Orinn Get notified

Legal

Privacy Policy

Effective May 2026 · Last updated May 2026

Orinn is a family location app. This policy explains what data we collect from parents and children, how we use it, who else processes it on our behalf, and the choices you have. We don't sell data. We don't show ads. We don't combine your family's data with information from other apps or websites.

1. Plain-English summary

Orinn is built so a parent can see where their kids are, set up safe places, and step in if something goes wrong. To do that, the child's device shares their location and a few related signals with the parent's device through our servers. We hold the bare minimum needed for the app to work; we don't share or sell that data with anyone; and we delete it on request, or automatically after the retention windows below.

2. Who we are

"Orinn" is operated by Locator Family360 LLP, the data controller for this app. References to "we," "us," or "our" in this policy mean Locator Family360 LLP. You can reach our privacy team at privacy@orinn.app.

3. What we collect

We collect different data from parents and children, because they use the app differently.

3.1 From the parent

  • Account identity. When you sign in with Apple, we receive your Apple-issued user ID, your name (only if you choose to share it during sign-in), and an email address. If you select Apple's "Hide My Email" option, the email is a private relay address that forwards to your real inbox; we never see your underlying email in that case.
  • Family configuration. The children you add, the names you give them, the places ("Spots") you save, and your notification preferences.
  • Device identifiers for push. Your Apple Push Notification (APNs) token and Firebase Cloud Messaging (FCM) registration token. These let us deliver alerts to your specific device. We never share them with anyone outside our service providers.
  • Diagnostic data. Anonymized crash reports and usage events (for example: "Alerts tab opened"). We deliberately disable Firebase's ad-related data collection at the SDK level (adStorage, adUserData, and adPersonalization are all denied), so this data is not used to build advertising profiles.

3.2 From the child

  • Precise location. Latitude, longitude, accuracy, speed, and timestamp. The child app reports these while the device is in motion (roughly every 30 seconds) and on significant location changes when still.
  • Display name and avatar. Whatever the parent (or, optionally, the child themselves) configures.
  • Battery level. Sampled along with location, so we can alert the parent before the device runs out of power.
  • Motion activity classification. Apple's CoreMotion framework reports whether the device is stationary, walking, in a vehicle, etc. We use this to detect when a trip starts or ends; we don't store the raw classification stream long-term.
  • Device identifiers for push. Same kind of APNs / FCM tokens as the parent.
  • Diagnostic data. Same anonymized crash and usage events, with the same ad-tracking controls disabled.

3.3 What we don't collect

  • We don't access the device's microphone, camera (other than the photo a parent chooses to upload as a child's avatar), or any media library.
  • We don't read messages, contacts, calendars, photos beyond the avatar, or call history.
  • We don't look at the apps your child uses unless you've explicitly enabled Orinn's Screen Time controls — and even then, we receive only the app categories you select, never specific app activity or content.
  • We don't fingerprint your device or track you across apps and websites. We do not show the App Tracking Transparency prompt because we don't perform any tracking that would require it.

4. Children's privacy

Orinn is intentionally usable by children. We take the United States Children's Online Privacy Protection Act (COPPA) and equivalent international frameworks seriously.

4.1 Parental consent

A parent or legal guardian creates the family in Orinn, generates a pairing code, and installs the child app on the child's device. By doing this, the parent affirms that they are the parent or legal guardian of each child being added and consents on the child's behalf to the data collection described in section 3. If you are not the parent or legal guardian of a child, do not pair that child's device.

4.2 What we collect from children

We only collect what is necessary for the location-sharing service to work — see section 3.2. We do not enable behavioral advertising, profile building, or any feature that would expose a child to outside parties.

4.3 Parental review and deletion

A parent can at any time:

  • See every piece of information we have about their child in the app itself — there is no hidden data.
  • Remove a specific child from the family in Settings → Manage kids → Remove. This permanently deletes the child's data within 30 days.
  • Delete the entire family account in Settings → Privacy → Delete my account. Same 30-day deletion.
  • Request a data export by emailing privacy@orinn.app.

4.4 No third-party advertising or analytics targeting children

We do not allow third parties to collect personal information from children through our service. The diagnostic data we collect through Firebase (described in section 3) is configured with ad-related signals disabled at the SDK level for all users, including children.

5. How we use the data

The data described in section 3 is used only for the following purposes:

  • Running the service. Showing the child's location on the parent's map, triggering geofence alerts, delivering SOS pushes, computing the weekly recap.
  • Reliability and abuse prevention. Detecting crashes, anomalous usage, and abuse attempts on our infrastructure.
  • Communications you've opted into. Push notifications about events in your family, weekly recap emails (on the Plus tier), and lifecycle emails such as the welcome message after sign-up.

We do not use your family's data for advertising, profile building, or sale to third parties. We do not train machine learning models on your family's data.

6. Service providers

We operate Orinn on Google Cloud infrastructure. The following service providers process data on our behalf, under contracts that restrict their use of that data to providing the service to us:

ProviderWhat they processWhy
Google (Firebase Auth, Firestore, Realtime Database, Cloud Storage, Cloud Functions, Cloud Messaging)Account identity, family configuration, location history, push tokensStoring and synchronizing your family's data across devices
Google (Firebase Crashlytics, Firebase Analytics)Anonymized crash reports and usage eventsDiagnosing crashes and product improvement; ad-related collection explicitly disabled
Google (Maps SDK for iOS)Coordinates submitted for reverse geocodingTranslating a latitude/longitude into a street-level address for the map and history
Apple (Push Notification service)Push tokens and notification payloadsDelivering alerts to your device
ResendParent email addresses, weekly recap contentSending lifecycle and recap emails (Plus tier)

We do not work with advertising networks, data brokers, or analytics companies that operate outside the service-provider role.

7. How long we keep data

  • Live location pings: ephemeral. The most recent point overwrites the previous one.
  • Detailed location history (raw points): 30 days.
  • Compressed history (the route lines you see in the History tab): 365 days.
  • Trips and stays (the timeline rows): 365 days.
  • Alerts (geofence, SOS, battery, trip, etc.): 30 days.
  • Account identity and family configuration: kept while your account exists. Deleted within 30 days of account deletion.

8. Your rights and choices

Subject to applicable law, you may have rights to access, correct, delete, port, or restrict the processing of your personal information. To exercise any of these rights, email privacy@orinn.app from the address on your account.

You can also:

  • Pause location sharing at any time by removing the child app or signing the child out.
  • Delete an individual child's data at Settings → Manage kids → Remove.
  • Delete your entire account and all family data at Settings → Privacy → Delete my account.
  • Mute weekly recap emails at Settings → Manage kids → [child] → Weekly recap.

9. Security

Family data is accessible only to authenticated members of that family. Every read and write to our backend passes through Firebase Authentication checks plus Firestore Security Rules that scope data to the user's family. All data in transit is encrypted with TLS. We do not log raw location data outside the structured database.

No internet-connected service can guarantee perfect security. If we ever experience a personal-data breach that materially affects you, we will notify you promptly as required by applicable law.

10. International data transfers

Our infrastructure is hosted in the United States on Google Cloud. If you use Orinn from outside the United States — including from the European Economic Area, the United Kingdom, or India — your data is transferred to and processed in the United States. We rely on Google's standard contractual safeguards for these transfers.

11. Changes to this policy

We may update this policy from time to time. If we make a material change, we will notify you in the app or by email at least 14 days before the change takes effect. The "Effective" date at the top of this page always reflects the current version. Older versions are available on request.

12. Contact us

For privacy questions, data requests, or to report a concern: privacy@orinn.app.
For general support: hello@orinn.app.

← Back to home  ·  Terms of Service