reflects the fact that the app is operated by parents on behalf of their children. No content within the app is generated by or directed at children.

COPPA (Children's Online Privacy Protection Act — USA)

Nestly does not knowingly collect personal information directly from children under the age of 13. All data relating to children — including milestones, activities, and child profiles — is entered by the parent or carer account holder. If we become aware that a child under 13 has submitted personal information directly, we will delete it immediately. If you believe this has occurred, contact us at [email protected].

GDPR-K (Children's Data — UK & EU)

Under UK GDPR and EU GDPR, children under 13 (UK) or 16 (EU, unless a member state sets a lower age) require parental consent for data processing. Nestly does not collect data directly from children. All child-related records are created and controlled by the verified adult account holder. We do not use child-related data for profiling, advertising, or any purpose beyond providing the service to the account holder.

If you believe a child has submitted personal data to us directly without parental consent, please contact us immediately at [email protected] and we will delete it promptly.

We retain your personal data for as long as your account is active or as needed to provide the service. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

Waitlist email addresses are retained until the product launches or until you request removal. Contact form submissions are retained for up to 12 months.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include encrypted connections (HTTPS), secure session management, and access controls.

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Under UK GDPR, you have the right to:

Access the personal data we hold about you.
Rectify inaccurate or incomplete data.
Erase your data ("right to be forgotten") in certain circumstances.
Restrict processing of your data.
Data portability — receive your data in a structured, machine-readable format.
Object to processing based on legitimate interests.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Nestly uses a single session cookie to keep you logged in. This cookie is strictly necessary for the service to function and does not track you across other websites. We do not use advertising cookies or third-party tracking cookies.

We use the following third-party services to operate Nestly:

Authentication provider: Manus OAuth, for secure sign-in.
Database and hosting: cloud infrastructure providers operating under appropriate data processing agreements.
Content delivery: a CDN provider for serving static assets such as our logo.

These providers process data only as necessary to provide their services and are bound by contractual obligations to protect your data.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will notify registered users by email. Your continued use of Nestly after changes are posted constitutes your acceptance of the updated policy.

If you grant permission, Nestly may send push notifications to your device to remind you of upcoming appointments, scheduled activities, and developmental milestones. These notifications are delivered via Apple Push Notification service (APNs) on iOS and Firebase Cloud Messaging (FCM) on Android.

Your device token is stored securely and associated with your account. It is used solely to deliver notifications relevant to your Nestly account and is never shared with third parties for marketing purposes.

You can manage notification preferences at any time from within the Nestly app under Settings → Notifications, or by disabling notifications for Nestly in your device settings. Withdrawing permission does not affect your ability to use any other feature of the app.

If you have any questions, concerns, or requests relating to this Privacy Policy, please contact us:

Nestly Ltd
Email: [email protected]
Website: mynestly.org