Section 1
Product Positioning
Mom's Bloom is:
- An adult-only pregnancy wellness and support service.
- Built to provide educational, reflective, and organizational support.
- Not a medical device.
- Not a substitute for professional medical advice, diagnosis, treatment, or emergency care.
Section 2
Sensitive Data Posture
The service may process:
- Pregnancy profile details such as due date, trimester, and pregnancy week.
- Wellness and symptom logs.
- Appointments, kick counts, contractions, and similar tracking records.
- Chat content and AI-derived summaries or memory artifacts.
- Belly photos and related metadata.
- Partner-support signals where optional sharing features are enabled.
Section 3
What We Can Say and Cannot Claim
As of this version of the public-parity pack:
- We do not sell personal or health data.
- We do not use health data for targeted advertising.
- We do not use the app for cross-app tracking.
- The no-sale, no-targeted-advertising, and no-cross-app-tracking posture remains subject to final Firebase Analytics, ATT, SDK, provider-console, store-console, and counsel verification before production launch.
- We do not claim ISO 27001, ISO 27701, SOC 2, or similar certification on this page unless those claims are later independently completed and approved.
Section 4
Core Privacy Controls
Current privacy controls include:
Privacy and user-choice controls
- Versioned legal consent capture for Terms and Privacy.
- Separate health-data consent support for certain personalized features.
- In-app account deletion flow.
- In-app JSON export for major profile and journal data categories.
- Private chat mode in supported chat flows.
- Partner-sharing controls that are narrower than blanket account sharing.
- Public legal/support pages intended for stable store-facing URLs.
Section 5
Core Security Controls
Current security controls include:
Security and integrity controls
- Supabase-backed authentication and server-side data controls.
- Firebase App Check for app-integrity and abuse mitigation.
- Crash-log sanitization intended to reduce leakage of sensitive content into diagnostics.
- Backend deletion logic that removes belly-photo storage objects before account deletion completes.
- Consent-archive logic to preserve legal-evidence records where required.
Section 6
AI and Safety Controls
Mom's Bloom uses AI to provide support and continuity features. Current AI and safety boundaries include:
AI and safety boundaries
- Safety rules instructing AI not to diagnose or treat emergencies.
- Red-flag escalation logic for urgent pregnancy and mental-health scenarios.
- A product-wide medical disclaimer stating the app is not a substitute for medical advice.
Section 7
Processors and Infrastructure
Current known service categories include:
Supabase
Auth, database, storage, and edge functions.
Google Cloud Vertex AI
AI generation.
Firebase services
App integrity, notifications, crash reporting, and first-party analytics.
RevenueCat
Subscription operations.
Apple App Store and Google Play
Store billing and subscription management.
Section 8
Data Rights and User Controls
Current product or operational controls include:
- Account deletion.
- Data export.
- Notification settings.
- Some partner-sharing controls.
- Request-based privacy support through momsbloom@jssailabs.com.
Section 9
Evidence Status
This page is designed to summarize public privacy and security posture without overstating external assurance.
Follow-on work outside this page includes:
- External legal review.
- External security testing or pentesting.
- Certification programs such as ISO 27001 or ISO 27701 if later pursued.
- Final operational verification in live vendor consoles and deployed infrastructure.
Section 10
Contact
For privacy, trust, or security questions, contact: