Compliance
COPPA (Children's Online Privacy Protection Act)
As the self-hosted operator:
- You are the data controller
- Understand COPPA requirements if applicable to your jurisdiction
- The app stores health data of minors - handle accordingly
- No data is sent to third parties by the application
GDPR (General Data Protection Regulation)
Data subject rights:
- Right to access: Export functionality (planned)
- Right to erasure: Delete accounts and associated data
- Right to portability: Export in machine-readable format (planned)
- Data minimization: Only collect necessary data
Your Responsibilities
As the self-hosted operator, you are responsible for:
- ✅ Complying with applicable laws in your jurisdiction
- ✅ Securing the infrastructure (server, network, backups)
- ✅ Managing user access and permissions
- ✅ Handling data breaches appropriately
- ✅ Maintaining secure backups
- ✅ Implementing your own privacy policy if sharing access