🛡️ NameRoots is designed with privacy at its core. Your personal data is never sold, shared with advertisers, or used for any purpose outside of delivering the app's features.
Introduction
This privacy policy applies to the NameRoots mobile application ("App") developed by BRK Services ("we", "us", or "our"). NameRoots is a baby name discovery app that uses real-time partner sync, audio pronunciation, and curated name data. This policy explains what data we collect, why we collect it, and how it is protected.
Data We Collect
NameRoots collects only the minimum data necessary to deliver its core features:
- Account information: Your email address and name, provided when you create an account via Clerk authentication. This is used solely for login and to link you with your partner's session.
- Swipe data: Which names you swiped left or right. This is stored in Firebase Firestore and Firebase Realtime Database to enable the partner co-swiping and match detection features.
- Partner session data: A shared session identifier and invite code used to sync your swipes with your partner in real time.
- Your family's last name: Entered during onboarding and stored locally on your device, used only for audio pronunciation preview. This is never transmitted to our servers.
- Push notification tokens: A device token (FCM token) stored in Firestore, used solely to deliver match notifications when you and your partner both like the same name. You can revoke this permission in your device settings at any time.
- User-recorded audio: If you record your own pronunciation of a name, the audio clip is processed through OpenAI Whisper for phonetic transcription. Audio clips are not stored permanently and are deleted after transcription.
- Purchase records: If you purchase the partner co-swiping unlock, purchase validation is handled by RevenueCat and Apple's App Store. BRK Services does not store payment card information.
Data We Do Not Collect
- We do not collect location data
- We do not collect health or medical records
- We do not use advertising SDKs or ad tracking identifiers
- We do not sell or share your data with data brokers or advertisers
- We do not collect data from your contacts or address book
How We Use Your Data
- Account and authentication: To identify you and securely link your session with your partner.
- Swipe and match sync: To detect mutual matches between you and your partner in real time.
- Push notifications: To alert you when a match occurs. Notifications can be disabled in your device settings at any time.
- Pronunciation: To generate and cache phonetic audio previews of names paired with your last name.
Data Storage and Security
Your swipe data and session information are stored in Google Firebase (Firestore and Realtime Database), which is secured by Firebase Security Rules. Only authenticated users involved in a shared session can read or write session data. Firebase data is encrypted at rest and in transit.
Your last name is stored locally on your device using AsyncStorage and is never sent to our servers.
Third-Party Services
NameRoots uses the following third-party services, each with their own privacy policies:
- Clerk (clerk.com) — authentication and account management
- Google Firebase (firebase.google.com) — data storage and real-time sync
- OpenAI (openai.com) — audio transcription via Whisper API (for user-recorded pronunciations only)
- RevenueCat (revenuecat.com) — in-app purchase management
- Apple App Store — payment processing for the one-time purchase
NameRoots does not integrate with Facebook, Google Ads, or any advertising network.
Data Retention
Your account and session data are retained for as long as your account is active. You may delete your account at any time from the Settings screen in the app, which permanently removes your swipe history and session data from our servers. Locally stored data (such as your last name and swipe deck cache) is removed when you uninstall the app.
Children's Privacy
NameRoots is intended for expectant parents and adults. The App is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, please contact us and we will promptly delete it.
Your Rights
You have the right to:
- Access the personal data we hold about you
- Request deletion of your account and associated data
- Revoke push notification permissions in your device settings
- Contact us with any privacy-related questions or concerns
Changes to This Policy
We may update this privacy policy as the App evolves. Any material changes will be communicated via an in-app notice or updated effective date on this page.
Contact Us
If you have any questions about this privacy policy or wish to request deletion of your data, please contact us at:
BRK Services
Email: privacy@brk-services.com
Effective Date: June 29, 2026