Security Overview

Last updated: May 9, 2026

We take security seriously. Here is a short overview of how we protect your account and data.

What we do

• Encryption in transit. All communication between the BabyLog apps and our servers is encrypted.
• Encryption at rest. Databases and stored files are encrypted by our infrastructure providers.
• Limited access. Only a small number of authorized personnel can access production systems, and access is logged.
• Authentication. Sign-in uses one-time codes or trusted third-party identity providers. We never receive your password.
• Ongoing maintenance. We review and update our software and dependencies regularly.
• Incident response. If we detect a security incident affecting your data, we will investigate, contain it, and notify affected users in line with applicable law.

Reporting a security issue

If you believe you have found a security vulnerability, email support@babylog.ai with a description, the impact, and steps to reproduce. Please do not publicly disclose the issue until we have had a reasonable opportunity to address it. We aim to acknowledge reports within 3 business days.

What you can do

• Use a unique, strong password for the email account or third-party identity provider you use to sign in.
• Sign out of devices you no longer use.
• Be careful about who you invite to your family — they can see and add records about your child.